ceph官方文档:https://docs.ceph.com/en/latest/start/intro/一. ceph组件:Monitors,Managers,OSDs,MDSs
Monitors:Ceph Monitor ( ceph-mon) 维护集群状态的映射,包括监视器映射、管理器映射、OSD 映射、MDS 映射和 CRUSH 映射。这些映射是 Ceph 守护进程相互协调所需的关键集群状态。监视器还负责管理守护进程和客户端之间的身份验证。通常至少需要三个监视器才能实现冗余和高可用性。
Managers:Ceph 管理器守护进程 ( ceph-mgr) 负责跟踪运行时指标和 Ceph 集群的当前状态,包括存储利用率、当前性能指标和系统负载。Ceph 管理器守护进程还托管基于 Python 的模块来管理和公开 Ceph 集群信息,包括基于 Web 的Ceph 仪表板和 REST API。高可用性通常至少需要两个管理器。
Ceph OSD:Ceph OSD(对象存储守护进程 ceph-osd)存储数据,处理数据复制、恢复、重新平衡,并通过检查其他 Ceph OSD 守护进程的心跳来向 Ceph 监视器和管理器提供一些监控信息。通常至少需要 3 个 Ceph OSD 来实现冗余和高可用性。
MDS:Ceph 元数据服务器(MDS,ceph-mds)代表Ceph 文件系统存储元数据(即 Ceph 块设备和 Ceph 对象存储不使用 MDS)。Ceph的元数据服务器允许POSIX文件系统的用户来执行基本的命令(如 ls,find没有放置在一个Ceph存储集群的巨大负担,等等)。
二.可以支持的文件系统: 文件存储,块存储,对象存储,这三种存储方式没有优劣之分,取决于应用场景。
三.ceph数据的写流程:分为两步,第一步,根据Hash算法来计算对象名称,将其映射到对应的PG;第二部,根据Crush算法将PG映射到对应的OSD。
四.ceph的安装:
环境部署
windows10操作系统 + VMware15 + Ubuntu18.04 安装 + Ceph Pacific
在windows10上面安装了VMware15,ceph部署在ubuntu18上,使用10台服务器
ceph组件:
网络:在VMWare上设置的,集群网络用的仅主机模式,节点网络使用的nat模式,因此出公网用的节点网络,配置的时候。默认网关配置在节点网络
集群网络: 192.168.133.0/24
节点网络: 192.168.241.0/24
部署节点:
192.168.241.11 ceph-deploy
monitor节点:
192.168.241.12 ceph-mon1
192.168.241.13 ceph-mon2
192.168.241.14 ceph-mon3
manger节点:
192.168.241.15 ceph-mgr1
192.168.241.16 ceph-mgr2
node节点4个
192.168.241.17 ceph-node1
192.168.241.18 ceph-node2
192.168.241.19 ceph-node3
192.168.241.20 ceph-node4
1.配置主机名和网卡信息,按照上面的ip和主机名对应,vi /etc/hostname,并重启服务器
采用主机模式和nat模式,ens33是主机模式,ens38是nat模式,要想在
huahualin@ceph-deploy:~$ cat /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
ens33:
dhcp4: no
dhcp6: no
addresses: [192.168.133.11/24]
# gateway4: 192.168.1.1
#nameservers:
# addresses: [114.114.114.114]
ens38:
dhcp4: no
dhcp6: no
addresses: [192.168.241.11/24]
gateway4: 192.168.241.2
nameservers:
addresses: [114.114.114.114]
#重启网卡服务
huahualin@ceph-deploy:~$ sudo netplan apply
@ceph-deploy:~$ ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.133.11 netmask 255.255.255.0 broadcast 192.168.133.255
inet6 fe80::20c:29ff:fe9f:ab01 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:9f:ab:01 txqueuelen 1000 (Ethernet)
RX packets 150 bytes 24996 (24.9 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 15 bytes 1146 (1.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens38: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.241.11 netmask 255.255.255.0 broadcast 192.168.241.255
inet6 fe80::20c:29ff:fe9f:ab0b prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:9f:ab:0b txqueuelen 1000 (Ethernet)
RX packets 3957 bytes 432025 (432.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3215 bytes 1097834 (1.0 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>=
loop txqueuelen 1000 (Local Loopback)
RX packets 8 bytes 836 (836.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 836 (836.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
2.所有服务器上执行提升普通用户权限,免密执行命令,指定完毕后退出到huahualin普通用户环境
~$ sudo -i
~# echo 'huahualin ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers
~# exit
3.在ceph-deploy节点安装并部署ansible
#安装ansible
huahualin@ceph-deploy:~$ sudo apt install ansible -y
#配置免密登录,一路回车
huahualin@ceph-deploy:~$ ssh-keygen
#配置deploy节点到各服务器的互信,huahualin到huahualin的互信,将公钥拷贝到相应节点
huahualin@ceph-deploy:~$for i in `cat 1` ;do echo huahualin@1234| ssh-copy-id -i /home/huahualin/.ssh/id_rsa.pub $i;done
cat /etc/ansible/hosts
[mon]
192.168.241.12 ansible_ssh_user=huahualin
192.168.241.13 ansible_ssh_user=huahualin
192.168.241.14 ansible_ssh_user=huahualin
[mgr]
192.168.241.15 ansible_ssh_user=huahualin
192.168.241.16 ansible_ssh_user=huahualin
[node]
192.168.241.17 ansible_ssh_user=huahualin
192.168.241.18 ansible_ssh_user=huahualin
192.168.241.19 ansible_ssh_user=huahualin
192.168.241.20 ansible_ssh_user=huahualin
#配置主机名解析
huahualin@ceph-deploy:~$ cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 192.localdomain 192
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
192.168.241.11 ceph-deploy
192.168.241.12 ceph-mon1
192.168.241.13 ceph-mon2
192.168.241.14 ceph-mon3
192.168.241.15 ceph-mgr1
192.168.241.16 ceph-mgr2
192.168.241.17 ceph-node1
192.168.241.18 ceph-node2
192.168.241.19 ceph-node3
192.168.241.20 ceph-node4
#将/etc/hosts文件主机名解析拷贝到各服务器,-f是并发的线程数,-m指定copy模块,-a指定参数
huahualin@ceph-deploy:~$ ansible all -f 9 -m copy -a "src=/etc/hosts dest=/etc"
#配置ceph的源,找到清华镜像源,按照网站的提示替换相应的源就是了
先导入key
https://mirrors.tuna.tsinghua.edu.cn/help/ceph/
只需要把文档中出现的 download.ceph.com 替换为 mirrors.tuna.tsinghua.edu.cn/ceph 即可。
即:wget -q -O- 'https://download.ceph.com/keys/release.asc' | sudo apt-key add -
替换为: 导入密钥需要在每个服务器都要导入
wget -q -O- 'https://mirrors.tuna.tsinghua.edu.cn/ceph/keys/release.asc' | sudo apt-key add -
而ceph的版本这是使用pacific ,系统ubuntu18也要替换成bonic
sudo apt-add-repository 'deb https://mirrors.tuna.tsinghua.edu.cn/ceph/debian-octopus/ buster main'
替换成:
sudo apt-add-repository 'deb https://mirrors.tuna.tsinghua.edu.cn/ceph/debian-pacific bionic main'
配置好镜像仓库将配置部署到所有服务器:普通用户只能拷贝到tmp目录下,这块我也没找到直接拷贝过去的办法,所以先拷贝到tmp然后再拷贝到相应/etc/apt目录下
huahualin@ceph-deploy:~$ansible all -f 9 -m copy -a "src=/etc/apt/sources.list dest=/tmp"
huahualin@ceph-deploy:~$ ansible all -f 9 -m shell -a "sudo cp /tmp/sources.list /etc/apt/"
#然后所有节点更新源,执行
huahualin@ceph-deploy:~$ sudo apt update
#创建一个普通账户ceph来部署ceph
sudo groupadd ceph -g 2021 && sudo useradd -m -s /bin/bash -u 2021 -g 2021 ceph && sudo echo ceph:ceph@1234| sudo chpasswd
#所有节点执行,让ceph以非交互式的方式执行命令,官方安装部署需要ceph用户执行
huahualin@ceph-deploy:~$ sudo -i
root@ceph-deploy:~# sudo echo 'ceph ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers
root@ceph-deploy:~# exit
#配置deploy节点的ceph用户到各服务器ceph用户的互信,先切换到ceph用户
huahualin@ceph-deploy:~$ su - ceph
Password:
ceph@ceph-deploy:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/ceph/.ssh/id_rsa):
Created directory '/home/ceph/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/ceph/.ssh/id_rsa.
Your public key has been saved in /home/ceph/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:41lBo965Bsmv+a3fhDZN4NCoD0FXm3rSB2qC0t3nXIw ceph@ceph-deploy
The key's randomart image is:
+---[RSA 2048]----+
| . +.. |
| . + + o |
| o + * |
| . = * O = |
| . o S X E = |
| . . @ B * |
| o = * o |
| + o + |
| o.ooo . |
+----[SHA256]-----+
ceph@ceph-deploy:~$ for i in {12..20};do ssh-copy-id -i /home/ceph/.ssh/id_rsa.pub 192.168.241.$i;done
#到这里为止,可以可以给每个服务器,包括deploy创建快照,以便于后来重新部署恢复
#安装ceph-deploy部署工具,这里使用ceph,但是此知名用户名被人熟知不太安全,ceph名被保留给了Ceph守护进程,升级前必须先删掉这个用户,也可以使用别的普通用户名替代,
ceph@ceph-deploy:~$ sudo apt-cache madison ceph-deploy
ceph-deploy | 2.0.1 | https://mirrors.tuna.tsinghua.edu.cn/ceph/debian-pacific bionic/main amd64 Packages
ceph-deploy | 2.0.1 | https://mirrors.tuna.tsinghua.edu.cn/ceph/debian-pacific bionic/main i386 Packages
ceph-deploy | 1.5.38-0ubuntu1 | https://mirrors.tuna.tsinghua.edu.cn/ubuntu bionic/universe amd64 Packages
ceph-deploy | 1.5.38-0ubuntu1 | https://mirrors.tuna.tsinghua.edu.cn/ubuntu bionic/universe i386 Packages
ceph@ceph-deploy:~$ sudo apt install ceph-deploy -y
#创建生成集群
mkdir ceph-cluster
cd ceph-clusteceph-deploy new --cluster-network 192.168.133.0/24 --public-network 192.168.241.0/24 ceph-mon1
会生成:只是生成配置文件,还没有在mon服务器上安装任何包
ceph.conf ceph-deploy-ceph.log ceph.mon.keyring
ceph@ceph-deploy:~/ceph-cluster$ cat ceph.conf
[global]
fsid = 30e28db1-cfea-4e9d-9be6-148d4fa39545 #集群id
public_network = 192.168.241.0/24
cluster_network = 192.168.133.0/24
mon_initial_members = ceph-mon1
mon_host = 192.168.241.12
auth_cluster_required = cephx
auth_service_required = cephx
auth_client_required = cephx
#在所有mon节点安装ceph-mon,用于初始化mon,一路默认就好了
sudo apt install ceph-mon -y
#到ceph-deploy节点上初始化mon节点,会读取ceph.conf配置文件读取配置去到相应的节点初始化,并在mon节点上重建ceph用户的家目录,uid和gid不变,装包的时候会新建一个用户,key就会变了,到后面可以重新导入一次key。并在deploy节点上生成各组件的key
ceph@ceph-deploy:~/ceph-cluster$ ceph-deploy mon create-initial
到mon节点查看,
huahualin@ceph-mon1:~$ cat /etc/passwd
ceph:x:2021:2021:Ceph storage service:/var/lib/ceph:/bin/bash
进程也起来了:
huahualin@ceph-mon1:~$ ps axu|grep mon
ceph 12110 0.1 2.0 480392 41648 ? Ssl 23:39 0:00 /usr/bin/ceph-mon -f --cluster ceph --id ceph-mon1 --setuser ceph --setgroup ceph
#到deploy节点安装ceph-comman查看集群状态,这里要退出ceph登录,也不要经过ceph的登录终端,直接点从别的用户登录安装,不然会和ceph的家目录冲突,要么使用ceph之外的用户安装,要么重新登录终端安装
ceph@ceph-deploy:~/ceph-cluster$ exit
logout
huahualin@ceph-deploy:~/ceph-cluster$ sudo -i
root@ceph-deploy:~# apt install -y ceph-common
#能使用ceph这个命令说明就已经好了,因为配置还没有弄好,所以汇报这个错
huahualin@ceph-deploy:~/ceph-cluster$ ceph -s
Error initializing cluster client: ObjectNotFound('RADOS object not found (error calling conf_read_file)',)
#ceph-deploy上把key拷贝到新生成的家目录,
sudo - ceph
cp /home/ceph/ceph-cluster /var/lib/ceph/ -r
#然后到ceph-cluster目录下执行ceph -s,会看到很多错误,需要使用admin去推送这些key才能管理ceph
ceph@ceph-deploy:/home/ceph/ceph-cluster$ cd /var/lib/ceph/ceph-cluster/
ceph@ceph-deploy:~/ceph-cluster$ ceph -s
#推送key到指定服务器,就会在相应机器的/etc/ceph目录下得到ceph.conf和key文件
到node1上看
ceph-deploy admin ceph-node1 ceph-deploy #推送给自己
ceph-deploy admin ceph-node1 ceph-node2 ceph-node3 ceph-node4 #推送给别的节点
#到刚刚推送的几个节点上查看
root@ceph-node1:~# ls /etc/ceph/
ceph.client.admin.keyring ceph.conf rbdmap tmpMLt9SR
#授权,到推送的个节点上修改key文件权限,默认是root的,普通用户不能使用
-u 把用户改为ceph,下面到推送了key的节点进行授权
ceph@ceph-deploy:~/ceph-cluster$ sudo setfacl -m u:ceph:rw /etc/ceph/ceph.client.admin.keyring
如果没有setfacl这个命令,需要安装acl包
ceph@ceph-deploy:~/ceph-cluster$ sudo apt install acl
#可以查看有一个mon节点
ceph@ceph-deploy:~/ceph-cluster$ ceph -s
cluster:
id: 30e28db1-cfea-4e9d-9be6-148d4fa39545
health: HEALTH_WARN
mon is allowing insecure global_id reclaim
services:
mon: 1 daemons, quorum ceph-mon1 (age 80m)
mgr: no daemons active
osd: 0 osds: 0 up, 0 in
data:
pools: 0 pools, 0 pgs
objects: 0 objects, 0 B
usage: 0 B used, 0 B / 0 B avail
pgs:
#到mgr节点安装mgr
sudo apt install ceph-mgr
#创建一个mrg节点,到deploy上指执行
ceph@ceph-deploy:~/ceph-cluster$ ceph-deploy mgr create ceph-mgr1
可以查看,有一个mgr节点了
ceph@ceph-deploy:~/ceph-cluster$ ceph -s
cluster:
id: 30e28db1-cfea-4e9d-9be6-148d4fa39545
health: HEALTH_WARN
mon is allowing insecure global_id reclaim
services:
mon: 1 daemons, quorum ceph-mon1 (age 82m)
mgr: ceph-mgr1(active, since 4s)
osd: 0 osds: 0 up, 0 in
data:
pools: 0 pools, 0 pgs
objects: 0 objects, 0 B
usage: 0 B used, 0 B / 0 B avail
pgs:
#deploy添加osd
添加osd之前安装node节点的基本环境,初始化node环境:
ceph@ceph-deploy:~$ ceph-deploy install --no-adjust-repos --nogpgcheck ceph-node1
ceph@ceph-deploy:~$ ceph-deploy install --no-adjust-repos --nogpgcheck ceph-node2
ceph@ceph-deploy:~$ ceph-deploy install --no-adjust-repos --nogpgcheck ceph-node3
ceph@ceph-deploy:~$ ceph-deploy install --no-adjust-repos --nogpgcheck ceph-node4
解决ceph -s 告警 mon is allowing insecure global_id reclaim,需要禁用非安全模式,执行如下命令
ceph config set mon auth_allow_insecure_global_id_reclaim false
#擦除磁盘之前安装基本运行环境
ceph@ceph-deploy:~$ ceph-deploy install --release pacific ceph-node1
ceph@ceph-deploy:~$ ceph-deploy install --release pacific ceph-nod32
ceph@ceph-deploy:~$ ceph-deploy install --release pacific ceph-node4
ceph@ceph-deploy:~$ ceph-deploy install --release pacific ceph-node4
#新加磁盘不重启系统
root@ceph-node2:~# ls /sys/class/scsi_host/
host0 host11 host14 host17 host2 host22 host25 host28 host30 host4 host7
host1 host12 host15 host18 host20 host23 host26 host29 host31 host5 host8
host10 host13 host16 host19 host21 host24 host27 host3 host32 host6 host9
root@ceph-node2:~# for i in {0..32};do echo "- - -" > /sys/class/scsi_host/host$i/scan;done
#擦除磁盘,只能擦除b到d盘,因为sda是系统盘不能擦除
ceph@ceph-deploy:~$ ceph-deploy disk zap ceph-node1 /dev/sdb
for i in {b..d};do ceph-deploy disk zap ceph-node1 /dev/sd$i ;done
for i in {b..d};do ceph-deploy disk zap ceph-node2 /dev/sd$i ;done
for i in {b..d};do ceph-deploy disk zap ceph-node3 /dev/sd$i ;done
echo ceph@1234|for i in {b..d};do ceph-deploy disk zap ceph-node4 /dev/sd$i ;done
#添加主机磁盘osd,id从0开始
数据:对象数据,元数据,wal日志即预写日志
for i in {b..d};do ceph-deploy osd create ceph-node1 --data /dev/sd$i;done
for i in {b..d};do ceph-deploy osd create ceph-node2 --data /dev/sd$i;done
for i in {b..d};do ceph-deploy osd create ceph-node3 --data /dev/sd$i;done
for i in {b..d};do ceph-deploy osd create ceph-node4 --data /dev/sd$i;done
#查看集群状态,正常
ceph@ceph-deploy:~$ ceph -s
cluster:
id: 30e28db1-cfea-4e9d-9be6-148d4fa39545
health: HEALTH_OK
services:
mon: 1 daemons, quorum ceph-mon1 (age 4h)
mgr: ceph-mgr1(active, since 5h)
osd: 12 osds: 12 up (since 14s), 12 in (since 22s)
data:
pools: 1 pools, 1 pgs
objects: 0 objects, 0 B
usage: 74 MiB used, 240 GiB / 240 GiB avail
pgs: 1 active+clean
#创建存储池
ceph@ceph-deploy:~$ ceph osd pool create --help
osd pool create <pool> [<pg_num:int>] [<pgp_num: create pool
int>] [replicated|erasure] [<erasure_code_profile>]
[<rule>] [<expected_num_objects:int>] [<size:int>]
[<pg_num_min:int>] [on|off|warn] [<target_size_
bytes:int>] [<target_size_ratio:float>]
ceph osd pool create mypool 32 32
ceph osd pool ls #查看有多少存储池 rados lspools
ceph pg ls-by-pool mypool
ceph@ceph-deploy:~$ ceph pg ls-by-pool mypool | awk '{print $1,$2,$15}'
pg一定是跨主机的
ceph@ceph-deploy:~$ ceph osd tree
ID CLASS WEIGHT TYPE NAME STATUS REWEIGHT PRI-AFF
-1 0.23383 root default
-3 0.05846 host ceph-node1
0 hdd 0.01949 osd.0 up 1.00000 1.00000
1 hdd 0.01949 osd.1 up 1.00000 1.00000
2 hdd 0.01949 osd.2 up 1.00000 1.00000
-5 0.05846 host ceph-node2
3 hdd 0.01949 osd.3 up 1.00000 1.00000
5 hdd 0.01949 osd.5 up 1.00000 1.00000
7 hdd 0.01949 osd.7 up 1.00000 1.00000
-7 0.05846 host ceph-node3
4 hdd 0.01949 osd.4 up 1.00000 1.00000
6 hdd 0.01949 osd.6 up 1.00000 1.00000
8 hdd 0.01949 osd.8 up 1.00000 1.00000
-9 0.05846 host ceph-node4
9 hdd 0.01949 osd.9 up 1.00000 1.00000
10 hdd 0.01949 osd.10 up 1.00000 1.00000
11 hdd 0.01949 osd.11 up 1.00000 1.00000
#ceph 的 rados 命令可以实现访问 ceph 对象存储的功能
ceph@ceph-deploy:~$ sudo rados put msg1 /var/log/syslog --pool=mypool
--pool=mypool #把 messages 文件上传到 mypool 并指定对象 id 为 msg1
ceph@ceph-deploy:~$ sudo rados ls --pool=mypool
msg1
#mon的高可用,现在mon节点安装mon的组件包ceph-mon
sudo apt -y install ceph-mon
#deploy节点上添加mon节点,此前已经有mon1了
ceph@ceph-deploy:~$ ceph-deploy mon add ceph-mon2
ceph@ceph-deploy:~$ ceph-deploy mon add ceph-mon3
#查看mon节点状态:
ceph@ceph-deploy:~$ ceph quorum_status -f json-pretty
#mgr节点扩展,mgr不能进行选举,没有高可用功能,一般两个就够了,也有M/S这种高可用,一个节点挂了,另外一个也会主动接管服务,此前已经有一个mgr1了,只需要创建mgr2
ceph@ceph-deploy:~$ ceph-deploy mgr create ceph-mgr2
#创建块存储
$ ceph osd pool create myrbd1 64 64 #创建存储池,指定 pg 和 pgp 的数量,pgp 是对存在
于 pg 的数据进行组合存储,pgp 通常等于 pg 的值
ceph osd pool application enable myrbd1 rbd #对存储池启用 RBD 功能
rbd pool init -p myrbd1 #初始化、
还不能直接用,需要先挂上去
#需要
集群网络给自己管理使用,外部网络是给客户端使用的
#mon节点
#部署客户端
如果还要部署客户端,客户端也要导入key