|
|
kvm 虚机virsh 添加ceph存储认证( a/ ^3 y& u6 ?; j1 }* t
% d) K& M" E2 f' }' k {9 E1 k添加认证账号
. l. Q2 x5 g& H8 H% S" ?
7 G# ^* Z+ P' l8 U4 Y0 ]2 {
9 }4 S4 Y9 H' D* I5 E+ \% \8 U( \1 }/ C6 y: @6 r+ U
$ ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children,allow rwx pool=volumes' . V0 b4 B: A, |/ c
[client.cinder]
. K7 ]) v" V2 O9 l. B9 e. n key = AQDMgQ9nOz4CIhAAcwnv8rvNYNe5oE5hnU2Y9A==
: m1 c: r4 f* }8 a+ L n7 h; Y1 ^" z" y
将认证信息放入文件中:
0 K' @' r% o( O! X$ ceph auth get-or-create client.cinder | tee /etc/ceph/ceph.client.cinder.keyring
) c* Z V1 d; D+ N- t1 L& k* ~. `1 `[client.cinder]2 d- o4 f* j/ I* S( O/ [! H
key = AQDMgQ9nOz4CIhAAcwnv8rvNYNe5oE5hnU2Y9A==. q3 o9 s9 y2 C Z2 p& R- `; h9 b
9 n* u8 C! n; R9 p/ M配置认证加密文件:
5 Z, i. v$ c/ ? T) Z- Lcat > secret.xml << EOF
0 O! N, }, S) F* a3 V<secret ephemeral='no' private='no'>+ E- J }! G: Y: X
<uuid>3d5f35f2-7fd8-4b3c-8c86-7b40ec8f5c5b</uuid>2 M: B- B4 V: B) _3 e( {- L& L5 Q
<usage type='ceph'>
9 Z+ T5 D$ x- |0 _ <name>client.cinder secret</name>' q k' E6 Y6 H: \
</usage>
" D( L+ H `( A7 B. s+ ~7 y6 ~ </secret>
* X& i( Z# N* W% @
0 V5 v- n8 |# [+ q- j8 }5 K1 XEOF
8 F1 a) g" ~# z4 D! N4 \* F5 m& o! |: W/ p, ~4 Z3 D
添加认证:
. c [" r1 \) j9 U9 T2 u$ virsh secret-define --file secret.xml
+ r- R+ Y5 Q0 e% u: W7 i1 DSecret 3d5f35f2-7fd8-4b3c-8c86-7b40ec8f5c5b created2 f& f" W" L' W: D3 z
2 V% Z0 w: o; r$ q% N并设置认证的值:4 P+ `" b% a! Z1 H0 Y4 p3 l
$ virsh secret-set-value --secret 3d5f35f2-7fd8-4b3c-8c86-7b40ec8f5c5b --base64 AQDMgQ9nOz4CIhAAcwnv8rvNYNe5oE5hnU2Y9A==& a7 M- ], F/ C8 q" X
Secret value set/ x s% E/ t6 S* T$ y0 Q0 ^
" f! K' U& d) y
查看设置好的值:$ W5 E+ x T7 I
$ virsh secret-list ' Z5 S# z0 d( ~' K
UUID Usage5 M/ |; j& p" r
-------------------------------------------------------------------
8 _6 M6 T2 ^ k$ J- J4 v# k, d 3d5f35f2-7fd8-4b3c-8c86-7b40ec8f5c5b ceph client.cinder secret
0 p8 Y' P( Z/ e
! s ^* P4 q0 \. M
* a6 D* W8 L' M/ g+ V0 U此时添加认证完成。% ^7 q+ V5 Z. R( t2 x- J) s% ]" z# U3 W
% I; ] |! \# F v6 e |
|
发表于 2024-10-16 17:21:05