test proper keyring creation

Author: bmwiedemann

chef/cookbooks/ceph/recipes/mon.rb

@@ -46,10 +46,13 @@
 
 
 unless File.exist?("/var/lib/ceph/mgr/ceph-#{mon_name}/done")
-  keyring = "#{Chef::Config[:file_cache_path]}/#{cluster}-#{mon_name}.mgr.keyring"
+  keyring = "/var/lib/ceph/mgr/#{cluster}-#{mon_name}/keyring"
   execute "create mgr keyring" do
-    command "ceph-authtool '#{keyring}' --create-keyring --name=mgr. --add-key='#{node["ceph"]["monitor-secret"]}' --cap mgr 'allow *'"
-    not_if { node["ceph"]["monitor-secret"].empty? }
+    command "ceph auth get-or-create mgr.#{mon_name} \
+             mon 'allow profile mgr' osd 'allow *' mds 'allow *' \
+             -o #{keyring} && \
+           chown ceph.ceph #{keyring}"
+    not_if { File.exist?(keyring) }
   end
   ruby_block "finalise" do
     block do