178 lines
5.9 KiB
Diff
178 lines
5.9 KiB
Diff
|
From c3bd75c75255c993fb1ec61c590a23ac31169744 Mon Sep 17 00:00:00 2001
|
||
|
From: Johan Thomsen <jth@dbc.dk>
|
||
|
Date: Wed, 21 Apr 2021 10:02:36 +0200
|
||
|
Subject: [PATCH 1/2] ceph: 15.2.10 -> 16.2.1
|
||
|
|
||
|
---
|
||
|
pkgs/tools/filesystems/ceph/default.nix | 23 +++++++++++++++++++----
|
||
|
pkgs/top-level/all-packages.nix | 3 ++-
|
||
|
2 files changed, 21 insertions(+), 5 deletions(-)
|
||
|
|
||
|
diff --git a/pkgs/tools/filesystems/ceph/default.nix b/pkgs/tools/filesystems/ceph/default.nix
|
||
|
index e923bb6132ecd..d13d4915e1eb3 100644
|
||
|
--- a/pkgs/tools/filesystems/ceph/default.nix
|
||
|
+++ b/pkgs/tools/filesystems/ceph/default.nix
|
||
|
@@ -1,5 +1,4 @@
|
||
|
{ lib, stdenv, runCommand, fetchurl
|
||
|
-, fetchpatch
|
||
|
, ensureNewerSourcesHook
|
||
|
, cmake, pkg-config
|
||
|
, which, git
|
||
|
@@ -14,6 +13,15 @@
|
||
|
, libnl, libcap_ng
|
||
|
, rdkafka
|
||
|
, nixosTests
|
||
|
+, cryptsetup
|
||
|
+, sqlite
|
||
|
+, lua
|
||
|
+, icu
|
||
|
+, bzip2
|
||
|
+, doxygen
|
||
|
+, graphviz
|
||
|
+, fmt
|
||
|
+, python3
|
||
|
|
||
|
# Optional Dependencies
|
||
|
, yasm ? null, fcgi ? null, expat ? null
|
||
|
@@ -123,10 +131,10 @@ let
|
||
|
]);
|
||
|
sitePackages = ceph-python-env.python.sitePackages;
|
||
|
|
||
|
- version = "15.2.10";
|
||
|
+ version = "16.2.1";
|
||
|
src = fetchurl {
|
||
|
url = "http://download.ceph.com/tarballs/ceph-${version}.tar.gz";
|
||
|
- sha256 = "1xfijynfb56gydpwh6h4q781xymwxih6nx26idnkcjqih48nsn01";
|
||
|
+ sha256 = "1qqvfhnc94vfrq1ddizf6habjlcp77abry4v18zlq6rnhwr99zrh";
|
||
|
};
|
||
|
in rec {
|
||
|
ceph = stdenv.mkDerivation {
|
||
|
@@ -142,12 +150,18 @@ in rec {
|
||
|
pkg-config which git python3Packages.wrapPython makeWrapper
|
||
|
python3Packages.python # for the toPythonPath function
|
||
|
(ensureNewerSourcesHook { year = "1980"; })
|
||
|
+ python3
|
||
|
+ fmt
|
||
|
+ # for building docs/man-pages presumably
|
||
|
+ doxygen
|
||
|
+ graphviz
|
||
|
];
|
||
|
|
||
|
buildInputs = cryptoLibsMap.${cryptoStr} ++ [
|
||
|
boost ceph-python-env libxml2 optYasm optLibatomic_ops optLibs3
|
||
|
malloc zlib openldap lttng-ust babeltrace gperf gtest cunit
|
||
|
snappy lz4 oathToolkit leveldb libnl libcap_ng rdkafka
|
||
|
+ cryptsetup sqlite lua icu bzip2
|
||
|
] ++ lib.optionals stdenv.isLinux [
|
||
|
linuxHeaders util-linux libuuid udev keyutils optLibaio optLibxfs optZfs
|
||
|
# ceph 14
|
||
|
@@ -171,7 +185,6 @@ in rec {
|
||
|
'';
|
||
|
|
||
|
cmakeFlags = [
|
||
|
- "-DWITH_PYTHON3=ON"
|
||
|
"-DWITH_SYSTEM_ROCKSDB=OFF" # breaks Bluestore
|
||
|
"-DCMAKE_INSTALL_DATADIR=${placeholder "lib"}/lib"
|
||
|
|
||
|
@@ -182,6 +195,8 @@ in rec {
|
||
|
"-DWITH_TESTS=OFF"
|
||
|
# TODO breaks with sandbox, tries to download stuff with npm
|
||
|
"-DWITH_MGR_DASHBOARD_FRONTEND=OFF"
|
||
|
+ # WITH_XFS has been set default ON from Ceph 16, keeping it optional in nixpkgs for now
|
||
|
+ ''-DWITH_XFS=${if optLibxfs != null then "ON" else "OFF"}''
|
||
|
];
|
||
|
|
||
|
postFixup = ''
|
||
|
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
|
||
|
index 71a063a4393fc..e825afd6691e4 100644
|
||
|
--- a/pkgs/top-level/all-packages.nix
|
||
|
+++ b/pkgs/top-level/all-packages.nix
|
||
|
@@ -3313,7 +3313,8 @@ in
|
||
|
|
||
|
libceph = ceph.lib;
|
||
|
inherit (callPackages ../tools/filesystems/ceph {
|
||
|
- boost = boost172.override { enablePython = true; python = python38; };
|
||
|
+ boost = boost17x.override { enablePython = true; python = python3; };
|
||
|
+ lua = lua5_4;
|
||
|
})
|
||
|
ceph
|
||
|
ceph-client;
|
||
|
|
||
|
From 8a6e130c71ed25f4eae8eadd62ef48450ccf8750 Mon Sep 17 00:00:00 2001
|
||
|
From: Johan Thomsen <jth@dbc.dk>
|
||
|
Date: Wed, 21 Apr 2021 16:19:00 +0200
|
||
|
Subject: [PATCH 2/2] nixos/ceph: fix tests
|
||
|
|
||
|
- 512 -> 1024MB vm memory (had sporadic oom-failures with the lower setting)
|
||
|
|
||
|
- set "auth_allow_insecure_global_id_reclaim=false" as described here: https://docs.ceph.com/en/latest/security/CVE-2021-20288/
|
||
|
---
|
||
|
nixos/tests/ceph-multi-node.nix | 3 ++-
|
||
|
nixos/tests/ceph-single-node-bluestore.nix | 3 ++-
|
||
|
nixos/tests/ceph-single-node.nix | 3 ++-
|
||
|
3 files changed, 6 insertions(+), 3 deletions(-)
|
||
|
|
||
|
diff --git a/nixos/tests/ceph-multi-node.nix b/nixos/tests/ceph-multi-node.nix
|
||
|
index 4e6d644f96c8a..33736e27b984d 100644
|
||
|
--- a/nixos/tests/ceph-multi-node.nix
|
||
|
+++ b/nixos/tests/ceph-multi-node.nix
|
||
|
@@ -37,7 +37,7 @@ let
|
||
|
|
||
|
generateHost = { pkgs, cephConfig, networkConfig, ... }: {
|
||
|
virtualisation = {
|
||
|
- memorySize = 512;
|
||
|
+ memorySize = 1024;
|
||
|
emptyDiskImages = [ 20480 ];
|
||
|
vlans = [ 1 ];
|
||
|
};
|
||
|
@@ -120,6 +120,7 @@ let
|
||
|
)
|
||
|
monA.wait_for_unit("ceph-mon-${cfg.monA.name}")
|
||
|
monA.succeed("ceph mon enable-msgr2")
|
||
|
+ monA.succeed("ceph config set mon auth_allow_insecure_global_id_reclaim false")
|
||
|
|
||
|
# Can't check ceph status until a mon is up
|
||
|
monA.succeed("ceph -s | grep 'mon: 1 daemons'")
|
||
|
diff --git a/nixos/tests/ceph-single-node-bluestore.nix b/nixos/tests/ceph-single-node-bluestore.nix
|
||
|
index cc873e8aee576..f706d4d56fcfd 100644
|
||
|
--- a/nixos/tests/ceph-single-node-bluestore.nix
|
||
|
+++ b/nixos/tests/ceph-single-node-bluestore.nix
|
||
|
@@ -34,7 +34,7 @@ let
|
||
|
|
||
|
generateHost = { pkgs, cephConfig, networkConfig, ... }: {
|
||
|
virtualisation = {
|
||
|
- memorySize = 512;
|
||
|
+ memorySize = 1024;
|
||
|
emptyDiskImages = [ 20480 20480 20480 ];
|
||
|
vlans = [ 1 ];
|
||
|
};
|
||
|
@@ -95,6 +95,7 @@ let
|
||
|
)
|
||
|
monA.wait_for_unit("ceph-mon-${cfg.monA.name}")
|
||
|
monA.succeed("ceph mon enable-msgr2")
|
||
|
+ monA.succeed("ceph config set mon auth_allow_insecure_global_id_reclaim false")
|
||
|
|
||
|
# Can't check ceph status until a mon is up
|
||
|
monA.succeed("ceph -s | grep 'mon: 1 daemons'")
|
||
|
diff --git a/nixos/tests/ceph-single-node.nix b/nixos/tests/ceph-single-node.nix
|
||
|
index 19919371a3ca7..d1d56ea6708cc 100644
|
||
|
--- a/nixos/tests/ceph-single-node.nix
|
||
|
+++ b/nixos/tests/ceph-single-node.nix
|
||
|
@@ -34,7 +34,7 @@ let
|
||
|
|
||
|
generateHost = { pkgs, cephConfig, networkConfig, ... }: {
|
||
|
virtualisation = {
|
||
|
- memorySize = 512;
|
||
|
+ memorySize = 1024;
|
||
|
emptyDiskImages = [ 20480 20480 20480 ];
|
||
|
vlans = [ 1 ];
|
||
|
};
|
||
|
@@ -95,6 +95,7 @@ let
|
||
|
)
|
||
|
monA.wait_for_unit("ceph-mon-${cfg.monA.name}")
|
||
|
monA.succeed("ceph mon enable-msgr2")
|
||
|
+ monA.succeed("ceph config set mon auth_allow_insecure_global_id_reclaim false")
|
||
|
|
||
|
# Can't check ceph status until a mon is up
|
||
|
monA.succeed("ceph -s | grep 'mon: 1 daemons'")
|