|
|
kvm 虚机virsh 添加ceph存储认证
- \ h: Y& X% }4 F0 i2 t, w; N" Q& ?2 y' P9 ?
添加认证账号1 f. \! ^8 u | z/ m
/ ]0 w; D7 s' a0 u! [
4 v4 k& o( V5 T& F1 E, h8 x9 ]+ d- u) D7 N, b( J+ _/ h
$ ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children,allow rwx pool=volumes'
6 I2 W: E% f3 ]3 c7 |. X[client.cinder]
3 [& i2 O& Q* l2 l: E p/ I* r0 L key = AQDMgQ9nOz4CIhAAcwnv8rvNYNe5oE5hnU2Y9A==/ J5 s. L' Q* j, K' l$ Y
( C, E/ h7 k6 G, A. h: N8 l将认证信息放入文件中:
& M; B; a3 S' T# c9 J$ ceph auth get-or-create client.cinder | tee /etc/ceph/ceph.client.cinder.keyring ( H; e0 m2 R6 _' z7 u/ `$ J( a
[client.cinder]
/ [; U0 H, o/ w# W g key = AQDMgQ9nOz4CIhAAcwnv8rvNYNe5oE5hnU2Y9A==
8 ^" |. _, o" _& j$ C) L2 ]( h
& w% n9 T+ R" r7 t) F4 \配置认证加密文件:
, I* f$ \8 A8 a8 X m" Kcat > secret.xml << EOF: L& C! c, \+ c
<secret ephemeral='no' private='no'>
) n9 h+ C8 P' J: D: q <uuid>3d5f35f2-7fd8-4b3c-8c86-7b40ec8f5c5b</uuid>% s$ c6 l- l; M# v$ [3 L
<usage type='ceph'>$ j* M# }8 t- ?
<name>client.cinder secret</name>2 u: C* ?0 `4 P) p
</usage>
* Z3 e+ Z9 l8 Y/ j: n </secret>0 u4 M5 L" r0 ]3 u1 I
' Q4 x9 t7 ~4 P- I% A1 dEOF. x3 B: a" M1 \
# B ?1 m) z) I) G4 X
添加认证:
. O p& D: _) f5 D; l/ f$ virsh secret-define --file secret.xml $ q7 h1 L2 V3 c* L3 @
Secret 3d5f35f2-7fd8-4b3c-8c86-7b40ec8f5c5b created: J p: P8 _/ ^0 X: d5 h$ v
0 [4 Q' `" p. i- K5 d" K1 v并设置认证的值: ~2 C- A# \( I7 |! }/ H/ K: i" m
$ virsh secret-set-value --secret 3d5f35f2-7fd8-4b3c-8c86-7b40ec8f5c5b --base64 AQDMgQ9nOz4CIhAAcwnv8rvNYNe5oE5hnU2Y9A==" D$ M* w3 r, C+ r
Secret value set1 E- e4 E* F% k- P% W
& E; R6 c# }$ e查看设置好的值:4 j/ L- _8 i; t* ?9 W4 X
$ virsh secret-list . d s8 I- E* b& t; X
UUID Usage
1 P( A: l/ S6 l' g& r% R-------------------------------------------------------------------/ x# m: B8 D! e3 @- ^( j
3d5f35f2-7fd8-4b3c-8c86-7b40ec8f5c5b ceph client.cinder secret
( ]; f+ M% A3 A. y- P$ X# \( x# s) K) h* k
0 }. X, \6 M. Y* d' b" n
此时添加认证完成。! f5 a5 x! l! Q% d' r. q
T: @) ]4 c4 \, R |
|
发表于 2024-10-16 17:21:05