ceph/doc/cephadm/host-management.rst

   1 .. _orchestrator-cli-host-management:
   2
   3 ===============
   4 Host Management
   5 ===============
   6
   7 To list hosts associated with the cluster:
   8
   9 .. prompt:: bash #
  10
  11     ceph orch host ls [--format yaml]
  12
  13 .. _cephadm-adding-hosts:
  14
  15 Adding Hosts
  16 ============
  17
  18 Hosts must have these :ref:`cephadm-host-requirements` installed.
  19 Hosts without all the necessary requirements will fail to be added to the cluster.
  20
  21 To add each new host to the cluster, perform two steps:
  22
  23 #. Install the cluster's public SSH key in the new host's root user's ``authorized_keys`` file:
  24
  25    .. prompt:: bash #
  26
  27     ssh-copy-id -f -i /etc/ceph/ceph.pub root@*<new-host>*
  28
  29    For example:
  30
  31    .. prompt:: bash #
  32
  33       ssh-copy-id -f -i /etc/ceph/ceph.pub root@host2
  34       ssh-copy-id -f -i /etc/ceph/ceph.pub root@host3
  35
  36 #. Tell Ceph that the new node is part of the cluster:
  37
  38    .. prompt:: bash #
  39
  40      ceph orch host add *<newhost>* [*<ip>*] [*<label1> ...*]
  41
  42    For example:
  43
  44    .. prompt:: bash #
  45
  46      ceph orch host add host2 10.10.0.102
  47      ceph orch host add host3 10.10.0.103
  48
  49    It is best to explicitly provide the host IP address.  If an IP is
  50    not provided, then the host name will be immediately resolved via
  51    DNS and that IP will be used.
  52
  53    One or more labels can also be included to immediately label the
  54    new host.  For example, by default the ``_admin`` label will make
  55    cephadm maintain a copy of the ``ceph.conf`` file and a
  56    ``client.admin`` keyring file in ``/etc/ceph``:
  57
  58    .. prompt:: bash #
  59
  60        ceph orch host add host4 10.10.0.104 --labels _admin
  61
  62 .. _cephadm-removing-hosts:
  63
  64 Removing Hosts
  65 ==============
  66
  67 If the node that want you to remove is running OSDs, make sure you remove the OSDs from the node.
  68
  69 To remove a host from a cluster, do the following:
  70
  71 For all Ceph service types, except for ``node-exporter`` and ``crash``, remove
  72 the host from the placement specification file (for example, cluster.yml).
  73 For example, if you are removing the host named host2, remove all occurrences of
  74 ``- host2`` from all ``placement:`` sections.
  75
  76 Update:
  77
  78 .. code-block:: yaml
  79
  80   service_type: rgw
  81   placement:
  82     hosts:
  83     - host1
  84     - host2
  85
  86 To:
  87
  88 .. code-block:: yaml
  89
  90
  91   service_type: rgw
  92   placement:
  93     hosts:
  94     - host1
  95
  96 Remove the host from cephadm's environment:
  97
  98 .. prompt:: bash #
  99
 100   ceph orch host rm host2
 101
 102
 103 If the host is running ``node-exporter`` and crash services, remove them by running
 104 the following command on the host:
 105
 106 .. prompt:: bash #
 107
 108   cephadm rm-daemon --fsid CLUSTER_ID --name SERVICE_NAME
 109
 110 .. _orchestrator-host-labels:
 111
 112 Host labels
 113 ===========
 114
 115 The orchestrator supports assigning labels to hosts. Labels
 116 are free form and have no particular meaning by itself and each host
 117 can have multiple labels. They can be used to specify placement
 118 of daemons. See :ref:`orch-placement-by-labels`
 119
 120 Labels can be added when adding a host with the ``--labels`` flag::
 121
 122   ceph orch host add my_hostname --labels=my_label1
 123   ceph orch host add my_hostname --labels=my_label1,my_label2
 124
 125 To add a label a existing host, run::
 126
 127   ceph orch host label add my_hostname my_label
 128
 129 To remove a label, run::
 130
 131   ceph orch host label rm my_hostname my_label
 132
 133
 134 .. _cephadm-special-host-labels:
 135
 136 Special host labels
 137 -------------------
 138
 139 The following host labels have a special meaning to cephadm.  All start with ``_``.
 140
 141 * ``_no_schedule``: *Do not schedule or deploy daemons on this host*.
 142
 143   This label prevents cephadm from deploying daemons on this host.  If it is added to
 144   an existing host that already contains Ceph daemons, it will cause cephadm to move
 145   those daemons elsewhere (except OSDs, which are not removed automatically).
 146
 147 * ``_no_autotune_memory``: *Do not autotune memory on this host*.
 148
 149   This label will prevent daemon memory from being tuned even when the
 150   ``osd_memory_target_autotune`` or similar option is enabled for one or more daemons
 151   on that host.
 152
 153 * ``_admin``: *Distribute client.admin and ceph.conf to this host*.
 154
 155   By default, an ``_admin`` label is applied to the first host in the cluster (where
 156   bootstrap was originally run), and the ``client.admin`` key is set to be distributed
 157   to that host via the ``ceph orch client-keyring ...`` function.  Adding this label
 158   to additional hosts will normally cause cephadm to deploy config and keyring files
 159   in ``/etc/ceph``.
 160
 161 Maintenance Mode
 162 ================
 163
 164 Place a host in and out of maintenance mode (stops all Ceph daemons on host)::
 165
 166     ceph orch host maintenance enter <hostname> [--force]
 167     ceph orch host maintenace exit <hostname>
 168
 169 Where the force flag when entering maintenance allows the user to bypass warnings (but not alerts)
 170
 171 See also :ref:`cephadm-fqdn`
 172
 173 Host Specification
 174 ==================
 175
 176 Many hosts can be added at once using
 177 ``ceph orch apply -i`` by submitting a multi-document YAML file::
 178
 179     ---
 180     service_type: host
 181     hostname: node-00
 182     addr: 192.168.0.10
 183     labels:
 184     - example1
 185     - example2
 186     ---
 187     service_type: host
 188     hostname: node-01
 189     addr: 192.168.0.11
 190     labels:
 191     - grafana
 192     ---
 193     service_type: host
 194     hostname: node-02
 195     addr: 192.168.0.12
 196
 197 This can be combined with service specifications (below) to create a cluster spec
 198 file to deploy a whole cluster in one command.  see ``cephadm bootstrap --apply-spec``
 199 also to do this during bootstrap. Cluster SSH Keys must be copied to hosts prior to adding them.
 200
 201 SSH Configuration
 202 =================
 203
 204 Cephadm uses SSH to connect to remote hosts.  SSH uses a key to authenticate
 205 with those hosts in a secure way.
 206
 207
 208 Default behavior
 209 ----------------
 210
 211 Cephadm stores an SSH key in the monitor that is used to
 212 connect to remote hosts.  When the cluster is bootstrapped, this SSH
 213 key is generated automatically and no additional configuration
 214 is necessary.
 215
 216 A *new* SSH key can be generated with::
 217
 218   ceph cephadm generate-key
 219
 220 The public portion of the SSH key can be retrieved with::
 221
 222   ceph cephadm get-pub-key
 223
 224 The currently stored SSH key can be deleted with::
 225
 226   ceph cephadm clear-key
 227
 228 You can make use of an existing key by directly importing it with::
 229
 230   ceph config-key set mgr/cephadm/ssh_identity_key -i <key>
 231   ceph config-key set mgr/cephadm/ssh_identity_pub -i <pub>
 232
 233 You will then need to restart the mgr daemon to reload the configuration with::
 234
 235   ceph mgr fail
 236
 237 Configuring a different SSH user
 238 ----------------------------------
 239
 240 Cephadm must be able to log into all the Ceph cluster nodes as an user
 241 that has enough privileges to download container images, start containers
 242 and execute commands without prompting for a password. If you do not want
 243 to use the "root" user (default option in cephadm), you must provide
 244 cephadm the name of the user that is going to be used to perform all the
 245 cephadm operations. Use the command::
 246
 247   ceph cephadm set-user <user>
 248
 249 Prior to running this the cluster ssh key needs to be added to this users
 250 authorized_keys file and non-root users must have passwordless sudo access.
 251
 252
 253 Customizing the SSH configuration
 254 ---------------------------------
 255
 256 Cephadm generates an appropriate ``ssh_config`` file that is
 257 used for connecting to remote hosts.  This configuration looks
 258 something like this::
 259
 260   Host *
 261   User root
 262   StrictHostKeyChecking no
 263   UserKnownHostsFile /dev/null
 264
 265 There are two ways to customize this configuration for your environment:
 266
 267 #. Import a customized configuration file that will be stored
 268    by the monitor with::
 269
 270      ceph cephadm set-ssh-config -i <ssh_config_file>
 271
 272    To remove a customized SSH config and revert back to the default behavior::
 273
 274      ceph cephadm clear-ssh-config
 275
 276 #. You can configure a file location for the SSH configuration file with::
 277
 278      ceph config set mgr mgr/cephadm/ssh_config_file <path>
 279
 280    We do *not recommend* this approach.  The path name must be
 281    visible to *any* mgr daemon, and cephadm runs all daemons as
 282    containers. That means that the file either need to be placed
 283    inside a customized container image for your deployment, or
 284    manually distributed to the mgr data directory
 285    (``/var/lib/ceph/<cluster-fsid>/mgr.<id>`` on the host, visible at
 286    ``/var/lib/ceph/mgr/ceph-<id>`` from inside the container).
 287
 288 .. _cephadm-fqdn:
 289
 290 Fully qualified domain names vs bare host names
 291 ===============================================
 292
 293 .. note::
 294
 295   cephadm demands that the name of the host given via ``ceph orch host add``
 296   equals the output of ``hostname`` on remote hosts.
 297
 298 Otherwise cephadm can't be sure that names returned by
 299 ``ceph * metadata`` match the hosts known to cephadm. This might result
 300 in a :ref:`cephadm-stray-host` warning.
 301
 302 When configuring new hosts, there are two **valid** ways to set the
 303 ``hostname`` of a host:
 304
 305 1. Using the bare host name. In this case:
 306
 307 -  ``hostname`` returns the bare host name.
 308 -  ``hostname -f`` returns the FQDN.
 309
 310 2. Using the fully qualified domain name as the host name. In this case:
 311
 312 -  ``hostname`` returns the FQDN
 313 -  ``hostname -s`` return the bare host name
 314
 315 Note that ``man hostname`` recommends ``hostname`` to return the bare
 316 host name:
 317
 318     The FQDN (Fully Qualified Domain Name) of the system is the
 319     name that the resolver(3) returns for the host name, such as,
 320     ursula.example.com. It is usually the hostname followed by the DNS
 321     domain name (the part after the first dot). You can check the FQDN
 322     using ``hostname --fqdn`` or the domain name using ``dnsdomainname``.
 323
 324     .. code-block:: none
 325
 326           You cannot change the FQDN with hostname or dnsdomainname.
 327
 328           The recommended method of setting the FQDN is to make the hostname
 329           be an alias for the fully qualified name using /etc/hosts, DNS, or
 330           NIS. For example, if the hostname was "ursula", one might have
 331           a line in /etc/hosts which reads
 332
 333                  127.0.1.1    ursula.example.com ursula
 334
 335 Which means, ``man hostname`` recommends ``hostname`` to return the bare
 336 host name. This in turn means that Ceph will return the bare host names
 337 when executing ``ceph * metadata``. This in turn means cephadm also
 338 requires the bare host name when adding a host to the cluster:
 339 ``ceph orch host add <bare-name>``.
 340
 341 ..
 342   TODO: This chapter needs to provide way for users to configure
 343   Grafana in the dashboard, as this is right no very hard to do.