Giters

ceph / ceph-container

Docker files and images to run Ceph in containers

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

ceph uses normal users for ssh connections

DouBiquickrun opened this issue · comments

commented

My server is not allowed to remotely connect with the root user, so I use the option --ssh-user for my ubuntu user. However, I encountered such problems when I was cephadm bootstrap. I can ensure that my ubuntu user has the no-passwd sudo permission and ssh connection permission, here is my command: cephadm bootstrap --ssh-user ubuntu --mon-ip 192.168.1.91

  • Bug Report
    root@master01:~/kubernetes_cluster_v1.4# cephadm --image 192.168.1.91:5001/ceph:v17 bootstrap --ssh-user ubuntu --mon-ip 192.168.1.91 --config /tmp/temp/ ceph/initial-ceph.conf
    Verifying ssh connectivity ...
    Adding key to ubuntu@localhost authorized_keys...
    Verifying podman|docker is present...
    Verifying lvm2 is present...
    Verifying time synchronization is in place...
    Unit chrony.service is enabled and running
    Repeating the final host check...
    podman (/usr/bin/podman) version 3.4.4 is present
    systemctl is present
    lvcreate is present
    Unit chrony.service is enabled and running
    Host looks OK
    Cluster fsid: f6d40f8f-1654-11ee-893c-1f722227a74d
    Verifying IP 192.168.1.91 port 3300 ...
    Verifying IP 192.168.1.91 port 6789 ...
    Mon IP 192.168.1.91 is in CIDR network 192.168.1.0/24
    Mon IP 192.168.1.91 is in CIDR network 192.168.1.0/24
    Internal network (--cluster-network) has not been provided, OSD replication will default to the public_network
    Pulling container image 192.168.1.91:5001/ceph:v17...
    Ceph version: ceph version 17.2.5 (98318ae89f1a893a6ded3a640405cdbb33e08757) quincy (stable)
    Extracting ceph user uid/gid from container image...
    Creating initial keys...
    Creating initial monmap...
    Creating mon...
    Waiting for mon to start...
    Waiting for mon...
    mon is available
    Assimilating anything we can from ceph.conf...
    Generating new minimal ceph.conf...
    Restarting the monitor...
    Setting mon public_network to 192.168.1.0/24
    Wrote config to /etc/ceph/ceph.conf
    Wrote keyring to /etc/ceph/ceph.client.admin.keyring
    Creating mgr...
    Verifying port 9283 ...
    Waiting for mgr to start...
    Waiting for mgr...
    mgr not available, waiting (1/15)...
    mgr not available, waiting (2/15)...
    mgr not available, waiting (3/15)...
    mgr is available
    Enabling cephadm module...
    Waiting for the mgr to restart...
    Waiting for mgr epoch 5...
    mgr epoch 5 is available
    Setting orchestrator backend to cephadm...
    Generating ssh key...
    Wrote public SSH key to /etc/ceph/ceph.pub
    Adding key to ubuntu@localhost authorized_keys...
    Adding host master01...
    Non-zero exit code 22 from /usr/bin/podman run --rm --ipc=host --stop-signal=SIGTERM --net=host --entrypoint /usr/bin/ceph --init -e CONTAINER_IMAGE=192. 168.1.91:5001/ceph:v17 -e NODE_NAME=master01 -e CEPH_USE_RANDOM_NONCE=1 -v /var/log/ceph/f6d40f8f-1654-11ee-893c-1f722227a74d:/var/log/ceph:z -v /tmp/cep h-tmp5jhlt23e:/etc/ceph/ceph.client.admin.keyring:z -v /tmp/ceph-tmpmhyhhmfx:/etc/ceph/ceph.conf:z 192.168.1.91:5001/ceph:v17 orch host add master01 192. 168.1.91
    /usr/bin/ceph: stderr Error EINVAL: check-host failed:
    /usr/bin/ceph: stderr Unable to write master01:/var/lib/ceph/f6d40f8f-1654-11ee-893c-1f722227a74d/cephadm.059bfc99f5cf36ed881f2494b104711faf4cbf5fc86a959 4423cc105cafd9b4e: scp: /tmp/var/lib/ceph/f6d40f8f-1654-11ee-893c-1f722227a74d/cephadm.059bfc99f5cf36ed881f2494b104711faf4cbf5fc86a9594423cc105cafd9b4e.n ew: Permission denied
    ERROR: Failed to add host : Failed command: /usr/bin/podman run --rm --ipc=host --stop-signal=SIGTERM --net=host --entrypoint /usr/bin/ceph --i nit -e CONTAINER_IMAGE=192.168.1.91:5001/ceph:v17 -e NODE_NAME=master01 -e CEPH_USE_RANDOM_NONCE=1 -v /var/log/ceph/f6d40f8f-1654-11ee-893c-1f722227a74d: /var/log/ceph:z -v /tmp/ceph-tmp5jhlt23e:/etc/ceph/ceph.client.admin.keyring:z -v /tmp/ceph-tmpmhyhhmfx:/etc/ceph/ceph.conf:z 192.168.1.91:5001/ceph:v17 orch host add master01 192.168.1.91: Error EINVAL: check-host failed:
    Unable to write master01:/var/lib/ceph/f6d40f8f-1654-11ee-893c-1f722227a74d/cephadm.059bfc99f5cf36ed881f2494b104711faf4cbf5fc86a9594423cc105cafd9b4e: scp : /tmp/var/lib/ceph/f6d40f8f-1654-11ee-893c-1f722227a74d/cephadm.059bfc99f5cf36ed881f2494b104711faf4cbf5fc86a9594423cc105cafd9b4e.new: Permission denied

What you expected to happen:
I don't know if the --ssh-user parameter is used correctly, or tell me how to configure the normal account correctly

How to reproduce it (minimal and precise):
use -ssh-user

Environment:

  • OS (e.g. from /etc/os-release):Ubuntu 22.04.2
  • Kernel (e.g. uname -a):Linux master01 5.15.0-67-generic #74-Ubuntu SMP Wed Feb 22 14:14:39 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
  • Docker version (e.g. docker version):podman version 3.4.4
  • Ceph version (e.g. ceph -v):ceph version 17.2.5 (98318ae89f1a893a6ded3a640405cdbb33e08757) quincy (stable)