This is likely a bug in Ceph, but feel it might be helpful to log here in case someone else runs across it.

Ceph Version: 10.2.2 (45107e21c568dd033c2f0a3107dec8f0b0e58374)

When mon_id has a hyphen (such as when using the default of the server hostname and the hostname has a hyphen), the directory /var/lib/ceph/mon/ceph-${ceph::mon_id}/ is created, however the keyring file is not present. Changing the value of mon_id (or changing the hostname) resolves this issue.

This file not getting created causes all following commands to add keys to fail due to being unable to find this file.

If this is a bug in Ceph, it may be beneficial to either sanitize the input (if underscores work, changing hyphens to underscores, for example) or give an error if the value of mon_id contains known bad characters. It may also be useful to change the creates=> parameter to the keyring file, rather than the directory, to catch when this error occurs, rather than continuing.

Example error:

Notice: /Stage[main]/Ceph::Auth/Ceph::Keyring[/etc/ceph/ceph.client.radosgw.puppet.keyring]/Exec[ceph -n mon. -k /var/lib/ceph/mon/ceph-hyp7-8/keyring auth import -i /etc/ceph/ceph.client.radosgw.puppet.keyring]/returns: Error connecting to cluster: ObjectNotFound
Error: ceph -n mon. -k /var/lib/ceph/mon/ceph-hyp7-8/keyring auth import -i /etc/ceph/ceph.client.radosgw.puppet.keyring returned 1 instead of one of [0]
Error: /Stage[main]/Ceph::Auth/Ceph::Keyring[/etc/ceph/ceph.client.radosgw.puppet.keyring]/Exec[ceph -n mon. -k /var/lib/ceph/mon/ceph-hyp7-8/keyring auth import -i /etc/ceph/ceph.client.radosgw.puppet.keyring]/returns: change from notrun to 0 failed: ceph -n mon. -k /var/lib/ceph/mon/ceph-hyp7-8/keyring auth import -i /etc/ceph/ceph.client.radosgw.puppet.keyring returned 1 instead of one of [0]