From: Jason Dillaman Date: Tue, 11 Sep 2018 16:01:28 +0000 (-0400) Subject: doc/rbd: update mirroring to include new peer secret config-key actions X-Git-Tag: v14.0.1~288^2~1 X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=900e30d1bb542f64b8a5a721d557591f2ea924cf;p=ceph-ci.git doc/rbd: update mirroring to include new peer secret config-key actions Signed-off-by: Jason Dillaman --- diff --git a/PendingReleaseNotes b/PendingReleaseNotes index 11e286a5fdb..5ddb2f43f3f 100644 --- a/PendingReleaseNotes +++ b/PendingReleaseNotes @@ -11,6 +11,12 @@ * The 'ceph pg list_missing' command has been renamed to 'ceph pg list_unfound' to better match its behaviour. +* The 'rbd-mirror' daemon can now retrieve remote peer cluster configuration + secrets from the monitor. To use this feature, the 'rbd-mirror' daemon + CephX user for the local cluster must use the 'profile rbd-mirror' mon cap. + The secrets can be set using the 'rbd mirror pool peer add' and + 'rbd mirror pool peer set' actions. + >=13.1.0 -------- diff --git a/doc/rbd/rbd-mirroring.rst b/doc/rbd/rbd-mirroring.rst index 8476e9fd34a..512b323997d 100644 --- a/doc/rbd/rbd-mirroring.rst +++ b/doc/rbd/rbd-mirroring.rst @@ -53,8 +53,8 @@ The mirroring mode can either be ``pool`` or ``image``: For example:: - rbd --cluster local mirror pool enable image-pool pool - rbd --cluster remote mirror pool enable image-pool pool + $ rbd --cluster local mirror pool enable image-pool pool + $ rbd --cluster remote mirror pool enable image-pool pool Disable Mirroring ----------------- @@ -70,8 +70,8 @@ explicitly. For example:: - rbd --cluster local mirror pool disable image-pool - rbd --cluster remote mirror pool disable image-pool + $ rbd --cluster local mirror pool disable image-pool + $ rbd --cluster remote mirror pool disable image-pool Add Cluster Peer ---------------- @@ -85,8 +85,26 @@ cluster specification:: For example:: - rbd --cluster local mirror pool peer add image-pool client.remote@remote - rbd --cluster remote mirror pool peer add image-pool client.local@local + $ rbd --cluster local mirror pool peer add image-pool client.remote@remote + $ rbd --cluster remote mirror pool peer add image-pool client.local@local + +By default, the ``rbd-mirror`` daemon needs to have access to a Ceph +configuration file located at ``/etc/ceph/{cluster-name}.conf`` that provides +the addresses of the peer cluster's monitors, in addition to a keyring for +``{client-name}`` located in the default or configured keyring search paths +(e.g. ``/etc/ceph/{cluster-name}.{client-name}.keyring``). + +Alternatively, the peer cluster's monitor and/or client key can be securely +stored within the local Ceph monitor ``config-key`` store. To specify the +peer cluster connection attributes when adding a mirroring peer, use the +``--remote-mon-host`` and ``--remote-key-file`` optionals. For example:: + + $ rbd --cluster local mirror pool peer add image-pool client.remote@remote --remote-mon-host 192.168.1.1,192.168.1.2 --remote-key-file <(echo 'AQAeuZdbMMoBChAAcj++/XUxNOLFaWdtTREEsw==') + $ rbd --cluster local mirror pool info image-pool --all + Mode: pool + Peers: + UUID NAME CLIENT MON_HOST KEY + 587b08db-3d33-4f32-8af8-421e77abb081 remote client.remote 192.168.1.1,192.168.1.2 AQAeuZdbMMoBChAAcj++/XUxNOLFaWdtTREEsw== Remove Cluster Peer ------------------- @@ -99,8 +117,8 @@ To remove a mirroring peer Ceph cluster with ``rbd``, specify the For example:: - rbd --cluster local mirror pool peer remove image-pool 55672766-c02b-4729-8567-f13a66893445 - rbd --cluster remote mirror pool peer remove image-pool 60c0e299-b38f-4234-91f6-eed0a367be08 + $ rbd --cluster local mirror pool peer remove image-pool 55672766-c02b-4729-8567-f13a66893445 + $ rbd --cluster remote mirror pool peer remove image-pool 60c0e299-b38f-4234-91f6-eed0a367be08 Data Pools ---------- @@ -146,7 +164,7 @@ the ``feature enable`` command, the pool and image name, and the feature name:: For example:: - rbd --cluster local feature enable image-pool/image-1 journaling + $ rbd --cluster local feature enable image-pool/image-1 journaling .. note:: The journaling feature is dependent on the exclusive-lock feature. If the exclusive-lock feature is not already enabled, it should be enabled prior @@ -167,7 +185,7 @@ To enable mirroring for a specific image with ``rbd``, specify the For example:: - rbd --cluster local mirror image enable image-pool/image-1 + $ rbd --cluster local mirror image enable image-pool/image-1 Disable Image Mirroring ----------------------- @@ -179,7 +197,7 @@ To disable mirroring for a specific image with ``rbd``, specify the For example:: - rbd --cluster local mirror image disable image-pool/image-1 + $ rbd --cluster local mirror image disable image-pool/image-1 Image Promotion and Demotion ---------------------------- @@ -201,7 +219,7 @@ To demote a specific image to non-primary with ``rbd``, specify the For example:: - rbd --cluster local mirror image demote image-pool/image-1 + $ rbd --cluster local mirror image demote image-pool/image-1 To demote all primary images within a pool to non-primary with ``rbd``, specify the ``mirror pool demote`` command along with the pool name:: @@ -210,7 +228,7 @@ the ``mirror pool demote`` command along with the pool name:: For example:: - rbd --cluster local mirror pool demote image-pool + $ rbd --cluster local mirror pool demote image-pool To promote a specific image to primary with ``rbd``, specify the ``mirror image promote`` command along with the pool and image name:: @@ -219,7 +237,7 @@ To promote a specific image to primary with ``rbd``, specify the For example:: - rbd --cluster remote mirror image promote image-pool/image-1 + $ rbd --cluster remote mirror image promote image-pool/image-1 To promote all non-primary images within a pool to primary with ``rbd``, specify the ``mirror pool promote`` command along with the pool name:: @@ -228,7 +246,7 @@ the ``mirror pool promote`` command along with the pool name:: For example:: - rbd --cluster local mirror pool promote image-pool + $ rbd --cluster local mirror pool promote image-pool .. tip:: Since the primary / non-primary status is per-image, it is possible to have two clusters split the IO load and stage failover / failback. @@ -252,7 +270,7 @@ resync to the primary image. To request an image resync with ``rbd``, specify th For example:: - rbd mirror image resync image-pool/image-1 + $ rbd mirror image resync image-pool/image-1 .. note:: The ``rbd`` command only flags the image as requiring a resync. The local cluster's ``rbd-mirror`` daemon process is responsible for performing @@ -272,7 +290,7 @@ To request the mirror image status with ``rbd``, specify the For example:: - rbd mirror image status image-pool/image-1 + $ rbd mirror image status image-pool/image-1 To request the mirror pool summary status with ``rbd``, specify the ``mirror pool status`` command along with the pool name:: @@ -281,7 +299,7 @@ To request the mirror pool summary status with ``rbd``, specify the For example:: - rbd mirror pool status image-pool + $ rbd mirror pool status image-pool .. note:: Adding ``--verbose`` option to the ``mirror pool status`` command will additionally output status details for every mirroring image in the pool. @@ -307,7 +325,7 @@ Each ``rbd-mirror`` daemon should use a unique Ceph user ID. To `create a Ceph user`_, with ``ceph`` specify the ``auth get-or-create`` command, user name, monitor caps, and OSD caps:: - ceph auth get-or-create client.rbd-mirror.{unique id} mon 'profile rbd' osd 'profile rbd' + ceph auth get-or-create client.rbd-mirror.{unique id} mon 'profile rbd-mirror' osd 'profile rbd' The ``rbd-mirror`` daemon can be managed by ``systemd`` by specifying the user ID as the daemon instance::