X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=pve-storage-cephfs.adoc;fp=pve-storage-cephfs.adoc;h=88b92e6794465b3db5785cbbfd6d9b5bc21b4af4;hb=876f6dce257a48187351a2cbb2ae0f38c36a74a7;hp=4035617698d8d5679a4bf2fc5c0f3be26f1769d2;hpb=74ff2e640d0f2390aeea3689147450603cd4f56d;p=pve-docs.git diff --git a/pve-storage-cephfs.adoc b/pve-storage-cephfs.adoc index 4035617..88b92e6 100644 --- a/pve-storage-cephfs.adoc +++ b/pve-storage-cephfs.adoc @@ -71,32 +71,49 @@ disabled. Authentication ~~~~~~~~~~~~~~ -If you use `cephx` authentication, which is enabled by default, you need to copy -the secret from your external Ceph cluster to a Proxmox VE host. +If you use `cephx` authentication, which is enabled by default, you need to +provide the secret from the external Ceph cluster. -Create the directory `/etc/pve/priv/ceph` with +To configure the storage via the CLI, you first need to make the file +containing the secret available. One way is to copy the file from the external +Ceph cluster directly to one of the {pve} nodes. The following example will +copy it to the `/root` directory of the node on which we run it: - mkdir /etc/pve/priv/ceph +---- +# scp :/etc/ceph/cephfs.secret /root/cephfs.secret +---- + +Then use the `pvesm` CLI tool to configure the external RBD storage, use the +`--keyring` parameter, which needs to be a path to the secret file that you +copied. For example: + +---- +# pvesm add cephfs --monhost "10.1.1.20 10.1.1.21 10.1.1.22" --content backup --keyring /root/cephfs.secret +---- -Then copy the secret +When configuring an external RBD storage via the GUI, you can copy and paste +the secret into the appropriate field. - scp cephfs.secret :/etc/pve/priv/ceph/.secret +The secret is only the key itself, as opposed to the `rbd` backend which also +contains a `[client.userid]` section. -The secret must be renamed to match your ``. Copying the -secret generally requires root privileges. The file must only contain the -secret key itself, as opposed to the `rbd` backend which also contains a -`[client.userid]` section. +The secret will be stored at + +---- +# /etc/pve/priv/ceph/.secret +---- A secret can be received from the Ceph cluster (as Ceph admin) by issuing the command below, where `userid` is the client ID that has been configured to access the cluster. For further information on Ceph user management, see the -Ceph docs footnote:[Ceph user management -{cephdocs-url}/rados/operations/user-management/]. +Ceph docs.footnoteref:[cephusermgmt] - ceph auth get-key client.userid > cephfs.secret +---- +# ceph auth get-key client.userid > cephfs.secret +---- -If Ceph is installed locally on the PVE cluster, that is, it was set up using -`pveceph`, this is done automatically. +If Ceph is installed locally on the {pve} cluster, this is done automatically +when adding the storage. Storage Features ~~~~~~~~~~~~~~~~