]>
Commit | Line | Data |
---|---|---|
7c673cae FG |
1 | ===================== |
2 | Preflight Checklist | |
3 | ===================== | |
4 | ||
5 | .. versionadded:: 0.60 | |
6 | ||
7 | This **Preflight Checklist** will help you prepare an admin node for use with | |
8 | ``ceph-deploy``, and server nodes for use with passwordless ``ssh`` and | |
9 | ``sudo``. | |
10 | ||
11 | Before you can deploy Ceph using ``ceph-deploy``, you need to ensure that you | |
12 | have a few things set up first on your admin node and on nodes running Ceph | |
13 | daemons. | |
14 | ||
15 | ||
16 | Install an Operating System | |
17 | =========================== | |
18 | ||
11fdf7f2 | 19 | Install a recent release of Debian or Ubuntu (e.g., 16.04 LTS) on |
7c673cae FG |
20 | your nodes. For additional details on operating systems or to use other |
21 | operating systems other than Debian or Ubuntu, see `OS Recommendations`_. | |
22 | ||
23 | ||
24 | Install an SSH Server | |
25 | ===================== | |
26 | ||
27 | The ``ceph-deploy`` utility requires ``ssh``, so your server node(s) require an | |
28 | SSH server. :: | |
29 | ||
30 | sudo apt-get install openssh-server | |
31 | ||
32 | ||
33 | Create a User | |
34 | ============= | |
35 | ||
36 | Create a user on nodes running Ceph daemons. | |
37 | ||
38 | .. tip:: We recommend a username that brute force attackers won't | |
39 | guess easily (e.g., something other than ``root``, ``ceph``, etc). | |
40 | ||
41 | :: | |
42 | ||
43 | ssh user@ceph-server | |
44 | sudo useradd -d /home/ceph -m ceph | |
45 | sudo passwd ceph | |
46 | ||
47 | ||
48 | ``ceph-deploy`` installs packages onto your nodes. This means that | |
49 | the user you create requires passwordless ``sudo`` privileges. | |
50 | ||
51 | .. note:: We **DO NOT** recommend enabling the ``root`` password | |
52 | for security reasons. | |
53 | ||
54 | To provide full privileges to the user, add the following to | |
55 | ``/etc/sudoers.d/ceph``. :: | |
56 | ||
57 | echo "ceph ALL = (root) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/ceph | |
58 | sudo chmod 0440 /etc/sudoers.d/ceph | |
59 | ||
60 | ||
61 | Configure SSH | |
62 | ============= | |
63 | ||
64 | Configure your admin machine with password-less SSH access to each node | |
65 | running Ceph daemons (leave the passphrase empty). :: | |
66 | ||
67 | ssh-keygen | |
68 | Generating public/private key pair. | |
69 | Enter file in which to save the key (/ceph-client/.ssh/id_rsa): | |
70 | Enter passphrase (empty for no passphrase): | |
71 | Enter same passphrase again: | |
72 | Your identification has been saved in /ceph-client/.ssh/id_rsa. | |
73 | Your public key has been saved in /ceph-client/.ssh/id_rsa.pub. | |
74 | ||
75 | Copy the key to each node running Ceph daemons:: | |
76 | ||
77 | ssh-copy-id ceph@ceph-server | |
78 | ||
79 | Modify your ~/.ssh/config file of your admin node so that it defaults | |
80 | to logging in as the user you created when no username is specified. :: | |
81 | ||
82 | Host ceph-server | |
83 | Hostname ceph-server.fqdn-or-ip-address.com | |
84 | User ceph | |
85 | ||
86 | ||
87 | Install ceph-deploy | |
88 | =================== | |
89 | ||
90 | To install ``ceph-deploy``, execute the following:: | |
91 | ||
92 | wget -q -O- 'https://download.ceph.com/keys/release.asc' | sudo apt-key add - | |
9f95a23c | 93 | echo deb https://download.ceph.com/debian-nautilus/ $(lsb_release -sc) main | sudo tee /etc/apt/sources.list.d/ceph.list |
7c673cae FG |
94 | sudo apt-get update |
95 | sudo apt-get install ceph-deploy | |
96 | ||
97 | ||
98 | Ensure Connectivity | |
99 | =================== | |
100 | ||
101 | Ensure that your Admin node has connectivity to the network and to your Server | |
102 | node (e.g., ensure ``iptables``, ``ufw`` or other tools that may prevent | |
103 | connections, traffic forwarding, etc. to allow what you need). | |
104 | ||
105 | ||
106 | Once you have completed this pre-flight checklist, you are ready to begin using | |
107 | ``ceph-deploy``. | |
108 | ||
109 | .. _OS Recommendations: ../../../start/os-recommendations |