centos7安装ceph问题记录

  • Post author:
  • Post category:其他


宿主机安装参考:https://www.cnblogs.com/mituxiaogaoyang/p/14489922.html

docker安装参考:https://blog.csdn.net/u014534808/article/details/109159160


注:docker中,在主节点生成密钥后,需将密钥复制到子节点中



宿主机问题



问题一

执行sudo ceph-deploy install admin-node node1 node2 node3报错:

错误一:

[admin][INFO  ] Running command: rpm --import https://download.ceph.com/keys/release.asc
[admin][WARNIN] curl: (60) The certificate issuer's certificate has expired. Check your system date and time.
[admin][WARNIN] More details here: http://curl.haxx.se/docs/sslcerts.html
[admin][WARNIN] 
[admin][WARNIN] curl performs SSL certificate verification by default, using a "bundle"
[admin][WARNIN]  of Certificate Authority (CA) public keys (CA certs). If the default
[admin][WARNIN]  bundle file isn't adequate, you can specify an alternate file
[admin][WARNIN]  using the --cacert option.
[admin][WARNIN] If this HTTPS server uses a certificate signed by a CA represented in
[admin][WARNIN]  the bundle, the certificate verification probably failed due to a
[admin][WARNIN]  problem with the certificate (it might be expired, or the name might
[admin][WARNIN]  not match the domain name in the URL).
[admin][WARNIN] If you'd like to turn off curl's verification of the certificate, use
[admin][WARNIN]  the -k (or --insecure) option.
[admin][WARNIN] 错误:https://download.ceph.com/keys/release.asc: import read failed(2).
[admin][ERROR ] RuntimeError: command returned non-zero exit status: 1
[ceph_deploy][ERROR ] RuntimeError: Failed to execute command: rpm --import https://download.ceph.com/keys/release.asc

解决方案:

sudo yum install ca-certificates
sudo update-ca-trust extract

错误二:

curl: (35) Peer reports incompatible or unsupported protocol version

解决方案:

yum update -y nss curl libcurl

错误三:

[ceph_deploy][ERROR ] RuntimeError: NoSectionError: No section: 'ceph'

解决方案:

yum remove ceph-release
rm /etc/yum.repos.d/ceph.repo.rpmsave



问题二

执行

sudo yum install -y yum-utils && sudo yum-config-manager --add-repo https://dl.fedoraproject.org/pub/epel/7/x86_64/ && sudo yum install --nogpgcheck -y epel-release && sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 && rm /etc/yum.repos.d/dl.fedoraproject.org*

报错

解决方案:

参考https://blog.csdn.net/qq_33431394/article/details/107380003 中步骤6:管理节点安装ceph-deploy工具



问题三

初始化 monitor 节点并收集所有密钥:

sudo ceph-deploy --overwrite-conf mon create-initial

报错:

[ERROR ] ConfigError: Cannot load config: [Errno 2] No such file or directory: 'ceph.conf'; has `ceph-deploy new` been run in this directory?

解决方案:

切换至ceph.conf所在目录下



问题四

激活OSD,执行

sudo ceph-deploy osd activate node1:/data node2:/data node3:/data

报错:

** ERROR: error creating empty object store in /data: (28) No space left on device

解决方案:

node分区建议10G,不足10G的只要分区不小于6G均可



docker问题



问题一

执行start_mon.sh报错:

monmaptool: invalid ip:port

解决方案:

将脚本中的MON_IP修改为本机IP,重新执行脚本,再将另外两台机器以同样方法修改IP,同样执行脚本,确保三台服务器的mon镜像启动成功



问题二

创建dashboard账号密码docker exec mgr ceph dashboard set-login-credentials admin antiy@123 报错:

Invalid command: unused arguments: [u'antiy@123']
dashboard set-login-credentials <username> :  Set the login credentials. Password read from -i <file>
Error EINVAL: invalid command

解决方案:

1、创建文件dashboard-passwd

2、将密码写入dashboard-passwd文件中:exho antiy@123 > dashboard-passwd

3、执行命令:docker exec mgr ceph dashboard set-login-credentials admin -i dashboard-passwd



问题三

执行ceph -s命令,health状态告警:

    health: HEALTH_WARN
            mons are allowing insecure global_id 

在这里插入图片描述

解决方案:

如果AUTH_INSECURE_GLOBAL_ID_RECLAIM还没有引发健康警报并且auth_expose_insecure_global_id_reclaim尚未禁用该设置(默认情况下处于启用状态),则当前没有需要升级的客户端已连接,可以安全地禁止不安全的global_id回收: 
ceph config set mon auth_allow_insecure_global_id_reclaim false

仍然有需要升级的客户端,则可以使用以下方法暂时使此警报静音:
ceph health mute AUTH_INSECURE_GLOBAL_ID_RECLAIM_ALLOWED 1w

也可以无限期地禁用此警告: 
ceph config set mon mon_warn_on_insecure_global_id_reclaim_allowed false



问题四

启动docker报错:

error pulling image configuration: Get https:// ...... x509: certificate has expired or is not yet valid

解决方案:

yum install ntp -y
ntpdate ntp.api.bz



版权声明:本文为suo_y原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。