mirror of https://github.com/ceph/ceph
110 lines
3.1 KiB
ReStructuredText
110 lines
3.1 KiB
ReStructuredText
=====================
|
|
Preflight Checklist
|
|
=====================
|
|
|
|
.. versionadded:: 0.60
|
|
|
|
This **Preflight Checklist** will help you prepare an admin node for use with
|
|
``ceph-deploy``, and server nodes for use with passwordless ``ssh`` and
|
|
``sudo``.
|
|
|
|
Before you can deploy Ceph using ``ceph-deploy``, you need to ensure that you
|
|
have a few things set up first on your admin node and on nodes running Ceph
|
|
daemons.
|
|
|
|
|
|
Install an Operating System
|
|
===========================
|
|
|
|
Install a recent release of Debian or Ubuntu (e.g., 16.04 LTS) on
|
|
your nodes. For additional details on operating systems or to use other
|
|
operating systems other than Debian or Ubuntu, see `OS Recommendations`_.
|
|
|
|
|
|
Install an SSH Server
|
|
=====================
|
|
|
|
The ``ceph-deploy`` utility requires ``ssh``, so your server node(s) require an
|
|
SSH server. ::
|
|
|
|
sudo apt-get install openssh-server
|
|
|
|
|
|
Create a User
|
|
=============
|
|
|
|
Create a user on nodes running Ceph daemons.
|
|
|
|
.. tip:: We recommend a username that brute force attackers won't
|
|
guess easily (e.g., something other than ``root``, ``ceph``, etc).
|
|
|
|
::
|
|
|
|
ssh user@ceph-server
|
|
sudo useradd -d /home/ceph -m ceph
|
|
sudo passwd ceph
|
|
|
|
|
|
``ceph-deploy`` installs packages onto your nodes. This means that
|
|
the user you create requires passwordless ``sudo`` privileges.
|
|
|
|
.. note:: We **DO NOT** recommend enabling the ``root`` password
|
|
for security reasons.
|
|
|
|
To provide full privileges to the user, add the following to
|
|
``/etc/sudoers.d/ceph``. ::
|
|
|
|
echo "ceph ALL = (root) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/ceph
|
|
sudo chmod 0440 /etc/sudoers.d/ceph
|
|
|
|
|
|
Configure SSH
|
|
=============
|
|
|
|
Configure your admin machine with password-less SSH access to each node
|
|
running Ceph daemons (leave the passphrase empty). ::
|
|
|
|
ssh-keygen
|
|
Generating public/private key pair.
|
|
Enter file in which to save the key (/ceph-client/.ssh/id_rsa):
|
|
Enter passphrase (empty for no passphrase):
|
|
Enter same passphrase again:
|
|
Your identification has been saved in /ceph-client/.ssh/id_rsa.
|
|
Your public key has been saved in /ceph-client/.ssh/id_rsa.pub.
|
|
|
|
Copy the key to each node running Ceph daemons::
|
|
|
|
ssh-copy-id ceph@ceph-server
|
|
|
|
Modify your ~/.ssh/config file of your admin node so that it defaults
|
|
to logging in as the user you created when no username is specified. ::
|
|
|
|
Host ceph-server
|
|
Hostname ceph-server.fqdn-or-ip-address.com
|
|
User ceph
|
|
|
|
|
|
Install ceph-deploy
|
|
===================
|
|
|
|
To install ``ceph-deploy``, execute the following::
|
|
|
|
wget -q -O- 'https://download.ceph.com/keys/release.asc' | sudo apt-key add -
|
|
echo deb http://ceph.com/debian-dumpling/ $(lsb_release -sc) main | sudo tee /etc/apt/sources.list.d/ceph.list
|
|
sudo apt-get update
|
|
sudo apt-get install ceph-deploy
|
|
|
|
|
|
Ensure Connectivity
|
|
===================
|
|
|
|
Ensure that your Admin node has connectivity to the network and to your Server
|
|
node (e.g., ensure ``iptables``, ``ufw`` or other tools that may prevent
|
|
connections, traffic forwarding, etc. to allow what you need).
|
|
|
|
|
|
Once you have completed this pre-flight checklist, you are ready to begin using
|
|
``ceph-deploy``.
|
|
|
|
.. _OS Recommendations: ../../../start/os-recommendations
|