[ceph-users] Updating client caps online

Hi all, We still have legacy caps on our nautilus rbd cluster. I just wanted to check if this is totally safe (and to post here ftr because I don't think this has ever been documented) Here are the current caps: [client.images] key = xxx caps mgr = "allow r" caps mon = "allow r, allow command \"osd blacklist\"" caps osd = "allow class-read object_prefix rbd_children, allow rwx pool=images" [client.volumes] key = xxx caps mgr = "allow r" caps mon = "allow r, allow command \"osd blacklist\"" caps osd = "allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rx pool=images, allow rwx pool=cinder-critical" Now that we upgraded to nautilus we would do: # ceph auth caps client.images mon 'profile rbd' osd 'profile rbd pool=images' mgr 'profile rbd pool=images' # ceph auth caps client.volumes mon 'profile rbd' osd 'profile rbd pool=volumes, profile rbd-read-only pool=images, profile rbd pool=cinder-critical' mgr 'profile rbd pool=volumes, profile rbd pool=cinder-critical' Does that look correct? Does this apply without impacting any client IOs ? Thanks! Dan