|
|
kvm 虚机virsh 添加ceph存储认证4 p) x/ I0 j3 m
3 T6 N3 {) R: I" R/ V5 ?
添加认证账号
5 c K( E! ~2 Z2 T ~
5 |/ b1 ~2 R$ d; h0 o/ {# ?% n/ Q) t- L% N1 n" w
5 P' ^7 q+ o) z. p; z8 h% N$ ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children,allow rwx pool=volumes' ' j# j7 q% J% k$ t; i" J
[client.cinder]
- b: d) N& { [8 H key = AQDMgQ9nOz4CIhAAcwnv8rvNYNe5oE5hnU2Y9A==
' R5 @, k D2 ]4 P, M- r/ i2 n4 ]. e4 C" J: w! K; j
将认证信息放入文件中:
# V/ @: @% E# F$ ceph auth get-or-create client.cinder | tee /etc/ceph/ceph.client.cinder.keyring . v" w4 R' _# X' q
[client.cinder]
) `4 t0 e2 s/ b. Z% \4 |9 p0 p; D key = AQDMgQ9nOz4CIhAAcwnv8rvNYNe5oE5hnU2Y9A==% D% y! e. h. U* a) V
& F3 [+ p3 ]9 N6 A% i# W& Z# B$ w) l配置认证加密文件:4 q, M4 R' |. L$ n4 K( F) \
cat > secret.xml << EOF; \0 f, ^3 G! Y# C
<secret ephemeral='no' private='no'>0 A( L/ H/ F6 Y, q! g
<uuid>3d5f35f2-7fd8-4b3c-8c86-7b40ec8f5c5b</uuid>- Q1 }0 r2 L4 E" A/ E' l. K8 ?4 ?
<usage type='ceph'>
5 S" k" e% }0 P, E+ C <name>client.cinder secret</name>& ]3 w* q; A: H) i2 y' @5 e
</usage>
' S4 r; p7 A% P8 C* C! y9 h1 t </secret>! }. n6 B; I% W a
5 _9 @5 r e: S
EOF; I' L3 p: a* R2 e( j! a
7 n9 T; D; D# g- I) o* m
添加认证:( c* F# b) D; L8 G4 u
$ virsh secret-define --file secret.xml
* X! x, F% |. q$ c; S8 lSecret 3d5f35f2-7fd8-4b3c-8c86-7b40ec8f5c5b created
% i/ X+ [7 |* ^
) r; F2 d4 C S# ]- h1 l- F* R. s并设置认证的值:9 O" d5 A% q0 M5 M
$ virsh secret-set-value --secret 3d5f35f2-7fd8-4b3c-8c86-7b40ec8f5c5b --base64 AQDMgQ9nOz4CIhAAcwnv8rvNYNe5oE5hnU2Y9A==0 R% h/ n4 P3 u+ G, ]
Secret value set$ H1 K7 a O$ X
7 S) [5 L, x$ i7 r查看设置好的值:" I6 \* J! }5 I j5 p
$ virsh secret-list
% p/ L2 s5 Q* N UUID Usage
/ w8 M9 O, Z8 g4 Y% P# F-------------------------------------------------------------------) c7 O5 J% N8 u) i0 f4 B
3d5f35f2-7fd8-4b3c-8c86-7b40ec8f5c5b ceph client.cinder secret; L1 u! E- T; p* g* w) T4 s9 S
/ F( m& \& D1 I9 T1 Z( L) h
& a$ @ A4 `; K: Y1 J0 D此时添加认证完成。! W+ ]% Z1 f1 P' v. V; g
, l2 P$ F e2 v, t j3 {, X1 U |
|
发表于 2024-10-16 17:21:05