ceph池
bash
#上传对象到池
[root@ceph1 ~ 10:06:33]# echo wotibibuweilichou > hosts1
[root@ceph1 ~ 10:11:22]# rados -p pool_web put hosts hosts1
#查看池中对象状态
[root@ceph1 ~ 10:11:31]# rados -p pool_web stat hosts
pool_web/hosts mtime 2026-05-29T10:11:31.000000+0800, size 18
#查看池对象位置
[root@ceph1 ~ 10:11:44]# ceph osd map pool_web hosts
osdmap e111 pool 'pool_web' (2) object 'hosts' -> pg 2.ea1b298e (2.e) -> up ([4,2], p4) acting ([4,2], p4)
[root@ceph1 ~ 10:11:51]# ceph osd metadata osd.4
{
"id": 4,
"arch": "x86_64",
"back_addr": "[v2:192.168.108.13:6810/1614879760,v1:192.168.108.13:6811/1614879760]",
"back_iface": "",
"bluefs": "1",
"bluefs_dedicated_db": "0",
"bluefs_dedicated_wal": "0",
"bluefs_single_shared_device": "1",
"bluestore_bdev_access_mode": "blk",
"bluestore_bdev_block_size": "4096",
"bluestore_bdev_dev_node": "/dev/dm-3",
"bluestore_bdev_devices": "nvme0n3",
"bluestore_bdev_driver": "KernelDevice",
"bluestore_bdev_partition_path": "/dev/dm-3",
"bluestore_bdev_rotational": "0",
"bluestore_bdev_size": "21470642176",
"bluestore_bdev_support_discard": "0",
"bluestore_bdev_type": "ssd",
"bluestore_min_alloc_size": "4096",
"ceph_release": "pacific",
"ceph_version": "ceph version 16.2.15 (618f440892089921c3e944a991122ddc44e60516) pacific (stable)",
"ceph_version_short": "16.2.15",
"ceph_version_when_created": "ceph version 16.2.15 (618f440892089921c3e944a991122ddc44e60516) pacific (stable)",
"container_hostname": "ceph3.my.cloud",
"container_image": "quay.io/ceph/ceph@sha256:6ba107eb55617994a9e6ed49fb938828c2ed3121aa19ceeffbf8e28608535d94",
"cpu": "11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz",
"created_at": "2026-05-27T06:12:51.095440Z",
"default_device_class": "ssd",
"device_ids": "nvme0n3=VMware_Virtual_NVMe_Disk_VMware_NVME_0000",
"device_paths": "nvme0n3=/dev/disk/by-path/pci-0000:0b:00.0-nvme-3",
"devices": "nvme0n3",
"distro": "centos",
"distro_description": "CentOS Stream 8",
"distro_version": "8",
"front_addr": "[v2:192.168.108.13:6808/1614879760,v1:192.168.108.13:6809/1614879760]",
"front_iface": "",
"hb_back_addr": "[v2:192.168.108.13:6814/1614879760,v1:192.168.108.13:6815/1614879760]",
"hb_front_addr": "[v2:192.168.108.13:6812/1614879760,v1:192.168.108.13:6813/1614879760]",
"hostname": "ceph3.my.cloud",
"journal_rotational": "0",
"kernel_description": "#1 SMP Thu May 30 04:13:58 UTC 2024",
"kernel_version": "4.18.0-553.6.1.el8.x86_64",
"mem_swap_kb": "2170876",
"mem_total_kb": "3720828",
"network_numa_unknown_ifaces": "back_iface,front_iface",
"objectstore_numa_node": "0",
"objectstore_numa_nodes": "0",
"os": "Linux",
"osd_data": "/var/lib/ceph/osd/ceph-4",
"osd_objectstore": "bluestore",
"osdspec_affinity": "all-available-devices",
"rotational": "0"
}
[root@ceph1 ~ 10:12:04]# ceph pg dump pgs_brief
PG_STAT STATE UP UP_PRIMARY ACTING ACTING_PRIMARY
2.22 active+clean [1,2] 1 [1,2] 1
2.21 active+clean [7,5] 7 [7,5] 7
2.20 active+clean [5,1] 5 [5,1] 5
3.1e undersized+peered [7,5,2147483647,2147483647] 7 [7,5,2147483647,2147483647] 7
2.1f active+clean [4,8] 4 [4,8] 4
3.1f undersized+peered [1,8,2147483647,2147483647] 1 [1,8,2147483647,2147483647] 1
2.1e active+clean [7,5] 7 [7,5] 7
3.1c undersized+peered [2147483647,5,7,2147483647] 5 [2147483647,5,7,2147483647] 5
2.1d active+clean [8,4] 8 [8,4] 8
3.1d undersized+peered [5,1,2147483647,2147483647] 5 [5,1,2147483647,2147483647] 5
2.1c active+clean [8,1] 8 [8,1] 8
3.1a undersized+peered [8,4,2147483647,2147483647] 8 [8,4,2147483647,2147483647] 8
2.1b active+clean [5,4] 5 [5,4] 5
3.1b undersized+peered [5,2147483647,2147483647,7] 5 [5,2147483647,2147483647,7] 5
2.1a active+clean [8,7] 8 [8,7] 8
3.18 undersized+peered [4,2,2147483647,2147483647] 4 [4,2,2147483647,2147483647] 4
2.19 active+clean [4,2] 4 [4,2] 4
3.19 undersized+peered [1,2147483647,2147483647,5] 1 [1,2147483647,2147483647,5] 1
2.18 active+clean [5,7] 5 [5,7] 5
3.16 undersized+peered [2147483647,2147483647,7,5] 7 [2147483647,2147483647,7,5] 7
2.17 active+clean [1,5] 1 [1,5] 1
3.17 undersized+peered [1,2147483647,5,2147483647] 1 [1,2147483647,5,2147483647] 1
2.16 active+clean [1,2] 1 [1,2] 1
3.14 undersized+peered [2147483647,2,7,2147483647] 2 [2147483647,2,7,2147483647] 2
2.15 active+clean [5,1] 5 [5,1] 5
3.15 undersized+peered [8,2147483647,1,2147483647] 8 [8,2147483647,1,2147483647] 8
2.14 active+clean [2,1] 2 [2,1] 2
3.12 undersized+peered [1,2147483647,2147483647,5] 1 [1,2147483647,2147483647,5] 1
2.13 active+clean [2,4] 2 [2,4] 2
3.13 undersized+peered [7,2147483647,5,2147483647] 7 [7,2147483647,5,2147483647] 7
2.12 active+clean [5,1] 5 [5,1] 5
3.10 undersized+peered [2147483647,5,2147483647,1] 5 [2147483647,5,2147483647,1] 5
2.11 active+clean [8,1] 8 [8,1] 8
3.11 undersized+peered [5,2147483647,2147483647,1] 5 [5,2147483647,2147483647,1] 5
2.10 active+clean [8,1] 8 [8,1] 8
3.e undersized+peered [2,2147483647,4,2147483647] 2 [2,2147483647,4,2147483647] 2
2.f active+clean [8,4] 8 [8,4] 8
2.4 active+clean [1,2] 1 [1,2] 1
3.5 undersized+peered [2147483647,4,5,2147483647] 4 [2147483647,4,5,2147483647] 4
2.2 active+clean [1,2] 1 [1,2] 1
3.3 undersized+peered [5,2147483647,4,2147483647] 5 [5,2147483647,4,2147483647] 5
2.1 active+clean [7,5] 7 [7,5] 7
3.0 undersized+peered [5,2147483647,7,2147483647] 5 [5,2147483647,7,2147483647] 5
2.3 active+clean [4,5] 4 [4,5] 4
1.0 active+undersized [5,7] 5 [5,7] 5
3.2 undersized+peered [4,5,2147483647,2147483647] 4 [4,5,2147483647,2147483647] 4
2.0 active+clean [5,1] 5 [5,1] 5
3.1 undersized+peered [4,2147483647,5,2147483647] 4 [4,2147483647,5,2147483647] 4
2.5 active+clean [8,4] 8 [8,4] 8
3.4 undersized+peered [1,5,2147483647,2147483647] 1 [1,5,2147483647,2147483647] 1
2.6 active+clean [1,8] 1 [1,8] 1
3.7 undersized+peered [4,8,2147483647,2147483647] 4 [4,8,2147483647,2147483647] 4
2.7 active+clean [8,1] 8 [8,1] 8
3.6 undersized+peered [4,2147483647,8,2147483647] 4 [4,2147483647,8,2147483647] 4
2.8 active+clean [1,2] 1 [1,2] 1
3.9 undersized+peered [8,2147483647,4,2147483647] 8 [8,2147483647,4,2147483647] 8
2.9 active+clean [4,5] 4 [4,5] 4
3.8 undersized+peered [2,1,2147483647,2147483647] 2 [2,1,2147483647,2147483647] 2
2.a active+clean [2,4] 2 [2,4] 2
3.b undersized+peered [7,2,2147483647,2147483647] 7 [7,2,2147483647,2147483647] 7
2.b active+clean [8,4] 8 [8,4] 8
3.a undersized+peered [8,2147483647,1,2147483647] 8 [8,2147483647,1,2147483647] 8
3.d undersized+peered [2147483647,1,8,2147483647] 1 [2147483647,1,8,2147483647] 1
2.c active+clean [2,7] 2 [2,7] 2
2.d active+clean [5,7] 5 [5,7] 5
3.c undersized+peered [2147483647,7,2147483647,2] 7 [2147483647,7,2147483647,2] 7
3.f undersized+peered [2147483647,8,7,2147483647] 8 [2147483647,8,7,2147483647] 8
2.e active+clean [4,2] 4 [4,2] 4
2.23 active+clean [4,5] 4 [4,5] 4
2.24 active+clean [1,2] 1 [1,2] 1
2.25 active+clean [8,4] 8 [8,4] 8
2.26 active+clean [1,8] 1 [1,8] 1
2.27 active+clean [8,1] 8 [8,1] 8
2.28 active+clean [1,2] 1 [1,2] 1
2.29 active+clean [4,5] 4 [4,5] 4
2.2a active+clean [2,4] 2 [2,4] 2
2.2b active+clean [8,4] 8 [8,4] 8
2.2c active+clean [2,7] 2 [2,7] 2
2.2d active+clean [5,7] 5 [5,7] 5
2.2e active+clean [4,2] 4 [4,2] 4
2.2f active+clean [8,4] 8 [8,4] 8
2.30 active+clean [8,1] 8 [8,1] 8
2.31 active+clean [8,1] 8 [8,1] 8
2.32 active+clean [5,1] 5 [5,1] 5
2.33 active+clean [2,4] 2 [2,4] 2
2.34 active+clean [2,1] 2 [2,1] 2
2.35 active+clean [5,1] 5 [5,1] 5
2.36 active+clean [1,2] 1 [1,2] 1
2.37 active+clean [1,5] 1 [1,5] 1
2.38 active+clean [5,7] 5 [5,7] 5
2.39 active+clean [4,2] 4 [4,2] 4
2.3a active+clean [8,7] 8 [8,7] 8
2.3b active+clean [5,4] 5 [5,4] 5
2.3c active+clean [8,1] 8 [8,1] 8
2.3d active+clean [8,4] 8 [8,4] 8
2.3e active+clean [7,5] 7 [7,5] 7
2.3f active+clean [4,8] 4 [4,8] 4
dumped pgs_brief
#检索对象到本地
[root@ceph1 ~ 10:12:16]# rados -p pool_web get hosts newhosts
[root@ceph1 ~ 10:12:27]# cat newhosts
wotibibuweilichou池快照管理
bash
#创建查看快照
[root@ceph1 ~ 10:12:32]# ceph osd pool mksnap pool_web snap1
created pool pool_web snap snap1
[root@ceph1 ~ 10:37:48]# ceph osd pool ls detail
pool 1 'device_health_metrics' replicated size 3 min_size 2 crush_rule 0 object_hash rjenkins pg_num 1 pgp_num 1 autoscale_mode on last_change 109 flags hashpspool stripe_width 0 pg_num_max 32 pg_num_min 1 application mgr_devicehealth
pool 2 'pool_web' replicated size 2 min_size 1 crush_rule 0 object_hash rjenkins pg_num 64 pgp_num 32 pgp_num_target 64 autoscale_mode on last_change 112 lfor 0/0/92 flags hashpspool,pool_snaps stripe_width 0
snap 1 'snap1' 2026-05-29T02:37:48.393843+0000
pool 3 'pool_era' erasure profile default size 4 min_size 3 crush_rule 1 object_hash rjenkins pg_num 32 pgp_num 32 autoscale_mode on last_change 75 flags hashpspool stripe_width 8192
[root@ceph1 ~ 10:37:58]# rados -p pool_web lssnap
1 snap1 2026.05.29 10:37:48
1 snaps
[root@ceph1 ~ 10:38:06]# ceph osd pool mksnap pool_web snap1
pool pool_web snap snap1 already exists
[root@ceph1 ~ 10:38:22]# ceph osd pool ls detail
pool 1 'device_health_metrics' replicated size 3 min_size 2 crush_rule 0 object_hash rjenkins pg_num 1 pgp_num 1 autoscale_mode on last_change 109 flags hashpspool stripe_width 0 pg_num_max 32 pg_num_min 1 application mgr_devicehealth
pool 2 'pool_web' replicated size 2 min_size 1 crush_rule 0 object_hash rjenkins pg_num 64 pgp_num 32 pgp_num_target 64 autoscale_mode on last_change 112 lfor 0/0/92 flags hashpspool,pool_snaps stripe_width 0
snap 1 'snap1' 2026-05-29T02:37:48.393843+0000
pool 3 'pool_era' erasure profile default size 4 min_size 3 crush_rule 1 object_hash rjenkins pg_num 32 pgp_num 32 autoscale_mode on last_change 75 flags hashpspool stripe_width 8192
[root@ceph1 ~ 10:38:57]# rados -p pool_web lssnap
1 snap1 2026.05.29 10:37:48
1 snaps
#删除池快照
[root@ceph1 ~ 10:39:03]# ceph osd pool rmsnap pool_web snap1
removed pool pool_web snap snap1
[root@ceph1 ~ 10:39:14]# ceph osd pool ls detail
pool 1 'device_health_metrics' replicated size 3 min_size 2 crush_rule 0 object_hash rjenkins pg_num 1 pgp_num 1 autoscale_mode on last_change 109 flags hashpspool stripe_width 0 pg_num_max 32 pg_num_min 1 application mgr_devicehealth
pool 2 'pool_web' replicated size 2 min_size 1 crush_rule 0 object_hash rjenkins pg_num 64 pgp_num 32 pgp_num_target 64 autoscale_mode on last_change 113 lfor 0/0/92 flags hashpspool,pool_snaps stripe_width 0
pool 3 'pool_era' erasure profile default size 4 min_size 3 crush_rule 1 object_hash rjenkins pg_num 32 pgp_num 32 autoscale_mode on last_change 75 flags hashpspool stripe_width 8192
[root@ceph1 ~ 10:39:21]# rados -p pool_web lssnap
0 snaps管理池对象
bash
[root@ceph1 ~ 10:41:13]# ceph osd pool mksnap pool_web snap1
created pool pool_web snap snap1
[root@ceph1 ~ 10:41:43]# rados -p pool_web listsnaps hosts
hosts:
cloneid snaps size overlap
head - 18
[root@ceph1 ~ 10:42:10]# echo zhiweinizhuanshenhuimou >hosts3
[root@ceph1 ~ 10:42:33]# rados -p pool_web put hosts hosts3
[root@ceph1 ~ 10:42:40]# rados -p pool_web get hosts newhosts
[root@ceph1 ~ 10:42:45]# cat newhosts
zhiweinizhuanshenhuimou
[root@ceph1 ~ 10:42:50]# rados ls -p pool_web -s snap1
selected snap 3 'snap1'
hosts
[root@ceph1 ~ 10:42:57]# rados -p pool_web -s snap1 get hosts hosts-from-snap1
selected snap 3 'snap1'
[root@ceph1 ~ 10:43:07]# cat hosts-from-snap1
wotibibuweilichou
[root@ceph1 ~ 10:43:18]# rados -p pool_web rollback hosts snap1
rolled back pool pool_web to snapshot snap1
[root@ceph1 ~ 10:44:04]# rados -p pool_web get hosts newhosts
[root@ceph1 ~ 10:44:12]# cat newhosts
wotibibuweilichou快照性质:只读文件
bash
[root@ceph1 ~ 10:44:16]# rados ls -p pool_web -s snap1
selected snap 3 'snap1'
hosts
[root@ceph1 ~ 10:55:16]# rados rm -p pool_web -s snap1 hosts
selected snap 3 'snap1'
error removing pool_web>hosts: (30) Read-only file system管理池命名空间
bash
[root@ceph1 ~ 10:41:13]# ceph osd pool mksnap pool_web snap1
created pool pool_web snap snap1
[root@ceph1 ~ 10:41:43]# rados -p pool_web listsnaps hosts
hosts:
cloneid snaps size overlap
head - 18
[root@ceph1 ~ 10:42:10]# echo zhiweinizhuanshenhuimou >hosts3
[root@ceph1 ~ 10:42:33]# rados -p pool_web put hosts hosts3
[root@ceph1 ~ 10:42:40]# rados -p pool_web get hosts newhosts
[root@ceph1 ~ 10:42:45]# cat newhosts
zhiweinizhuanshenhuimou
[root@ceph1 ~ 10:42:50]# rados ls -p pool_web -s snap1
selected snap 3 'snap1'
hosts
[root@ceph1 ~ 10:42:57]# rados -p pool_web -s snap1 get hosts hosts-from-snap1
selected snap 3 'snap1'
[root@ceph1 ~ 10:43:07]# cat hosts-from-snap1
wotibibuweilichou
[root@ceph1 ~ 10:43:18]# rados -p pool_web rollback hosts snap1
rolled back pool pool_web to snapshot snap1
[root@ceph1 ~ 10:44:04]# rados -p pool_web get hosts newhosts
[root@ceph1 ~ 10:44:12]# cat newhosts
wotibibuweilichou
[root@ceph1 ~ 10:44:16]# rados ls -p pool_web -s snap1
selected snap 3 'snap1'
hosts
[root@ceph1 ~ 10:55:16]# rados rm -p pool_web -s snap1 hosts
selected snap 3 'snap1'
error removing pool_web>hosts: (30) Read-only file system
[root@ceph1 ~ 10:55:23]# cat newhosts
wotibibuweilichou
[root@ceph1 ~ 10:55:58]# rados put -p pool_web -N myns1 hostname1 /etc/hostname
[root@ceph1 ~ 11:22:19]# rados ls-p pool_eb
unrecognized command ls-p; -h or --help for usage
error 22: (22) Invalid argument
[root@ceph1 ~ 11:22:34]# rados ls-p pool_web
unrecognized command ls-p; -h or --help for usage
error 22: (22) Invalid argument
[root@ceph1 ~ 11:22:37]# rados ls -p pool_web
hosts
[root@ceph1 ~ 11:22:44]# rados put -p pool_web -N myns2 hostname2 /etc/hostname
[root@ceph1 ~ 11:23:06]# rados ls -p pool_web -N myns2
hostname2
[root@ceph1 ~ 11:23:24]# rados ls -p pool_web --all
myns1 hostname1
hosts
myns2 hostname2
[root@ceph1 ~ 11:23:37]# rados ls -p pool_web --all --format=json-pretty
[
{
"namespace": "myns1",
"name": "hostname1"
},
{
"namespace": "",
"name": "hosts"
},
{
"namespace": "myns2",
"name": "hostname2"
}
]
#重命名池
[root@ceph1 ~ 11:23:45]# ceph osd pool rename pool_web pool_apache
pool 'pool_web' renamed to 'pool_apache'
#删除池
[root@ceph1 ~ 11:23:55]# ceph osd pool rm pool_apache
Error EPERM: WARNING: this will *PERMANENTLY DESTROY* all data stored in pool pool_apache. If you are *ABSOLUTELY CERTAIN* that is what you want, pass the pool name *twice*, followed by --yes-i-really-really-mean-it.
[root@ceph1 ~ 11:24:22]# ceph osd pool rm pool_apache pool_apache --yes-i-really-really-mean-it
Error EPERM: pool deletion is disabled; you must first set the mon_allow_pool_delete config option to true before you can destroy a pool
[root@ceph1 ~ 11:27:32]# ceph config get mon mon_allow_pool_delete
true
[root@ceph1 ~ 11:27:38]# ceph osd pool rm pool_apache pool_apache --yes-i-really-really-mean-it
Error EPERM: pool deletion is disabled; you must first set the mon_allow_pool_delete config option to true before you can destroy a pool
[root@ceph1 ~ 11:33:44]# ceph config set mon.ceph1.my.cloud mon_allow_pool_delete true
[root@ceph1 ~ 11:33:54]# ceph osd pool rm pool_apache pool_apache --yes-i-really-really-mean-it
pool 'pool_apache' removed防止误删
bash
ceph osd pool set pool_apache nodelete true管理用户账户
查看用户账户
bash
[root@ceph1 ~ 13:56:02]# ceph auth get-key osd.1
AQBaixZqDn89HhAAJzTr8j3gXzagWq6CXnBPlA==
[root@ceph1 ~ 13:57:07]# ceph auth print-key
AQBaixZqDn89HhAAJzTr8j3gXzagWq6CXnBPlA==创建用户账户
bash
[root@ceph1 ~ 13:57:41]# ceph auth add client.app1
added key for client.app1
[root@ceph1 ~ 13:58:07]# ceph auth get-or-create client.app2
[client.app2]
key = AQBoKxlqSI9COhAA4rkreCrLdKd5p8F8ID8OGg==
[root@ceph1 ~ 14:00:08]# ceph auth get-or-create client.app3
[client.app3]
key = AQCAKxlqp2d2GhAA3bFh0YJzI54Tf0+UKApRxw==
#授权用户
[root@ceph1 ~ 14:00:32]# ceph auth add client.app4 mon 'allow r'
added key for client.app4删除用户账户
bash
[root@ceph1 ~ 14:01:19]# ceph auth del client.app3
updated
[root@ceph1 ~ 14:02:17]# ceph auth rm client.app2
updated导出入用户账户
bash
[root@ceph1 ~ 14:03:17]# ceph auth export osd.1 -o ceph.osd.1.keyring.1
export auth(key=AQBaixZqDn89HhAAJzTr8j3gXzagWq6CXnBPlA==)
[root@ceph1 ~ 14:03:34]# cat ceph.osd.1.keyring.1
[osd.1]
key = AQBaixZqDn89HhAAJzTr8j3gXzagWq6CXnBPlA==
caps mgr = "allow profile osd"
caps mon = "allow profile osd"
caps osd = "allow *"
[root@ceph1 ~ 14:03:47]# ceph auth get osd.1 -o ceph.osd.1.keyring.2
exported keyring for osd.1
[root@ceph1 ~ 14:04:07]# cat ceph.osd.1.keyring.2
[osd.1]
key = AQBaixZqDn89HhAAJzTr8j3gXzagWq6CXnBPlA==
caps mgr = "allow profile osd"
caps mon = "allow profile osd"
caps osd = "allow *"
[root@ceph1 ~ 14:04:21]# ceph auth export client.app4 -o ceph.client.app4.keyring
export auth(key=AQCvKxlqtKFzBBAALG9ONx/m3i49qf1+gegE1A==)
[root@ceph1 ~ 14:04:44]# ceph auth rm client.app4
updated
[root@ceph1 ~ 14:05:04]# ceph auth get client.app4
Error ENOENT: failed to find client.app4 in keyring
[root@ceph1 ~ 14:05:14]# ceph auth import -i ceph.client.app4.keyring
imported keyring
[root@ceph1 ~ 14:05:24]# ceph auth get client.app4
[client.app4]
key = AQCvKxlqtKFzBBAALG9ONx/m3i49qf1+gegE1A==
caps mon = "allow r"
exported keyring for client.app4用户账户功能
赋权
bash
[root@ceph1 ~ 14:05:31]# ceph auth add client.my
added key for client.my
[root@ceph1 ~ 14:37:03]# ceph auth caps client.my mon 'allow r' osd 'allow rw'
updated caps for client.my
[root@ceph1 ~ 14:37:53]# ceph auth add client.my mon 'allow r' osd 'allow rw'账户功能配置文件
bash
[root@ceph1 ~ 14:38:25]# ceph auth get osd.1
[osd.1]
key = AQBaixZqDn89HhAAJzTr8j3gXzagWq6CXnBPlA==
caps mgr = "allow profile osd"
caps mon = "allow profile osd"
caps osd = "allow *"
exported keyring for osd.1
[root@ceph1 ~ 14:39:21]# ceph auth get client.bootstrap-osd
[client.bootstrap-osd]
key = AQBkbBZqjeUqLxAABYnywQdkoDO4beKbbNifKQ==
caps mon = "allow profile bootstrap-osd"
exported keyring for client.bootstrap-osd
[root@ceph1 ~ 14:39:57]# ceph auth add client.forrbd mon 'profile rbd' osd 'profile rbd'
added key for client.forrbd
[root@ceph1 ~ 14:40:55]# ceph auth get client.forrbd
[client.forrbd]
key = AQD3NBlqWBPMGRAAp1c+j5cBsYVwzBK3K0VedA==
caps mon = "profile rbd"
caps osd = "profile rbd"
exported keyring for client.forrbd访问范围控制
bash
[root@ceph1 ~ 14:41:15]# ceph auth get-or-create client.formyapp1 mon 'allow r' osd 'allow rw pool=myapp'
[client.formyapp1]
key = AQBvNRlqb8wfLhAAVrA7QjAMh73+N/Yf+MjBnQ==
[root@ceph1 ~ 14:42:55]# ceph auth get-or-create client.formyapp2 mon 'allow r' osd 'allow rw namespace=photos'
[client.formyapp2]
key = AQCMNRlqEkrKJhAA+6XuuO5VKlDBVwU37ume5g==
[root@ceph1 ~ 14:43:24]# ceph auth get-or-create client.formyapp3 mon 'allow r' osd 'allow rw pool=myapp namespace=photos'
[client.formyapp3]
key = AQCsNRlqfnkfMhAARnSyRfhXhDXdRxpKCjQQyg==
[root@ceph1 ~ 14:43:56]# ceph auth get-or-create client.formyapp4 mon 'allow r' osd 'allow rw object_prefix pref'
[client.formyapp4]
key = AQDNNRlqm11/AhAAwlQkDTJZWTjDy3X/HB8J1Q==
[root@ceph1 ~ 14:47:32]# ceph auth get-or-create client.operator1 mon 'allow r, allow command "auth get-or-create", allow command "auth list"'
[client.operator1]
key = AQClNhlqMpMFBhAA3toRgYKXWnHPDSLAPTXsjQ==使用用户执行命令
bash
[root@ceph1 ~ 14:52:23]# ceph auth get client.my -o
usage: ceph [-h] [-c CEPHCONF] [-i INPUT_FILE] [-o OUTPUT_FILE]
[--setuser SETUSER] [--setgroup SETGROUP] [--id CLIENT_ID]
[--name CLIENT_NAME] [--cluster CLUSTER]
[--admin-daemon ADMIN_SOCKET] [-s] [-w] [--watch-debug]
[--watch-info] [--watch-sec] [--watch-warn] [--watch-error]
[-W WATCH_CHANNEL] [--version] [--verbose] [--concise]
[-f {json,json-pretty,xml,xml-pretty,plain,yaml}]
[--connect-timeout CLUSTER_TIMEOUT] [--block] [--period PERIOD]
ceph: error: argument -o/--out-file: expected one argument
[root@ceph1 ~ 14:52:56]# ceph auth get client.my -o /etc/ceph/ceph.client.my.keyring
exported keyring for client.my
[root@ceph1 ~ 14:53:31]# ceph auth ls --id my
Error EACCES: access denied
[root@ceph1 ~ 14:53:40]# # ceph auth list --id my实践 2**:通过client管理**ceph
client
bash
[root@client ~ 15:14:09]# mkdir /etc/ceph
[root@client ~ 15:14:29]# dnf install -y ceph-common
Last metadata expiration check: 1 day, 20:09:21 ago on Wed 27 May 2026 07:05:18 PM CST.
No match for argument: ceph-common
Error: Unable to find a match: ceph-common
[root@client ~ 15:14:42]# cat > /etc/yum.repos.d/ceph.repo << 'EOF'
> [Ceph]
> name=Ceph
> baseurl=https://mirrors.aliyun.com/centos-vault/8-stream/storage/x86_64/ceph-pacific/
> enabled=1
> gpgcheck=0
> EOF
[root@client ~ 15:15:25]# dnf install -y ceph-commonceph1:
bash
[root@ceph1 ~ 14:55:32]# scp /etc/ceph/ceph.client.admin.keyring root@client:/etc/ceph/
The authenticity of host 'client (192.168.108.10)' can't be established.
ECDSA key fingerprint is SHA256:5nUPAe0IfgEk1mP8rsIRsrWNDyd8rjXi6L1OJrSdbRE.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'client,192.168.108.10' (ECDSA) to the list of known hosts.
root@client's password:
ceph.client.admin.keyring 100% 151 92.6KB/s 00:00
[root@ceph1 ~ 15:16:43]# scp /etc/ceph/ceph.conf root@client:/etc/ceph/
root@client's password:
ceph.conf 100% 283 94.4KB/s 00:00client:
bash
[root@client ~ 15:16:19]# ceph -s
cluster:
id: 96b28050-5980-11f1-8411-000c2993506d
health: HEALTH_WARN
Failed to apply 1 service(s): osd.all-available-devices
Reduced data availability: 32 pgs inactive
Degraded data redundancy: 33 pgs undersized
services:
mon: 3 daemons, quorum ceph1.my.cloud,ceph3,ceph2 (age 17m)
mgr: ceph3.ltrhra(active, since 5h), standbys: ceph1.my.cloud.newsth, ceph2.rahriu
osd: 8 osds: 6 up (since 5h), 6 in (since 46h)
data:
pools: 2 pools, 33 pgs
objects: 0 objects, 0 B
usage: 1.7 GiB used, 118 GiB / 120 GiB avail
pgs: 96.970% pgs not active
32 undersized+peered
1 active+undersized创建RBD镜像
bash
#创建RBD池
[root@ceph1 ~ 15:16:57]# ceph osd pool create images_pool
pool 'images_pool' created
[root@ceph1 ~ 16:32:32]# rbd pool init images_pool
[root@ceph1 ~ 16:32:43]# ceph osd pool ls detail | grep images_pool
pool 4 'images_pool' replicated size 2 min_size 1 crush_rule 0 object_hash rjenkins pg_num 32 pgp_num 32 autoscale_mode on last_change 122 flags hashpspool,selfmanaged_snaps stripe_width 0 application rbd
#创建专用用户
ceph auth get-or-create client.rbd mon 'profile rbd' osd 'profile rbd' -o /etc/ceph/ceph.client.rbd.keyring
#创建RBD镜像
[root@ceph1 ~ 16:36:49]# rbd create images_pool/webapp1 --size 1G
[root@ceph1 ~ 16:37:18]# rbd ls images_pool
webapp1
[root@ceph1 ~ 16:37:24]# rbd pool stats images_pool使用内核RBD访问CEPH块存储
映射RBD镜像
bash
[root@ceph1 ~ 16:37:30]# scp /etc/ceph/ceph.conf /etc/ceph/ceph.client.rbd.keyring root@client:/etc/ceph
root@client's password:
ceph.conf 100% 283 208.9KB/s 00:00
ceph.client.rbd.keyring 100% 61 93
[root@client ~ 16:39:51]# rbd ls images_pool --id rbd
webapp1
[root@client ~ 16:42:46]# export CEPH_ARGS='--id=rbd'
[root@client ~ 16:43:02]# rbd ls images_pool
webapp1
[root@client ~ 16:43:13]# rbd device map images_pool/webapp1
/dev/rbd0
[root@client ~ 16:43:28]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sr0 11:0 1 1024M 0 rom
rbd0 252:0 0 1G 0 disk
nvme0n1 259:0 0 200G 0 disk
├─nvme0n1p1 259:1 0 1G 0 part /boot
└─nvme0n1p2 259:2 0 199G 0 part
├─cs-root 253:0 0 70G 0 lvm /
├─cs-swap 253:1 0 2.1G 0 lvm [SWAP]
└─cs-home 253:2 0 126.9G 0 lvm /home
[root@client ~ 16:43:33]# rbd showmapped
id pool namespace image snap device
0 images_pool webapp1 - /dev/rbd0
[root@client ~ 16:44:22]# rbd device list
id pool namespace image snap device
0 images_pool webapp1 - /dev/rbd0
[root@client ~ 16:44:35]# lsblk /dev/rbd0
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
rbd0 252:0 0 1G 0 disk
[root@client ~ 16:44:46]# mkfs.xfs /dev/rbd0
meta-data=/dev/rbd0 isize=512 agcount=8, agsize=32768 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=1, sparse=1, rmapbt=0
= reflink=1 bigtime=0 inobtcount=0
data = bsize=4096 blocks=262144, imaxpct=25
= sunit=16 swidth=16 blks
naming =version 2 bsize=4096 ascii-ci=0, ftype=1
log =internal log bsize=4096 blocks=2560, version=2
= sectsz=512 sunit=16 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
Discarding blocks...Done.
[root@client ~ 16:45:06]# mkdir -p /webapp/webapp1
[root@client ~ 16:45:26]# mount /dev/rbd0 /webapp/webapp1/
[root@client ~ 16:45:43]# lsblk /dev/rbd0
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
rbd0 252:0 0 1G 0 disk /webapp/webapp1
[root@client ~ 16:46:35]# df /webapp/webapp1/
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/rbd0 1038336 40500 997836 4% /webapp/webapp1
[root@client ~ 16:46:47]# rbd status images_pool/webapp1
Watchers:
watcher=192.168.108.10:0/2594499254 client.84767 cookie=18446462598732840961取消映射
bash
[root@client ~ 16:46:57]# umount /webapp/webapp1
[root@client ~ 16:48:06]# rbd unmap /dev/rbd0持久化挂载
bash
[root@client ~]# rbd device unmap /dev/rbd0
[root@client ~]# rbd device ls
[root@client ~]# vim /etc/ceph/rbdmap
# RbdDevice Parameters
#poolname/imagename id=client,keyring=/etc/ceph/ceph.client.keyring
images_pool/webapp1 id=rbd,keyring=/etc/ceph/ceph.client.rbd.keyring
[root@client ~]# vim /etc/fstab
......
/dev/rbd/images_pool/webapp1 /webapp/webapp1 xfs _netdev 0 0
[root@client ~]# systemctl enable rbdmap.service