In this configuration, we have :

  • 1 admin
  • 2 monitors
  • 3 nodes

Requirement before installation

Synchronize all clocks using NTP :

[root@ceph-admin ~]# systemctl start ntpd ; systemctl enable ntpd ; hwclock --systohc
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
[root@ceph-monitor1 ~]# systemctl start ntpd ; systemctl enable ntpd ; hwclock --systohc
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
[root@ceph-monitor2 ~]# systemctl start ntpd ; systemctl enable ntpd ; hwclock --systohc
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
[root@ceph-node1 ~]# systemctl start ntpd ; systemctl enable ntpd ; hwclock --systohc
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
[root@ceph-node2 ~]# systemctl start ntpd ; systemctl enable ntpd ; hwclock --systohc
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
[root@ceph-node3 ~]# systemctl start ntpd ; systemctl enable ntpd ; hwclock --systohc
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.

And disable “firewalld” during this lab :

[root@ceph-admin ~]# systemctl stop firewalld ; systemctl disable firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
[root@ceph-monitor1 ~]# systemctl stop firewalld ; systemctl disable firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
[root@ceph-monitor2 ~]# systemctl stop firewalld ; systemctl disable firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
[root@ceph-node1 ~]# systemctl stop firewalld ; systemctl disable firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
[root@ceph-node2 ~]# systemctl stop firewalld ; systemctl disable firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
[root@ceph-node3 ~]# systemctl stop firewalld ; systemctl disable firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.

Set FQDN hostnames :

[root@ceph-admin ~]# hostnamectl set-hostname ceph-admin.argonay.wou
[root@ceph-monitor1 ~]# hostnamectl set-hostname ceph-monitor1.argonay.wou
[root@ceph-monitor2 ~]# hostnamectl set-hostname ceph-monitor2.argonay.wou
[root@ceph-node1 ~]# hostnamectl set-hostname ceph-node1.argonay.wou
[root@ceph-node2 ~]# hostnamectl set-hostname ceph-node2.argonay.wou
[root@ceph-node3 ~]# hostnamectl set-hostname ceph-node3.argonay.wou

Add following entries in “/etc/hosts” :

192.168.1.120   ceph-admin.argonay.wou          ceph-admin
192.168.1.121   ceph-monitor1.argonay.wou       ceph-monitor1
192.168.1.122   ceph-monitor2.argonay.wou       ceph-monitor2
192.168.1.123   ceph-node1.argonay.wou          ceph-node1
192.168.1.124   ceph-node2.argonay.wou          ceph-node2
192.168.1.125   ceph-node3.argonay.wou          ceph-node3

And set domain name (here : “argonay.wou”) in “/etc/resolv.conf” :

search argonay.wou

Disable SELinux :

[root@ceph-admin ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux && shutdown -r 0
[root@ceph-monitor1 ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux && shutdown -r 0
[root@ceph-monitor2 ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux && shutdown -r 0
[root@ceph-node1 ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux && shutdown -r 0
[root@ceph-node2 ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux && shutdown -r 0
[root@ceph-node3 ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux && shutdown -r 0

“cephuser” user account

Create “cephgroup” group :

root@ceph-admin ~]# groupadd -g 2000 cephgroup
[root@ceph-monitor1 ~]# groupadd -g 2000 cephgroup
[root@ceph-monitor2 ~]# groupadd -g 2000 cephgroup
[root@ceph-node1 ~]# groupadd -g 2000 cephgroup
[root@ceph-node2 ~]# groupadd -g 2000 cephgroup
[root@ceph-node3 ~]# groupadd -g 2000 cephgroup

Create “cephuser” account, and set password  :

[root@ceph-admin ~]# useradd -c "ceph user" -g cephgroup -u 2000 cephuser
[root@ceph-admin ~]# echo "cephuser:your_password" | chpasswd
[root@ceph-monitor1 ~]# useradd -c "ceph user" -g cephgroup -u 2000 cephuser
[root@ceph-monitor1 ~]# echo "cephuser:your_password" | chpasswd
[root@ceph-monitor2 ~]# useradd -c "ceph user" -g cephgroup -u 2000 cephuser
[root@ceph-monitor2 ~]# echo "cephuser:your_password" | chpasswd
[root@ceph-node1 ~]# useradd -c "ceph user" -g cephgroup -u 2000 cephuser
[root@ceph-node1 ~]# echo "cephuser:your_password" | chpasswd
[root@ceph-node2 ~]# useradd -c "ceph user" -g cephgroup -u 2000 cephuser
[root@ceph-node2 ~]# echo "cephuser:your_password" | chpasswd
[root@ceph-node3 ~]# useradd -c "ceph user" -g cephgroup -u 2000 cephuser
[root@ceph-node3 ~]# echo "cephuser:your_password" | chpasswd

ssh

Create “rsa” keys :

[root@ceph-admin ~]# su - cephuser
[cephuser@ceph-admin ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/cephuser/.ssh/id_rsa):
Created directory '/home/cephuser/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/cephuser/.ssh/id_rsa.
Your public key has been saved in /home/cephuser/.ssh/id_rsa.pub.
The key fingerprint is:
21:f6:9c:9c:1b:ea:94:82:c7:30:8f:53:32:dc:10:81 cephuser@ceph-admin.argonay.wou
The key's randomart image is:
+--[ RSA 2048]----+
| .o.             |
|E  .             |
|  .   o .        |
| . o . = +       |
|  * o   S        |
|   @   o o       |
|  + = + .        |
|   o +           |
|      .          |
+-----------------+

Copy both private and public keys to all Ceph servers :

[cephuser@ceph-admin ~]$ cp -p .ssh/id_rsa.pub .ssh/authorized_keys
[cephuser@ceph-admin ~]$ for H in ceph-monitor1 ceph-monitor2 ceph-node1 ceph-node2 ceph-node3 ; do scp -rp .ssh $H:. ; done
The authenticity of host 'ceph-monitor1 (192.168.1.121)' can't be established.
ECDSA key fingerprint is 13:50:89:e4:51:a1:eb:ec:61:b2:aa:17:d7:60:df:eb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ceph-monitor1,192.168.1.121' (ECDSA) to the list of known hosts.
cephuser@ceph-monitor1's password:
id_rsa                                                                                                    100% 1675     1.6KB/s   00:00
id_rsa.pub                                                                                                100%  413     0.4KB/s   00:00
authorized_keys                                                                                           100%  413     0.4KB/s   00:00
known_hosts                                                                                               100%  189     0.2KB/s   00:00
The authenticity of host 'ceph-monitor2 (192.168.1.122)' can't be established.
ECDSA key fingerprint is 8e:a6:e8:dd:bc:22:d3:32:a5:1b:71:60:3a:60:dd:98.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ceph-monitor2,192.168.1.122' (ECDSA) to the list of known hosts.
cephuser@ceph-monitor2's password:
id_rsa                                                                                                    100% 1675     1.6KB/s   00:00
id_rsa.pub                                                                                                100%  413     0.4KB/s   00:00
authorized_keys                                                                                           100%  413     0.4KB/s   00:00
known_hosts                                                                                               100%  378     0.4KB/s   00:00
The authenticity of host 'ceph-node1 (192.168.1.123)' can't be established.
ECDSA key fingerprint is 2a:05:ee:49:61:fc:7e:fd:3c:a2:b4:00:e1:6d:7d:c4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ceph-node1,192.168.1.123' (ECDSA) to the list of known hosts.
cephuser@ceph-node1's password:
id_rsa                                                                                                    100% 1675     1.6KB/s   00:00
id_rsa.pub                                                                                                100%  413     0.4KB/s   00:00
authorized_keys                                                                                           100%  413     0.4KB/s   00:00
known_hosts                                                                                               100%  564     0.6KB/s   00:00
The authenticity of host 'ceph-node2 (192.168.1.124)' can't be established.
ECDSA key fingerprint is 0b:5e:84:ad:ed:9d:96:06:fe:3c:f1:bb:b9:b3:e5:a0.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ceph-node2,192.168.1.124' (ECDSA) to the list of known hosts.
cephuser@ceph-node2's password:
id_rsa                                                                                                    100% 1675     1.6KB/s   00:00
id_rsa.pub                                                                                                100%  413     0.4KB/s   00:00
authorized_keys                                                                                           100%  413     0.4KB/s   00:00
known_hosts                                                                                               100%  750     0.7KB/s   00:00
The authenticity of host 'ceph-node3 (192.168.1.125)' can't be established.
ECDSA key fingerprint is 37:87:6c:fe:7d:cf:b7:85:dc:a5:29:fe:58:14:89:2f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ceph-node3,192.168.1.125' (ECDSA) to the list of known hosts.
cephuser@ceph-node3's password:
id_rsa                                                                                                    100% 1675     1.6KB/s   00:00
id_rsa.pub                                                                                                100%  413     0.4KB/s   00:00
authorized_keys                                                                                           100%  413     0.4KB/s   00:00
known_hosts                                                                                               100%  936     0.9KB/s   00:00

Check ssh on all Ceph servers, for example :

[root@ceph-monitor1 ~]# su - cephuser
[cephuser@ceph-monitor1 ~]$ for H in ceph-admin ceph-monitor1 ceph-monitor2 ceph-node1 ceph-node2 ceph-node3 ; do ssh $H date ; done
The authenticity of host 'ceph-admin (192.168.1.120)' can't be established.
ECDSA key fingerprint is 5f:c1:68:c0:62:a6:0a:c0:72:99:31:ce:8e:10:66:2a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ceph-admin,192.168.1.120' (ECDSA) to the list of known hosts.
Fri Feb  5 17:31:30 CET 2016
The authenticity of host 'ceph-monitor1 (192.168.1.121)' can't be established.
ECDSA key fingerprint is 13:50:89:e4:51:a1:eb:ec:61:b2:aa:17:d7:60:df:eb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ceph-monitor1,192.168.1.121' (ECDSA) to the list of known hosts.
Fri Feb  5 17:31:32 CET 2016
The authenticity of host 'ceph-monitor2 (192.168.1.122)' can't be established.
ECDSA key fingerprint is 8e:a6:e8:dd:bc:22:d3:32:a5:1b:71:60:3a:60:dd:98.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ceph-monitor2,192.168.1.122' (ECDSA) to the list of known hosts.
Fri Feb  5 17:31:34 CET 2016
The authenticity of host 'ceph-node1 (192.168.1.123)' can't be established.
ECDSA key fingerprint is 2a:05:ee:49:61:fc:7e:fd:3c:a2:b4:00:e1:6d:7d:c4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ceph-node1,192.168.1.123' (ECDSA) to the list of known hosts.
Fri Feb  5 17:31:36 CET 2016
The authenticity of host 'ceph-node2 (192.168.1.124)' can't be established.
ECDSA key fingerprint is 0b:5e:84:ad:ed:9d:96:06:fe:3c:f1:bb:b9:b3:e5:a0.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ceph-node2,192.168.1.124' (ECDSA) to the list of known hosts.
Fri Feb  5 17:31:38 CET 2016
The authenticity of host 'ceph-node3 (192.168.1.125)' can't be established.
ECDSA key fingerprint is 37:87:6c:fe:7d:cf:b7:85:dc:a5:29:fe:58:14:89:2f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ceph-node3,192.168.1.125' (ECDSA) to the list of known hosts.
Fri Feb  5 17:31:41 CET 2016

sudo

Add root access to “cephuser” :

[root@ceph-admin ~]# echo "cephuser ALL = (root) NOPASSWD:ALL" > /etc/sudoers.d/cephuser && chmod ug=r,o= /etc/sudoers.d/cephuser
[root@ceph-monitor1 ~]# echo "cephuser ALL = (root) NOPASSWD:ALL" > /etc/sudoers.d/cephuser && chmod ug=r,o= /etc/sudoers.d/cephuser
[root@ceph-monitor2 ~]# echo "cephuser ALL = (root) NOPASSWD:ALL" > /etc/sudoers.d/cephuser && chmod ug=r,o= /etc/sudoers.d/cephuser
[root@ceph-node1 ~]# echo "cephuser ALL = (root) NOPASSWD:ALL" > /etc/sudoers.d/cephuser && chmod ug=r,o= /etc/sudoers.d/cephuser
[root@ceph-node2 ~]# echo "cephuser ALL = (root) NOPASSWD:ALL" > /etc/sudoers.d/cephuser && chmod ug=r,o= /etc/sudoers.d/cephuser
[root@ceph-node3 ~]# echo "cephuser ALL = (root) NOPASSWD:ALL" > /etc/sudoers.d/cephuser && chmod ug=r,o= /etc/sudoers.d/cephuser

Disable TTY requirement for “cephuser” :

[root@ceph-admin ~]# grep cephuser /etc/sudoers
Defaults:cephuser !requiretty
[root@ceph-monitor1 ~]# grep cephuser /etc/sudoers
Defaults:cephuser !requiretty
[root@ceph-monitor2 ~]# grep cephuser /etc/sudoers
Defaults:cephuser !requiretty
Defaults:cephuser !requiretty
[root@ceph-node1 ~]#
[root@ceph-node2 ~]# grep cephuser /etc/sudoers
Defaults:cephuser !requiretty
[root@ceph-node3 ~]# grep cephuser /etc/sudoers
Defaults:cephuser !requiretty

 

 

 

 

PDF24    Send article as PDF   

2 thoughts on “Ceph installation on CentOS 7.2, step #1

    1. 你好

      Currently, I’m experiencing some issues with both “hammer” and “infernalis” Ceph releases using “ceph-deploy osd prepare”.
      So, I’m waiting for fixes …

      商祺

Leave a Reply

Your email address will not be published. Required fields are marked *


*