Centos搭建ceph+++三、创建部署CEPH用户

三、创建部署CEPH用户

admin-node节点需要以普通用户登录 Ceph 节点，且此用户拥有无密码使用sudo的权限

1.安装ssh服务器（一般来说都是有的不用安装）

yum install openssh-server

2.在（所有节点上)创建ceph用户并设置密码

例子：

创建用户：

useradd -d /home/ceph -m ceph

设置密码：

passwd ceph

[root@admin-node ~]# useradd -d /home/ceph -m ceph[root@admin-node ~]# passwd cephChanging password for user ceph.New password: BAD PASSWORD: The password is shorter than 8 charactersRetype new password: passwd: all authentication tokens updated successfully.

3.（所有节点）确保各节点上新创建的用户都有sudo权限

echo "ceph ALL = (root) NOPASSWD:ALL" |  tee /etc/sudoers.d/ceph

chmod 0440 /etc/sudoers.d/ceph

[root@admin-node ~]# echo "ceph ALL = (root) NOPASSWD:ALL" |  tee /etc/sudoers.d/cephceph ALL = (root) NOPASSWD:ALL[root@admin-node ~]# chmod 0440 /etc/sudoers.d/ceph

4.admin-node节点上：

切换到ceph用户上执行

su - ceph

[root@admin-node ~]# su - ceph[ceph@admin-node ~]$ 

生成SSH密钥对（直接敲回车，啪啪啪）

ssh-keygen

[ceph@admin-node ~]$ ssh-keygenGenerating public/private rsa key pair.Enter file in which to save the key (/home/ceph/.ssh/id_rsa): Created directory '/home/ceph/.ssh'.Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/ceph/.ssh/id_rsa.Your public key has been saved in /home/ceph/.ssh/id_rsa.pub.The key fingerprint is:ef:65:ef:d9:62:76:4d:0d:90:b2:7a:46:41:a7:b9:42 ceph@admin-nodeThe key's randomart image is:+--[ RSA 2048]----+|         .. ..   ||          o+o    ||        E o+ .   ||       .  o.  .  ||        So.    ..||        .oo     o||         o. o  ..||         . o .+oo||          .  ++o.|+-----------------+

把公钥拷贝到各安装Ceph（node1,node2,node3）的节点

ssh-copy-id ceph@node1
ssh-copy-id ceph@node2
ssh-copy-id ceph@node3

[ceph@admin-node ~]$ ssh-copy-id ceph@node1The authenticity of host 'node1 (10.0.0.41)' can't be established.ECDSA key fingerprint is 99:1f:67:c5:00:1e:9c:cb:7d:d6:4f:d6:f6:c3:ef:f5.Are you sure you want to continue connecting (yes/no)? yes/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keysceph@node1's password: Number of key(s) added: 1Now try logging into the machine, with:   "ssh 'ceph@node1'"and check to make sure that only the key(s) you wanted were added.__________________________________________________________________________________________________________________________________________________________[ceph@admin-node ~]$ ssh-copy-id ceph@node2The authenticity of host 'node2 (10.0.0.42)' can't be established.ECDSA key fingerprint is 99:1f:67:c5:00:1e:9c:cb:7d:d6:4f:d6:f6:c3:ef:f5.Are you sure you want to continue connecting (yes/no)? yes/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keysceph@node2's password: Number of key(s) added: 1Now try logging into the machine, with:   "ssh 'ceph@node2'"and check to make sure that only the key(s) you wanted were added.__________________________________________________________________________________________________________________________________________________________[ceph@admin-node ~]$ ssh-copy-id ceph@node3The authenticity of host 'node3 (10.0.0.43)' can't be established.ECDSA key fingerprint is 99:1f:67:c5:00:1e:9c:cb:7d:d6:4f:d6:f6:c3:ef:f5.Are you sure you want to continue connecting (yes/no)? 123456Please type 'yes' or 'no': yes/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keysceph@node3's password: Number of key(s) added: 1Now try logging into the machine, with:   "ssh 'ceph@node3'"and check to make sure that only the key(s) you wanted were added.

验证admin-node节点是否可以无密码登陆各节点

ssh node1
ssh node2
ssh node3

[ceph@admin-node ~]$ ssh node1Last login: Mon Nov 27 16:14:16 2017 from admin-node[ceph@node1 ~]$ exitlogoutConnection to node1 closed.----------------------------------------------------------------------------------------------------------------------------------------------------------[ceph@admin-node ~]$ ssh node2Last login: Mon Nov 27 16:14:21 2017 from admin-node[ceph@node2 ~]$ exitlogoutConnection to node2 closed.----------------------------------------------------------------------------------------------------------------------------------------------------------[ceph@admin-node ~]$ ssh node3Last login: Mon Nov 27 16:14:54 2017 from admin-node[ceph@node3 ~]$ exitlogoutConnection to node3 closed.----------------------------------------------------------------------------------------------------------------------------------------------------------[ceph@admin-node ~]$ exitlogout[root@admin-node ~]#