ceph的用户管理和cephx认证

运维小文2024-11-30 9:15

用户权限概述

用户格式

参考链接:

权限:https://docs.ceph.com/en/latest/rados/operations/user-management/#authorization-capabilities

用户:https://docs.ceph.com/en/reef/rados/operations/user-management/

ceph的用户格式TYPEID.USERID

  • TYPEID也叫用户类型,有2用户类型;内置组件用户(mon,mds,rgw,osd,mgr)和普通用户(client)

  • USERID,就是用户名,可以是数字。

    • 比如表示ods的第0块磁盘,对应的是ods.0
    • 也可以是字符串,比如管理员用户,对应的是client.admin
    • 用户可以自定义USERID,比如client.wzy,client.wenzhiyong

用户权限

每个用户都可以授权,使用caps字段关联。授权的格式allow 权限

  • r:读权限

  • w: 写权限

  • x:执行权限,可以调用方法(这些方法可能存在读写等操作),还可以执行mon的auth等相关命令

  • *:拥有rwx等权限

  • profile osd:可以获取OSD的状态信息

  • profile mds:可以获取mds的状态信息

举例ceph系统组件的权限就在授权文件中体现:

bash 复制代码 
[root@ceph141~]# cat /etc/ceph/ceph.client.admin.keyring
[client.admin]
	key = AQAlsChnHubLJRAAH2s3vhyGrxgba8anloPDtg==
	caps mds = "allow *"
	caps mgr = "allow *"
	caps mon = "allow *"
	caps osd = "allow *"

查看管理员权限

bash 复制代码 
[root@ceph141~]# ceph auth get client.admin
[client.admin]
	key = AQAlsChnHubLJRAAH2s3vhyGrxgba8anloPDtg==
	caps mds = "allow *"
	caps mgr = "allow *"
	caps mon = "allow *"
	caps osd = "allow *"

查看其他用户权限,可以发现osd也算用户

bash 复制代码 
[root@ceph141~]# ceph auth list
osd.0
	key: AQAJ1Chn4kJoMxAAO/sYaCTyTyJE6TSclIxKsA==
	caps: [mgr] allow profile osd
	caps: [mon] allow profile osd
	caps: [osd] allow *
osd.1
	key: AQA21ChniKrACRAANYkBLMXK5BThtHgTrNVqNw==
	caps: [mgr] allow profile osd
	caps: [mon] allow profile osd
	caps: [osd] allow *
...
client.admin
	key: AQAlsChnHubLJRAAH2s3vhyGrxgba8anloPDtg==
	caps: [mds] allow *
	caps: [mgr] allow *
	caps: [mon] allow *
	caps: [osd] allow *
client.bootstrap-mds
	key: AQAnsChncF9lOxAAGmqKpDlaOTzxCAX20uo6EA==
	caps: [mon] allow profile bootstrap-mds
client.bootstrap-mgr
	key: AQAnsChnx2VlOxAABgp0KiClbDnraMQ6ZGEpBQ==
	caps: [mon] allow profile bootstrap-mgr
client.bootstrap-osd
	key: AQAnsChnxGtlOxAAkCnj4ZlBhzIpr4vk6pcUdA==
	caps: [mon] allow profile bootstrap-osd
client.bootstrap-rbd
	key: AQAnsChnjnFlOxAAQUXJdflbTiKjW/ZbKGgE1w==
	caps: [mon] allow profile bootstrap-rbd
client.bootstrap-rbd-mirror
	key: AQAnsChni3dlOxAAb6TImPKkGrR1baZO8AdYGg==
	caps: [mon] allow profile bootstrap-rbd-mirror
client.bootstrap-rgw
	key: AQAnsChnm39lOxAAy6Qs5u3d5YidcT6cWaOH6A==
	caps: [mon] allow profile bootstrap-rgw
client.ceph-exporter.ceph141
	key: AQBgsChn0hbwGxAA6y6Op/+2zPirhwH4UqV5UQ==
	caps: [mgr] allow r
	caps: [mon] allow r
	caps: [osd] allow r
client.ceph-exporter.ceph142
	key: AQBMzyhnBYIxOxAAF4seBajmPKYWmzuM6XKqqQ==
	caps: [mgr] allow r
	caps: [mon] allow r
	caps: [osd] allow r
client.ceph-exporter.ceph143
	key: AQBjzyhnUbSSGRAAtt4r+evuoNE+ciwx/ymv1A==
	caps: [mgr] allow r
	caps: [mon] allow r
	caps: [osd] allow r
client.crash.ceph141
	key: AQBhsChngfrUIRAA2TjOYgDQQ4NENaU7p3EwHw==
	caps: [mgr] profile crash
	caps: [mon] profile crash
client.crash.ceph142
	key: AQBPzyhnKwm4ExAAZ/0a6FVAWJFjSbRozum/PA==
	caps: [mgr] profile crash
	caps: [mon] profile crash
client.crash.ceph143
	key: AQBlzyhn9+GPNBAA3NZddZGiXoyLrf9J9M7wQw==
	caps: [mgr] profile crash
	caps: [mon] profile crash
mgr.ceph141.yvswvf
	key: AQAlsChnJpeKMhAAsiyirSCpqTIgh3mB7o4V7g==
	caps: [mds] allow *
	caps: [mon] profile mgr
	caps: [osd] allow *
mgr.ceph142.gtcikx
	key: AQBRzyhnal2kLhAA4DvZbY7TiWIxWSg1Tw3ZQw==
	caps: [mds] allow *
	caps: [mon] profile mgr
	caps: [osd] allow *

三种方式自定义普通用户

创建用户方式参考链接::https://docs.ceph.com/en/nautilus/rados/operations/user-management/#add-a-user

1 直接创建

bash 复制代码 
[root@ceph141~]# ceph auth add client.wzy666 mon 'allow r' osd 'allow * pool=zhiyong18-rbd'
added key for client.wzy666

client.wzy666:这是客户端名称,表示要为此客户端添加权限。

mon 'allow r':为该客户端授予对 monitor(监视器)的读取权限 (r),意味着该客户端可以查看集群状态、查询信息等。

osd 'allow * pool=zhiyong18-rbd':为该客户端授予对 OSD(对象存储设备)上名为 zhiyong18-rbd 的池的所有权限。allow * 表示允许所有操作(如读写),但限制在 zhiyong18-rbd 这个特定的池上

验证用户wzy666的权限

bash 复制代码 
[root@ceph141~]# ceph auth get client.wzy666
[client.wzy666]
	key = AQB+KypnuKsqDhAA1VYxg0qKjp4G3Lr+CUebHA==
	caps mon = "allow r"
	caps osd = "allow * pool=zhiyong18-rbd"

2 查看若不存在则创建

1.查看用户是否存在

bash 复制代码 
[root@ceph141~]# ceph auth get client.wenzhiyong
Error ENOENT: failed to find client.wenzhiyong in keyring

2.若用户不存在则创建

bash 复制代码 
[root@ceph141~]# ceph auth get-or-create client.wenzhiyong mon 'allow r' osd 'allow rwx'
[client.wenzhiyong]
	key = AQBgLypnfvLQBxAApSe9WoyC5ys1mySFPzjTfw==

再次查看用户信息

bash 复制代码 
[root@ceph141~]# ceph auth get client.wenzhiyong
[client.wenzhiyong]
	key = AQBgLypnfvLQBxAApSe9WoyC5ys1mySFPzjTfw==
	caps mon = "allow r"
	caps osd = "allow rwx"

4.如果用户存在,再去创建是会报错的

bash 复制代码 
[root@ceph141~]# ceph auth get-or-create client.wenzhiyong mon 'allow r' osd 'allow *'
Error EINVAL: key for client.wenzhiyong exists but cap osd does not match

5.若用户存在且权限匹配则打印KEY

bash 复制代码 
[root@ceph141~]# ceph auth get-or-create client.wenzhiyong mon 'allow r' osd 'allow rwx'
[client.wenzhiyong]
	key = AQBgLypnfvLQBxAApSe9WoyC5ys1mySFPzjTfw==

6.查看最终的权限

bash 复制代码 
[root@ceph141~]# ceph auth get client.wenzhiyong
[client.wenzhiyong]
	key = AQBgLypnfvLQBxAApSe9WoyC5ys1mySFPzjTfw==
	caps mon = "allow r"
	caps osd = "allow rwx"

3 查看权限若没有就创建

1.查看用户k8s不存在

bash 复制代码 
[root@ceph141~]# ceph auth get client.k8s
Error ENOENT: failed to find client.k8s in keyring

2.创建用户并返回KEY

bash 复制代码 
ceph auth get-or-create-key client.k8s mon 'allow r' osd 'allow rwx'

再次查看用户信息

bash 复制代码 
[root@ceph141~]# ceph auth get client.k8s
[client.k8s]
	key = AQCfMCpnrHrtJBAAoLnVptDFXrhIzZKWIp16nw==
	caps mon = "allow r"
	caps osd = "allow rwx"

3.若用户存在则且权限不匹配则报错

bash 复制代码 
[root@ceph141~]# ceph auth get-or-create-key client.k8s mon 'allow r' osd 'allow *'
Error EINVAL: key for client.k8s exists but cap osd does not match

若用户存在且权限匹配则打印KEY

bash 复制代码 
[root@ceph141~]# ceph auth get-or-create-key client.k8s mon 'allow r' osd 'allow rwx'
AQCfMCpnrHrtJBAAoLnVptDFXrhIzZKWIp16nw==

ceph auth print-key打印已经存在用户的KEY,如果用户不存在则报错,如果用户存在则打印该用户对应的KEY信息

bash 复制代码 
[root@ceph141~]# ceph auth print-key client.wzy666 | more
AQB+KypnuKsqDhAA1VYxg0qKjp4G3Lr+CUebHA==
[root@ceph141~]# ceph auth get client.wzy666
[client.wzy666]
	key = AQB+KypnuKsqDhAA1VYxg0qKjp4G3Lr+CUebHA==
	caps mon = "allow r"
	caps osd = "allow * pool=zhiyong18-rbd"

用户权限修改

修改权限参考链接:https://docs.ceph.com/en/nautilus/rados/operations/user-management/#modify-user-capabilities

1.查看权限后,进行修改

bash 复制代码 
[root@ceph141~]# ceph auth get client.wzy666
[client.wzy666]
	key = AQB+KypnuKsqDhAA1VYxg0qKjp4G3Lr+CUebHA==
	caps mon = "allow r"
	caps osd = "allow * pool=zhiyong18-rbd"
[root@ceph141~]# ceph auth caps client.wzy666 mon 'allow rx' osd 'allow r pool=wenzhiyong18-rbd'
updated caps for client.wzy666

2.查看修改权后的auth

bash 复制代码 
[root@ceph141~]# ceph auth get client.wzy666
[client.wzy666]
	key = AQB+KypnuKsqDhAA1VYxg0qKjp4G3Lr+CUebHA==
	caps mon = "allow rx"
	caps osd = "allow r pool=wenzhiyong18-rbd"

用户的删除

用户删除参考链接:https://docs.ceph.com/en/nautilus/rados/operations/user-management/#delete-a-user

1.直接删除用户wzy666

bash 复制代码 
[root@ceph141~]# ceph auth get client.wzy666
[client.wzy666]
	key = AQB+KypnuKsqDhAA1VYxg0qKjp4G3Lr+CUebHA==
	caps mon = "allow rx"
	caps osd = "allow r pool=wenzhiyong18-rbd"


[root@ceph141~]# ceph auth del client.wzy666

ceph用户的备份和恢复

用户数据备份

参考链接:

https://docs.ceph.com/en/nautilus/rados/operations/user-management/#get-a-user

https://docs.ceph.com/en/nautilus/rados/operations/user-management/#import-a-user-s

1.创建测试用户

bash 复制代码 
[root@ceph141~]# ceph auth add client.wzy666 mon 'allow r' osd 'allow * pool=zhiyong18-rbd'
added key for client.wzy666
[root@ceph141~]# ceph auth get client.wzy666
[client.wzy666]
	key = AQB2NipneGZcCBAAqL6zGHCpU2uwM15R05uHzQ==
	caps mon = "allow r"
	caps osd = "allow * pool=zhiyong18-rbd"

2.导出用户到文件,用于模拟备份。这一步只是创建文件并不会写入

bash 复制代码 
[root@ceph141~]# ceph-authtool --create-keyring ceph.client.wzy666.keyring
creating ceph.client.wzy666.keyring
[root@ceph141~]# ls
ceph.client.wzy666.keyring
[root@ceph141~]# cat ceph.client.wzy666.keyring 
[root@ceph141~]#

3.将内容导出到指定文件

[root@ceph141~]# ceph auth get client.wzy666 -o ceph.client.wzy666.keyring

4.查看文件内容

bash 复制代码 
[root@ceph141~]# cat ceph.client.wzy666.keyring 
[client.wzy666]
	key = AQB2NipneGZcCBAAqL6zGHCpU2uwM15R05uHzQ==
	caps mon = "allow r"
	caps osd = "allow * pool=zhiyong18-rbd"

总结:不如ceph auth get client.wzy666 > ceph.client.wzy666.keyring

用户数据导入

1.删除用户

bash 复制代码 
ceph auth del client.wzy666

2.导入用户文件信息

bash 复制代码 
[root@ceph141~]# ceph auth import -i ceph.client.wzy666.keyring

3.验证用户信息完整性

bash 复制代码 
[root@ceph141~]# ceph auth get client.wzy666
[client.wzy666]
	key = AQB2NipneGZcCBAAqL6zGHCpU2uwM15R05uHzQ==
	caps mon = "allow r"
	caps osd = "allow * pool=zhiyong18-rbd"

导出授权文件并验证用户权限

1.ceph141节点创建1个普通用户并保存到一个文件中

bash 复制代码 
[root@ceph141~]# ceph auth get-or-create client.k3s mon 'allow r' osd 'allow * pool=zhiyong18-rdb'
[client.k3s]
	key = AQCzRSpn1SShChAAPmJUYIvCKsuAH47HDNWD0A==
	
[root@ceph141~]# ceph auth export client.k3s -o ceph.client.k3s.keyring
[root@ceph141~]# cat ceph.client.k3s.keyring
[client.k3s]
	key = AQCzRSpn1SShChAAPmJUYIvCKsuAH47HDNWD0A==
	caps mon = "allow r"
	caps osd = "allow * pool=zhiyong18-rdb"

2.ceph142节点删除原来的管理员授权文件,再次访问权限报错

bash 复制代码 
[root@ceph142~]# rm -f  /etc/ceph/ceph.client.admin.keyring
[root@ceph142~]# ceph -s
2024-11-05T23:38:38.932+0800 7f7fe4d69640 -1 auth: unable to find a keyring on /etc/ceph/ceph.client.admin.keyring,/etc/ceph/ceph.keyring,/etc/ceph/keyring,/etc/ceph/keyring.bin: (2) No such file or directory
2024-11-05T23:38:38.932+0800 7f7fe4d69640 -1 AuthRegistry(0x7f7fe00672a0) no keyring found at /etc/ceph/ceph.client.admin.keyring,/etc/ceph/ceph.keyring,/etc/ceph/keyring,/etc/ceph/keyring.bin, disabling cephx
2024-11-05T23:38:38.936+0800 7f7fe4d69640 -1 auth: unable to find a keyring on /etc/ceph/ceph.client.admin.keyring,/etc/ceph/ceph.keyring,/etc/ceph/keyring,/etc/ceph/keyring.bin: (2) No such file or directory
2024-11-05T23:38:38.936+0800 7f7fe4d69640 -1 AuthRegistry(0x7f7fe4d67f60) no keyring found at /etc/ceph/ceph.client.admin.keyring,/etc/ceph/ceph.keyring,/etc/ceph/keyring,/etc/ceph/keyring.bin, disabling cephx
2024-11-05T23:38:38.936+0800 7f7fde59c640 -1 monclient(hunting): handle_auth_bad_method server allowed_methods [2] but i only support [1]
2024-11-05T23:38:38.936+0800 7f7fded9d640 -1 monclient(hunting): handle_auth_bad_method server allowed_methods [2] but i only support [1]
2024-11-05T23:38:38.936+0800 7f7fddd9b640 -1 monclient(hunting): handle_auth_bad_method server allowed_methods [2] but i only support [1]
2024-11-05T23:38:38.936+0800 7f7fe4d69640 -1 monclient: authenticate NOTE: no keyring found; disabled cephx authentication
[errno 13] RADOS permission denied (error connecting to the cluster)

3.服务端将认证文件拷贝到客户端

bash 复制代码 
[root@ceph141~]# scp ceph.client.k3s.keyring ceph142:/etc/ceph/

4.客户端验证权限

bash 复制代码 
[root@ceph142~]# ceph -s --user k3s
  cluster:
    id:     12fad866-9aa0-11ef-8656-6516a17ad6dd
    health: HEALTH_WARN
...

[root@ceph142~]# cat /etc/ceph/ceph.client.k3s.keyring
[client.k3s]
	key = AQCzRSpn1SShChAAPmJUYIvCKsuAH47HDNWD0A==
	caps mon = "allow r"
	caps osd = "allow * pool=zhiyong18-rdb"
bash 复制代码 
[root@ceph142~]# ceph --user k3s auth get client.k3s
Error EACCES: access denied

这是因为对用户相关的操作还没有执行权限,不能调用相关函数。后期添加上去就可以了

5.服务端尝试修改k3s用户权限

bash 复制代码 
[root@ceph141~]# ceph auth caps client.k3s mon 'allow rx' 
updated caps for client.k3

6.客户端再次验证权限。虽然客户端可以查看用户信息了,但是此时/etc/ceph/ceph.client.k3s.keyring是没有任何变化的;也就是说:本地的keyring文件的caps字段并没有作用,而是基于KEY访问集群进行验证的!

bash 复制代码 
[root@ceph142~]# ceph --user k3s auth get client.k3s
[client.k3s]
	key = AQCzRSpn1SShChAAPmJUYIvCKsuAH47HDNWD0A==
	caps mon = "allow rx"

[root@ceph142~]# cat /etc/ceph/ceph.client.k3s.keyring 
[client.k3s]
	key = AQCzRSpn1SShChAAPmJUYIvCKsuAH47HDNWD0A==
	caps mon = "allow r"
	caps osd = "allow * pool=zhiyong18-rdb"

7.进一步验证k3s用户的权限,可以查看池列表

bash 复制代码 
[root@ceph142~]# ceph --user k3s osd pool ls
.mgr
zhiyong-rbd
zhiyong18-rbd
zhiyong

但是没有权限访问存储池下的镜像文件

bash 复制代码 
[root@ceph142~]# rbd --id k3s -p zhiyong ls -l
2024-11-05T23:47:24.820+0800 7f8de091de00 -1 librbd::api::Image: list_images: error listing v1 images: (1) Operation not permitted
rbd: listing images failed: (1) Operation not permitted
[root@ceph142~]# rbd --id k3s -p zhiyong18-rbd ls -l
2024-11-05T23:48:00.588+0800 7f38f923ce00 -1 librbd::api::Image: list_images: error listing v1 images: (1) Operation not permitted
rbd: listing images failed: (1) Operation not permitted

8.服务端再次修改权限

bash 复制代码 
[root@ceph141~]# ceph auth get client.k3s
[client.k3s]
	key = AQCzRSpn1SShChAAPmJUYIvCKsuAH47HDNWD0A==
	caps mon = "allow rx"
[root@ceph141~]# ceph auth caps client.k3s  mon 'allow *'  osd 'allow *'
updated caps for client.k3s

10.客户端再次验证权限

bash 复制代码 
[root@ceph142~]# rbd --id k3s -p zhiyong18-rbd ls -l
NAME        SIZE   PARENT  FMT  PROT  LOCK
mysqld      5 GiB            2            
rbd-snap    2 GiB            2            
wordpress   2 GiB            2            
zhiyong     5 GiB            2            
zhiyong@v1  5 GiB            2            
zhiyong@v2  5 GiB            2            
zhiyong@v3  5 GiB            2            
zhiyong@v4  5 GiB            2            
zhiyong@v5  5 GiB            2            
zhiyong@v6  5 GiB            2

用户授权总结

1.如果使用"--user k3s"指定用户,则默认去找以下文件,找不到就报错:

  • /etc/ceph/ceph.client.k3s.keyring
  • /etc/ceph/ceph.keyring
  • /etc/ceph/keyring
  • /etc/ceph/keyring.bin

2.如果不使用"--user"选项,咱们可以立即为默认为"--user amdin"

  • /etc/ceph/ceph.client.admin.keyring
  • /etc/ceph/ceph.keyring
  • /etc/ceph/keyring
  • /etc/ceph/keyring.bin

3.对于认证文件不能随便起名字,而是需要遵循上述2条的规范文件命名,否则ceph不识别用户的配置文件

4 客户端在连接ceph集群时,仅需要读取keyring文件中的KEY值;其他caps字段会被忽视。也就是说,对于文件中只要保留key值依旧是有效的

cephx认证

01 cephx认证概述

参考链接:

https://docs.ceph.com/en/nautilus/rados/configuration/auth-config-ref/

https://docs.ceph.com/en/nautilus/rados/operations/operating/

https://docs.ceph.com/en/nautilus/architecture/#high-availability-authentication

  • 为了识别用户并防止中间人攻击,Ceph提供了cephx身份验证系统来验证用户和守护进程。但是注意cephx协议不解决传输中的数据加密(例如SSL/TLS)或静止时的加密问题

  • 不建议关闭cephx认证,因为没有认证则集群任意节点都可以直接操作,除非内环环境相对安全

02 cephx相关参数说明

  • auth_cluster_required
    • 如果启用,Ceph存储群集守护进程(即Ceph-mon、Ceph-osd、Ceph-mds和Ceph-mgr)必须相互进行身份验证
    • 有效设置为cephx或none,默认值为cephx
  • auth_service_required
    • 如果启用,则Ceph存储群集守护进程要求Ceph客户端向Ceph存储集群进行身份验证,以便访问Ceph服务
    • 有效设置为cephx或none,默认值为cephx
  • 有效设置为cephx或none,默认值为cephx
    • 如果启用,Ceph客户端需要Ceph存储群集向Ceph客户端进行身份验证
    • 有效设置为cephx或none,默认值为cephx

03 cephx启动和关闭

1.找到mon组件的容器

bash 复制代码 
[root@ceph141~]# docker ps -a | grep mon
aa345967806c   quay.io/ceph/ceph:v18                     "/usr/bin/ceph-mon -..."

2.进入容器,再关闭认证:在/etc/ceph/ceph.conf增加以下参数,修改后需重启集群

bash 复制代码 
auth_cluster_required = cephx
auth_service_required = cephx
auth_client_required = cephx

关闭认证:在vim /etc/ceph/ceph.conf改为以下参数

bash 复制代码 
auth_cluster_required = none
auth_service_required = none
auth_client_required = none
  - 有效设置为cephx或none,默认值为cephx
- 有效设置为cephx或none,默认值为cephx
  - 如果启用,Ceph客户端需要Ceph存储群集向Ceph客户端进行身份验证
  - 有效设置为cephx或none,默认值为cephx

## 03 cephx启动和关闭



1.找到mon组件的容器

```bash
[root@ceph141~]# docker ps -a | grep mon
aa345967806c   quay.io/ceph/ceph:v18                     "/usr/bin/ceph-mon -..."

2.进入容器,再关闭认证:在/etc/ceph/ceph.conf增加以下参数,修改后需重启集群

bash 复制代码 
auth_cluster_required = cephx
auth_service_required = cephx
auth_client_required = cephx

关闭认证:在vim /etc/ceph/ceph.conf改为以下参数

bash 复制代码 
auth_cluster_required = none
auth_service_required = none
auth_client_required = none
相关推荐
斯普信专业组1 天前
Rook入门:打造云原生Ceph存储的全面学习路径(上)
ceph·学习·云原生
斯普信专业组1 天前
Rook入门:打造云原生Ceph存储的全面学习路径(下)
ceph·学习·云原生
斯普信专业组2 天前
构建Ceph分布式文件共享系统:手动部署指南
分布式·ceph
一名路过的小码农8 天前
ceph 18.2.4二次开发,docker镜像制作
ceph·docker·容器
墨水\\11 天前
分布式----Ceph应用(下)
分布式·ceph
大G哥12 天前
基于K8S1.28.2实验rook部署ceph
java·ceph·云原生·容器·kubernetes
石兴稳13 天前
Ceph PG(归置组)的状态说明
ceph
石兴稳13 天前
Ceph层次架构分析
ceph
活老鬼13 天前
Ceph分布式存储
linux·运维·服务器·分布式·ceph
热门推荐
01【postgresql 基础入门】多表联合查询 join与union 并,交,差等集合操作,两者的区别之处02(欧拉)openEuler系统添加网卡文件配置流程、(欧拉)openEuler系统手动配置ipv6地址流程、(欧拉)openEuler系统网络管理说明03【HarmonyOS】HUAWEI DevEco Studio 下载地址汇总04如何识别手机是否有灵动岛(dynamic island)05Docker 夺命连环 15 问06PyTorch机器学习实现液态神经网络07百度云盘发展历程与影响08玄机平台应急响应—webshell查杀09Coze扣子平台完整体验和实践(附国内和国际版对比)10电源管理入门-21 SoC芯片中的电源管理