Ceph单节点集群内网搭建
搭建基于 CentOS 9 Stream 发行版,ceph基于最新版本20.1.1
安装流程
一、安装初始节点
1、网络配置(后续节点克隆后也需要修改此配置)
[connection]
id=ens18
uuid=73193754-d152-30be-8bb7-da6b6bf4b40c
type=ethernet
autoconnect-priority=-999
interface-name=ens18
permissions=
timestamp=1761707018
[ethernet]
mac-address-blacklist=
[ipv4]
address1=10.212.167.35/16,10.212.255.254
dns=8.8.8.8;
dns-search=
method=manual
[ipv6]
addr-gen-mode=eui64
dns-search=
method=auto
[proxy]bash
nmcli connection reload
nmcli connection up ens182、镜像源配置
[ceph]
name=Ceph packages for $basearch
baseurl=https://download.ceph.com/rpm-20.1.1/el9/$basearch
enabled=1
priority=2
gpgcheck=1
gpgkey=https://download.ceph.com/keys/release.asc
[ceph-noarch]
name=Ceph noarch packages
baseurl=https://download.ceph.comh/rpm-20.1.1/el9/noarch
enabled=1
priority=2
gpgcheck=1
gpgkey=https://download.ceph.com/keys/release.asc
[ceph-source]
name=Ceph source packages
baseurl=https://download.ceph.com/rpm-20.1.1/el9/SRPMS
enabled=0
priority=2
gpgcheck=1
gpgkey=https://download.ceph.com/keys/release.ascbash
dnf clean all
dnf makecache此外,还需要配置EPEL存储库
yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
rpm -i epel-release-latest-9.noarch.rpm
# 替换镜像源为阿里云镜像源
sed -i 's|^#baseurl=https://download.example/pub|baseurl=https://mirrors.aliyun.com|' /etc/yum.repos.d/epel* sed -i 's|^metalink|#metalink|' /etc/yum.repos.d/epel*bash
dnf clean all
dnf makecache二、ceph安装
1、核心依赖安装
bash
dnf install -y ceph-mon ceph-mgr ceph-osd ceph-common ceph-radosgw lvm2 chrony
dnf update -y openssh-server # 升级 sshd -> openssl升级,若不升级openssh-server后续会用不了2、开放必要端口
bash
firewall-cmd --permanent --add-port=6789/tcp
firewall-cmd --permanent --add-port=6800-7300/tcp
firewall-cmd --permanent --add-port=8443/tcp # dashboard
firewall-cmd --permanent --add-port=7480/tcp # RGW
firewall-cmd --reload3、前期准备
bash
export FSID=$(uuidgen) # 集群唯一标识
export MON_IP=$(ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '^127\.' | head -n 1) # 获取主机IP
export HOSTNAME=node$(echo "$MON_IP" | awk -F '.' '{print $4}') # 主机名bash
# 生成配置文件
sudo tee /etc/ceph/ceph.conf <<EOF
[global]
fsid = ${FSID}
mon_initial_members = ${HOSTNAME}
mon_host = ${MON_IP}:6789 # 必须带端口6789
public_network = 10.212.0.0/16 # 匹配网段
auth_cluster_required = cephx # 启用认证(必须)
auth_service_required = cephx
auth_client_required = cephx
osd_pool_default_size = 1 # 单节点强制设为1(默认3,无法满足)
osd_pool_default_min_size = 1
[mon]
mon_data = /var/lib/ceph/mon/ceph-${HOSTNAME} # Monitor数据目录
EOFbash
# 1. 创建admin密钥环(最高权限,用于管理集群)
ceph-authtool --create-keyring /etc/ceph/ceph.client.admin.keyring \
--gen-key -n client.admin \
--cap mon 'allow *' --cap osd 'allow *' --cap mgr 'allow *'
# 2. 创建Monitor密钥环(用于Monitor节点自身通信)
ceph-authtool --create-keyring /etc/ceph/ceph.mon.keyring \
--gen-key -n mon. \
--cap mon 'allow *'
# 3. 将admin密钥导入Monitor密钥环(让Monitor信任admin)
ceph-authtool /etc/ceph/ceph.mon.keyring \
--import-keyring /etc/ceph/ceph.client.admin.keyring
# 4. 设置密钥环权限(仅root和ceph用户可读写)
chmod 600 /etc/ceph/*.keyring4、初始化 Monitor 并启动服务
bash
# 1. 创建Monitor数据目录
mkdir -p /var/lib/ceph/mon/ceph-${HOSTNAME}
# 2. 生成monmap(Monitor节点映射文件,记录集群中所有mon的地址)
monmaptool --create \
--add ${HOSTNAME} ${MON_IP}:6789 \
--fsid ${FSID} \
/etc/ceph/monmap
# 3. 格式化Monitor数据目录(关联monmap和密钥环)
ceph-mon -i ${HOSTNAME} \
--mkfs \
--monmap /etc/ceph/monmap \
--keyring /etc/ceph/ceph.mon.keyring
# 4. 修改目录权限
chown -R ceph:ceph /var/lib/ceph/mon/ceph-${HOSTNAME}
# 5. 启动Monitor服务并设置开机自启
systemctl enable --now ceph-mon@${HOSTNAME}
# 查看启动状态 -> Active: active (running)
systemctl status ceph-mon@${HOSTNAME}5、初始化 Manager 并启动服务
bash
# 1. 创建数据目录
mkdir -p /var/lib/ceph/mgr/ceph-${HOSTNAME}
# 2. 生成Manager密钥(从admin密钥环导入,避免重复创建)
ceph auth get-or-create mgr.${HOSTNAME} \
mon 'allow profile mgr' \
osd 'allow *' \
mds 'allow *' \
-o /var/lib/ceph/mgr/ceph-${HOSTNAME}/keyring
# 3. 修改目录权限
chown -R ceph:ceph /var/lib/ceph/mgr/ceph-${HOSTNAME}
# 4. 启动 Manager 服务
systemctl enable --now ceph-mgr@${HOSTNAME}
# 查看集群mgr状态 -> "available": true
ceph mgr stat
# 查看启动状态 -> Active: active (running)
systemctl status ceph-mgr@${HOSTNAME}6、初始化 OSD 数据目录并启动服务
OSD需要关联独立磁盘,虚拟机需要添加三块新磁盘
bash
# 密钥环配置
mkdir -p /var/lib/ceph/bootstrap-osd/
chown -R ceph:ceph /var/lib/ceph/bootstrap-osd/
ceph-authtool --create-keyring /var/lib/ceph/bootstrap-osd/ceph.keyring --gen-key -n client.bootstrap-osd --cap mon 'allow profile bootstrap-osd'
chmod 600 /var/lib/ceph/bootstrap-osd/ceph.keyring
# 密钥环配置
ceph --keyring /etc/ceph/ceph.client.admin.keyring auth import -i /var/lib/ceph/bootstrap-osd/ceph.keyring
# 查看磁盘情况(添加的三块新磁盘分别为vdb vdc vdd)
lsblk
# osd
ceph-volume lvm create --data /dev/vdb
ceph-volume lvm create --data /dev/vdc
ceph-volume lvm create --data /dev/vdd
# 允许副本数为1(单节点必须配置,集群可以不用配置)
ceph config set mon mon_allow_pool_size_one true7、初始化 RGW 并启动服务
bash
# 1. 创建RGW数据目录
mkdir -p /var/lib/ceph/radosgw/ceph-${HOSTNAME}
chown -R ceph:ceph /var/lib/ceph/radosgw/
# 密钥文件生成
ceph auth get-or-create client.${HOSTNAME} \
osd 'allow rwx' \
mon 'allow rwx' \
mgr 'allow rwx' \
-o /var/lib/ceph/radosgw/ceph-${HOSTNAME}/keyring
# 修改相关权限
chown ceph:ceph /var/lib/ceph/radosgw/ceph-${HOSTNAME}/keyring
chmod 600 /var/lib/ceph/radosgw/ceph-${HOSTNAME}/keyring
# 启动服务并设置开机自启
systemctl enable --now ceph-radosgw@${HOSTNAME}
# 查看启动状态 -> Active: active (running)
systemctl status ceph-radosgw@${HOSTNAME}.service7、初始化 dashboard 并启动服务
bash
# 安装依赖
yum install ceph-mgr-dashboard -y
ceph mgr module enable dashboard
ceph dashboard create-self-signed-cert
# 密码配置(使用文件记录密码并配置)
echo 'eds@1234' > password.txt
ceph dashboard ac-user-create admin administrator -i password.txt
rm -f password.txt
# 查看访问地址 -> https://10.212.167.35:8443/ (防火墙之前已开启)
ceph mgr services