ceph中怎么配置集群访问权限
这篇文章给大家介绍ceph中怎么配置集群访问权限,内容非常详细,感兴趣的小伙伴们可以参考借鉴,希望对大家能有所帮助。
1、配置文件/etc/ceph/ceph.conf如下
[global]
auth cluster required = cephx
auth service required = cephx
auth client required = cephx
;keyring = /etc/ceph/keyring
ax open files = 131072
log file = /var/log/ceph/$name.log
pid file = /var/run/ceph/$name.pid
osd pool default size = 2
osd pool default min_size = 1
[mon]
mon data = /data/$name
;keyring = /data/mon.0/keyring
[mon.0]
host = ceph-one
mon addr = 192.168.122.1:6789
;[mds]
;[mds.0]
;host = ceph-one
[osd]
osd data = /data/$name
osd journal = /data/$name/journal
osd journal size = 1000
osd mkfs type = xfs
devs = /dev/ceph/$name
osd crush update on start = 0
;keyring = /etc/ceph/keyring
[osd.0]
host = ceph-one
[osd.1]
host = ceph-two
[osd.2]
host = ceph-three
[osd.3]
host = ceph-four
[osd.4]
host = ceph-five
[osd.5]
host = ceph-six
如上所示auth cluster required=cepghx中三项全部配置为cephx选项,如果不做权限校验全部配置为none
2、生成keyring文件
ceph-authtool --create-keyring /data/mon.0/ceph.mon.keyring --gen-key -n mon. --cap mon 'allow *'
上面的命令生成keyring文件在/data/mon.0/ceph.mon.keyring,如果不配置monitor使用默认keyring文件/data/mon.0/keyring,其中/data/mon.0是ceph.conf的mon data配置目录
ceph auth get-or-create osd.0 mon 'allow rwx' osd 'allow *' -o /data/osd.0/keyring
上面命令生成osd的keyring
ceph auth get-or-create client.admin mds 'allow' osd 'allow *' mon 'allow *' > /etc/ceph/ceph.client.admin.keyring
上面命令生成client.admin的keyring,应该为rados的访问命令。
3、rados使用keyring访问代码示例
#include
#include
#include
rados_t cluster; //声明 集群句柄
rados_ioctx_t io;
char *poolname = "data";
char cluster_name[] = "ceph";
char user_name[] = "client.admin"; //用户名
uint64_t flags;
char xattr[] = "en_US";
int err;
char *buf, *st;
size_t buflen, stlen;
char *cmd[2];
cmd[1] = NULL;
err = rados_create2(&cluster, cluster_name, user_name, flags); //创建集群句柄
char fsid[50]={0};
if (err < 0)
{
fprintf(stderr, "%s: Couldn't create the cluster handle! %s\n", argv[0], strerror(-err));
exit(EXIT_FAILURE);
}
else
{
printf("\nCreated a cluster handle.\n");
}
//读取配置文件,完成cluster句柄
err = rados_conf_set(cluster,"mon_host", "127.0.0.1");
err = rados_conf_set(cluster,"key", "AQDhSK9UeA+nOhAAhA7s2GLdU8seDVMBqK+iwg==");
//err = rados_conf_read_file(cluster, "/etc/ceph/ceph.conf");
if (err < 0)
{
fprintf(stderr, "%s: cannot read config file: %s\n", argv[0], strerror(-err));
exit(EXIT_FAILURE);
}
else
{
printf("\nRead the config file.\n");
}
err = rados_connect(cluster);
注意rados_conf_set两行代码,我使用的ceph_test.c编译命令行
gcc ceph_test.c -o ceph_test -lrados
关于ceph中怎么配置集群访问权限就分享到这里了,希望以上内容可以对大家有一定的帮助,可以学到更多知识。如果觉得文章不错,可以把它分享出去让更多的人看到。
