宿主机安装参考:https://www.cnblogs.com/mituxiaogaoyang/p/14489922.html
docker安装参考:https://blog.csdn.net/u014534808/article/details/109159160
注:docker中,在主节点生成密钥后,需将密钥复制到子节点中
宿主机问题
问题一
执行sudo ceph-deploy install admin-node node1 node2 node3报错:
错误一:
[admin][INFO ] Running command: rpm --import https://download.ceph.com/keys/release.asc
[admin][WARNIN] curl: (60) The certificate issuer's certificate has expired. Check your system date and time.
[admin][WARNIN] More details here: http://curl.haxx.se/docs/sslcerts.html
[admin][WARNIN]
[admin][WARNIN] curl performs SSL certificate verification by default, using a "bundle"
[admin][WARNIN] of Certificate Authority (CA) public keys (CA certs). If the default
[admin][WARNIN] bundle file isn't adequate, you can specify an alternate file
[admin][WARNIN] using the --cacert option.
[admin][WARNIN] If this HTTPS server uses a certificate signed by a CA represented in
[admin][WARNIN] the bundle, the certificate verification probably failed due to a
[admin][WARNIN] problem with the certificate (it might be expired, or the name might
[admin][WARNIN] not match the domain name in the URL).
[admin][WARNIN] If you'd like to turn off curl's verification of the certificate, use
[admin][WARNIN] the -k (or --insecure) option.
[admin][WARNIN] 错误:https://download.ceph.com/keys/release.asc: import read failed(2).
[admin][ERROR ] RuntimeError: command returned non-zero exit status: 1
[ceph_deploy][ERROR ] RuntimeError: Failed to execute command: rpm --import https://download.ceph.com/keys/release.asc
解决方案:
sudo yum install ca-certificates
sudo update-ca-trust extract
错误二:
curl: (35) Peer reports incompatible or unsupported protocol version
解决方案:
yum update -y nss curl libcurl
错误三:
[ceph_deploy][ERROR ] RuntimeError: NoSectionError: No section: 'ceph'
解决方案:
yum remove ceph-release
rm /etc/yum.repos.d/ceph.repo.rpmsave
问题二
执行
sudo yum install -y yum-utils && sudo yum-config-manager --add-repo https://dl.fedoraproject.org/pub/epel/7/x86_64/ && sudo yum install --nogpgcheck -y epel-release && sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 && rm /etc/yum.repos.d/dl.fedoraproject.org*
报错
解决方案:
参考https://blog.csdn.net/qq_33431394/article/details/107380003 中步骤6:管理节点安装ceph-deploy工具
问题三
初始化 monitor 节点并收集所有密钥:
sudo ceph-deploy --overwrite-conf mon create-initial
报错:
[ERROR ] ConfigError: Cannot load config: [Errno 2] No such file or directory: 'ceph.conf'; has `ceph-deploy new` been run in this directory?
解决方案:
切换至ceph.conf所在目录下
问题四
激活OSD,执行
sudo ceph-deploy osd activate node1:/data node2:/data node3:/data
报错:
** ERROR: error creating empty object store in /data: (28) No space left on device
解决方案:
node分区建议10G,不足10G的只要分区不小于6G均可
docker问题
问题一
执行start_mon.sh报错:
monmaptool: invalid ip:port
解决方案:
将脚本中的MON_IP修改为本机IP,重新执行脚本,再将另外两台机器以同样方法修改IP,同样执行脚本,确保三台服务器的mon镜像启动成功
问题二
创建dashboard账号密码docker exec mgr ceph dashboard set-login-credentials admin antiy@123 报错:
Invalid command: unused arguments: [u'antiy@123']
dashboard set-login-credentials <username> : Set the login credentials. Password read from -i <file>
Error EINVAL: invalid command
解决方案:
1、创建文件dashboard-passwd
2、将密码写入dashboard-passwd文件中:exho antiy@123 > dashboard-passwd
3、执行命令:docker exec mgr ceph dashboard set-login-credentials admin -i dashboard-passwd
问题三
执行ceph -s命令,health状态告警:
health: HEALTH_WARN
mons are allowing insecure global_id
解决方案:
如果AUTH_INSECURE_GLOBAL_ID_RECLAIM还没有引发健康警报并且auth_expose_insecure_global_id_reclaim尚未禁用该设置(默认情况下处于启用状态),则当前没有需要升级的客户端已连接,可以安全地禁止不安全的global_id回收:
ceph config set mon auth_allow_insecure_global_id_reclaim false
仍然有需要升级的客户端,则可以使用以下方法暂时使此警报静音:
ceph health mute AUTH_INSECURE_GLOBAL_ID_RECLAIM_ALLOWED 1w
也可以无限期地禁用此警告:
ceph config set mon mon_warn_on_insecure_global_id_reclaim_allowed false
问题四
启动docker报错:
error pulling image configuration: Get https:// ...... x509: certificate has expired or is not yet valid
解决方案:
yum install ntp -y
ntpdate ntp.api.bz