From e09a3765476eedae28905b51b666bee92c6fcf8e Mon Sep 17 00:00:00 2001 From: Adam King Date: Sat, 3 Jun 2023 14:39:05 -0400 Subject: [PATCH] doc/cephadm: document how to pass self made SSH key pairs to bootstrap This didn't seem to exist in the install section of the cephadm docs. Wanted to add it in before adding documentation for bootstrapping with CA signed keys. Signed-off-by: Adam King --- doc/cephadm/install.rst | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/doc/cephadm/install.rst b/doc/cephadm/install.rst index 412ca14169c..66c34a98b07 100644 --- a/doc/cephadm/install.rst +++ b/doc/cephadm/install.rst @@ -193,6 +193,8 @@ This command will: with this label will (also) get a copy of ``/etc/ceph/ceph.conf`` and ``/etc/ceph/ceph.client.admin.keyring``. +.. _cephadm-bootstrap-further-info: + Further information about cephadm bootstrap ------------------------------------------- @@ -463,3 +465,27 @@ have access to all hosts that you plan to add to the cluster. cephadm --image **:5000/ceph/ceph bootstrap --mon-ip ** .. _cluster network: ../rados/configuration/network-config-ref#cluster-network + +.. _cephadm-bootstrap-custom-ssh-keys: + +Deployment with custom SSH keys +------------------------------- + +Bootstrap allows users to create their own private/public SSH key pair +rather than having cephadm generate them automatically. + +To use custom SSH keys, pass the ``--ssh-private-key`` and ``--ssh-public-key`` +fields to bootstrap. Both parameters require a path to the file where the +keys are stored: + +.. prompt:: bash # + + cephadm bootstrap --mon-ip --ssh-private-key --ssh-public-key + +This setup allows users to use a key that has already been distributed to hosts +the user wants in the cluster before bootstrap. + +.. note:: In order for cephadm to connect to other hosts you'd like to add + to the cluster, make sure the public key of the key pair provided is setup + as an authorized key for the ssh user being used, typically root. If you'd + like more info on using a non-root user as the ssh user, see :ref:`cephadm-bootstrap-further-info`