From: Adam King Date: Sat, 3 Jun 2023 18:39:05 +0000 (-0400) Subject: doc/cephadm: document how to pass self made SSH key pairs to bootstrap X-Git-Tag: v19.0.0~675^2~4 X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=e09a3765476eedae28905b51b666bee92c6fcf8e;p=ceph-ci.git doc/cephadm: document how to pass self made SSH key pairs to bootstrap This didn't seem to exist in the install section of the cephadm docs. Wanted to add it in before adding documentation for bootstrapping with CA signed keys. Signed-off-by: Adam King --- diff --git a/doc/cephadm/install.rst b/doc/cephadm/install.rst index 412ca14169c..66c34a98b07 100644 --- a/doc/cephadm/install.rst +++ b/doc/cephadm/install.rst @@ -193,6 +193,8 @@ This command will: with this label will (also) get a copy of ``/etc/ceph/ceph.conf`` and ``/etc/ceph/ceph.client.admin.keyring``. +.. _cephadm-bootstrap-further-info: + Further information about cephadm bootstrap ------------------------------------------- @@ -463,3 +465,27 @@ have access to all hosts that you plan to add to the cluster. cephadm --image **:5000/ceph/ceph bootstrap --mon-ip ** .. _cluster network: ../rados/configuration/network-config-ref#cluster-network + +.. _cephadm-bootstrap-custom-ssh-keys: + +Deployment with custom SSH keys +------------------------------- + +Bootstrap allows users to create their own private/public SSH key pair +rather than having cephadm generate them automatically. + +To use custom SSH keys, pass the ``--ssh-private-key`` and ``--ssh-public-key`` +fields to bootstrap. Both parameters require a path to the file where the +keys are stored: + +.. prompt:: bash # + + cephadm bootstrap --mon-ip --ssh-private-key --ssh-public-key + +This setup allows users to use a key that has already been distributed to hosts +the user wants in the cluster before bootstrap. + +.. note:: In order for cephadm to connect to other hosts you'd like to add + to the cluster, make sure the public key of the key pair provided is setup + as an authorized key for the ssh user being used, typically root. If you'd + like more info on using a non-root user as the ssh user, see :ref:`cephadm-bootstrap-further-info`