Ceph-Ansible部署Ceph-N(基于ubuntu18.04LTS)
常⽤⾃动化部署⽅案⽐较
名称实现语⾔发布时间架构DSL (区域特定语⾔)SaltStack Python2011C/S yaml
Ansible Python2012Agentless yaml
Puppet Ruby2009C/S Puppet Language
Chef Ruby2005C/S接近Ruby语法的Dsl
环境准备
在部署 Ceph 存储集之前,需要对Ceph 客户端和Ceph 节点进⾏⼀些基本的配置。安装⼀个ceph-ansible 管理节点和若⼲节点的Ceph 存储集来研究 Ceph 的基本特性。此处准备四个Ceph节点(其中adm节点充当ceph-ansible管理节点),以此构成 Ceph存储集。
主机名称IP地址操作系统备注adm100.10.10.163ubuntu-18.04.3-server-amd64.iso ceph-ansible管理节点N1100.10.10.160/100.10.11.160ubuntu-18.04.3-server-amd64.iso专⽤节点
N2100.10.10.161/100.10.11.161ubuntu-18.04.3-server-amd64.iso专⽤节点
N3100.10.10.162/100.10.11.162ubuntu-18.04.3-server-amd64.iso专⽤节点
未特别说明,则操作需在每个节点上执⾏
添加keys
将密钥添加到系统的受信任密钥列表中,以避免出现安全警告。 对于主要发⾏版(例如luminous, mimic, nautilus)和开发发⾏版(release-name-rc1, release-name-rc2),请使⽤release.asc密钥。
要安装release.asc密钥,请执⾏以下操作:
# wget -q -O- '100.10.10.163/ceph/keys/release.asc' | sudo apt-key add -
# wget -q -O- '100.10.10.163/os/18.04_LTS/debs.asc' | sudo apt-key add -
# apt-key list
/etc/apt/trusted.gpg
--------------------
pub rsa4096 2015-09-15 [SC]
08B7 3419 AC32 B4E9 66C1 A330 E84A C2C0 460F 3994
uid [ unknown] Ceph (release key)<security@ceph>
添加CEPH
将Ceph软件包库添加到系统的APT来源列表中。 对于较新版本的Debian/Ubuntu,请在命令⾏上调⽤lsb_release -sc以获取简短的代号。
# cp /etc/apt/sources.list /etc/apt/
# > /etc/apt/sources.list
# sudo apt-add-repository 'deb 100.10.10.163/ceph/debian-nautilus/ bionic main'
# apt-get update -y
修改/etc/hosts⽂件
# vim /etc/hosts
127.0.0.1 localhost
100.10.10.160 N1
100.10.10.161 N2
100.10.10.162 N3
100.10.10.163 adm
配置ssh免密登录
在adm节点执⾏以下命令,
# ssh-keygen -t rsa -P ''
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:w3exfRZVT5yUhWGDS0KlJFSXkGOBRB52DY2wXJZfNdI
The key's randomart image is:
+---[RSA 2048]----+
| +O=@@o+*B@|
| +.OBo*.+E=|
| +..=.o ..|
| . o+ .|
| S . o . o|
| o . o |
| |
| |
| |
+----[SHA256]-----+
# ssh-copy-id 100.10.10.160
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@100.10.10.160's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '100.10.10.160'"
and check to make sure that only the key(s) you wanted were added.
# ssh-copy-id 100.10.10.161
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@100.10.10.161's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '100.10.10.161'"
and check to make sure that only the key(s) you wanted were added.
# ssh-copy-id 100.10.10.162
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@100.10.10.162's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '100.10.10.162'"
and check to make sure that only the key(s) you wanted were added.
# ssh-copy-id 100.10.10.163
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '100.10.10.163 (100.10.10.163)' can't be established.
ECDSA key fingerprint is SHA256:krdx3rwkZITeNgQBIDo4eY70tOTrMFhJ4c24RSGPQYI.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@100.10.10.163's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '100.10.10.163'"
and check to make sure that only the key(s) you wanted were added.
# scp /root/.ssh/id_rsa* 100.10.10.160:/root/.ssh/
id_rsa 100% 1679
1.6MB/s 00:00 id_rsa.pub 100% 393 481.8KB/s 00:00 # scp /root/.ssh/id_rsa* 100.10.10.161:/root/.ssh/
id_rsa 100% 1679 1.6MB/s 00:00 id_rsa.pub 100% 393 527.1KB/s 00:00 # scp /root/.ssh/id_rsa* 100.10.10.162:/root/.ssh/
id_rsa 100% 1679 1.5MB/s 00:00 id_rsa.pub
在每个节点上执⾏
# ssh 100.10.10.160
Welcome to Ubuntu 18.04.3 LTS (GNU/Linux 4.15.0-55-generic x86_64)
* Documentation: help.ubuntu
* Management: landscape.canonical
* Support: ubuntu/advantage
System information as of Thu Jan 9 12:35:33 CST 2020
System load: 0.04 Processes: 311
Usage of /: 3.2% of 136.36GB Users logged in: 2
Memory usage: 0% IP address for enp3s0f0: 100.10.10.160
Swap usage: 0% IP address for enp3s0f1: 100.10.11.160
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
ubuntu/livepatch
0 packages can be updated.
0 updates are security updates.
Failed to connect to changelogs.ubuntu/meta-release-lts. Check your Internet connection or proxy settings
Last login: Thu Jan 9 12:34:37 2020 from 100.10.10.162
root@N1:~# exit
logout
Connection to 100.10.10.160 closed.
# ssh 100.10.10.161
Welcome to Ubuntu 18.04.3 LTS (GNU/Linux 4.15.0-55-generic x86_64)
* Documentation: help.ubuntu
* Management: landscape.canonical
* Support: ubuntu/advantage
System information as of Thu Jan 9 12:35:38 CST 2020
System load: 0.08 Processes: 305
Usage of /: 3.2% of 136.36GB Users logged in: 2
Memory usage: 0% IP address for enp4s0f0: 100.10.10.161
Swap usage: 0% IP address for enp4s0f1: 100.10.11.161
* Canonical Livepatch is available for installation.
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
ubuntu/livepatch
0 packages can be updated.
0 updates are security updates.
Failed to connect to changelogs.ubuntu/meta-release-lts. Check your Internet connection or proxy settings
Last login: Thu Jan 9 12:35:04 2020 from 100.10.10.162
root@N2:~# exit
logout
Connection to 100.10.10.161 closed.
# ssh 100.10.10.162
Welcome to Ubuntu 18.04.3 LTS (GNU/Linux 4.15.0-55-generic x86_64)
* Documentation: help.ubuntu
* Management: landscape.canonical
* Support: ubuntu/advantage
System information as of Thu Jan 9 12:41:26 CST 2020
System load: 0.05 Processes: 299
Usage of /: 3.2% of 136.36GB Users logged in: 1
Memory usage: 0% IP address for enp3s0f0: 100.10.10.162
Swap usage: 0% IP address for enp3s0f1: 100.10.11.162
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
ubuntu/livepatch
0 packages can be updated.
0 updates are security updates.
Last login: Thu Jan 9 12:40:55 2020 from 100.10.10.162
root@N3:~# exit
logout
Connection to 100.10.10.162 closed.
# ssh 100.10.10.163
Welcome to Ubuntu 18.04.3 LTS (GNU/Linux 4.15.0-55-generic x86_64)
* Documentation: help.ubuntu
* Management: landscape.canonical
* Support: ubuntu/advantage
System information as of Thu Jan 9 12:41:32 CST 2020
System load: 0.0 Processes: 320
Usage of /: 6.1% of 136.36GB Users logged in: 2
Memory usage: 1% IP address for enp3s0f0: 100.10.10.163
Swap usage: 0% IP address for enp3s0f1: 172.10.27.163
* Overheard at KubeCon: "microk8s.status just blew my mind".
microk8s.io/docs/commands#microk8s.status
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
ubuntu/livepatch
141 packages can be updated.
89 updates are security updates.
*** System restart required ***
Last login: Thu Jan 9 12:41:07 2020 from 100.10.10.162
root@ceph-n:~# exit
logout
Connection to 100.10.10.163 closed.
安装 CHRONY
在Ceph节点上安装CHRONY以防⽌时钟漂移引起的问题。
# timedatectl set-ntp false
# apt-get install chrony -y
# chronyd --version
# cp /etc/f /etc/f.org
设置chrony服务器
此处将adm节点作为CHRONY服务器
# vim /etc/f
.....
pool ntp.ubuntu iburst maxsources 4
pool 0.p.org iburst maxsources 1
pool 1.p.org iburst maxsources 1
pool 2.p.org iburst maxsources 2
.......
allow 100.10 ##允许同步时间的客户端所在⽹段
local stratum 10 ##设置源时钟等级
将配置⽂件中上述4个pool注释掉,在其中增加允许同步时间的IP⽹段段以及设置源时钟等级。
# systemctl enable chrony.service
# systemctl restart chrony.service
# systemctl status chrony.service
● chrony.service - chrony, an NTP client/server
Loaded: loaded (/lib/systemd/system/chrony.service; enabled; vendor preset: enabled)
exitedActive: active (running) since Thu 2020-01-09 15:51:54 CST; 8s ago
Docs: man:chronyd(8)
man:chronyc(1)
f(5)
Process: 25427 ExecStartPost=/usr/lib/chrony/chrony-helper update-daemon (code=exited, status=0/SUCCESS)
Process: 25398 ExecStart=/usr/lib/systemd/scripts/chronyd-starter.sh $DAEMON_OPTS(code=exited, status=0/SUCCESS) Main PID: 25422 (chronyd)
Tasks: 1 (limit: 4915)
CGroup: /system.slice/chrony.service
└─25422 /usr/sbin/chronyd
设置chrony客户端
此处N1、N2和N3节点为CHRONY客户端
# vim /etc/f
.....
# pool ntp.ubuntu iburst maxsources 4
# pool 0.p.org iburst maxsources 1
# pool 1.p.org iburst maxsources 1
# pool 2.p.org iburst maxsources 2
server 100.10.10.163 iburst
.......
其中100.10.10.163为CHRONY服务器的IP地址。
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论