From a4c95e6776e2f161101d096a5aa172d19d0d7c5c Mon Sep 17 00:00:00 2001 From: Rishabh Dave Date: Mon, 21 Oct 2019 20:12:04 +0530 Subject: [PATCH] doc: improve in mount.ceph man page Add new examples to show how to mount with and without authentication, mon sockets and secret keys for CephX users in mount command, don't show monitor's IP address in every example, use real IP addresses instead of just writing "monhost", use non-standard port number in non-standard socket number example and keep the mount point same across all examples. Add `mount -t ceph` example to synopsis, replace "monaddr1" by "mon1_socket", since it doesn't necessarily have to be only IP addresses. Rearrange options alphabetically so that it's easy to find them but keep similar like dirstat and nodirstat together, increase indentation for "Options" section from 2 to 4 spaces, wrap lines that are too long and elaborate explanation wherever necessary. Capitalize "ceph", wherever appropriate. Fixes: https://tracker.ceph.com/issues/42406 Signed-off-by: Rishabh Dave --- doc/man/8/mount.ceph.rst | 249 +++++++++++++++++++++------------------ 1 file changed, 136 insertions(+), 113 deletions(-) diff --git a/doc/man/8/mount.ceph.rst b/doc/man/8/mount.ceph.rst index a9ad57027da..42bfe75b0c8 100644 --- a/doc/man/8/mount.ceph.rst +++ b/doc/man/8/mount.ceph.rst @@ -1,7 +1,7 @@ :orphan: ======================================== - mount.ceph -- mount a ceph file system + mount.ceph -- mount a Ceph file system ======================================== .. program:: mount.ceph @@ -9,184 +9,206 @@ Synopsis ======== -| **mount.ceph** [*monaddr1*\ ,\ *monaddr2*\ ,...]:/[*subdir*] *dir* [ +| **mount.ceph** [*mon1_socket*\ ,\ *mon2_socket*\ ,...]:/[*subdir*] *dir* [ -o *options* ] Description =========== -**mount.ceph** is a helper for mounting the Ceph file system on -a Linux host. It serves to resolve monitor hostname(s) into IP -addresses and read authentication keys from disk; the Linux kernel -client component does most of the real work. In fact, it is possible -to mount a non-authenticated Ceph file system without mount.ceph by -specifying monitor address(es) by IP:: +**mount.ceph** is a helper for mounting the Ceph file system on a Linux host. +It serves to resolve monitor hostname(s) into IP addresses and read +authentication keys from disk; the Linux kernel client component does most of +the real work. In fact, it is possible to mount a non-authenticated Ceph file +system without mount.ceph by specifying monitor address(es) by IP:: - mount -t ceph 1.2.3.4:/ mountpoint + mount -t ceph 1.2.3.4:/ /mnt/mycephfs -Each monitor address monaddr takes the form host[:port]. If the port -is not specified, the Ceph default of 6789 is assumed. - -Multiple monitor addresses can be separated by commas. Only one -responsible monitor is needed to successfully mount; the client will -learn about all monitors from any responsive monitor. However, it is a -good idea to specify more than one in case one happens to be down at -the time of mount. +The first argument is the device part of the mount command. It includes host's +socket and path within CephFS that will be mounted at the mount point. The +socket, obviously, takes the form ip_address[:port]. If the port is not +specified, the Ceph default of 6789 is assumed. Multiple monitor addresses can +be passed by separating them by commas. Only one monitor is needed to mount +successfully; the client will learn about all monitors from any responsive +monitor. However, it is a good idea to specify more than one in case the one +happens to be down at the time of mount. If the host portion of the device is left blank, then **mount.ceph** will attempt to determine monitor addresses using local configuration files -and/or DNS SRV records. - -A subdirectory subdir may be specified if a subset of the file system -is to be mounted. - -Mount helper application conventions dictate that the first two -options are device to be mounted and destination path. Options must be +and/or DNS SRV records. In similar way, if authentication is enabled on Ceph +cluster (which is done using CephX) and options ``secret`` and ``secretfile`` +are not specified in the command, the mount helper will spawn a child process +that will use the standard Ceph library routines to find a keyring and fetch +the secret from it. + +A sub-directory of the file system can be mounted by specifying the (absolute) +path to the sub-directory right after ":" after the socket in the device part +of the mount command. + +Mount helper application conventions dictate that the first two options are +device to be mounted and the mountpoint for that device. Options must be passed only after these fixed arguments. Options ======= -:command:`wsize` - int (bytes), max write size. Default: 16777216 (16*1024*1024) (writeback uses smaller of wsize - and stripe unit) - -:command:`rsize` - int (bytes), max read size. Default: 16777216 (16*1024*1024) - -:command:`rasize` - int (bytes), max readahead. Default: 8388608 (8192*1024) +Basic +----- -:command:`osdtimeout` - int (seconds), Default: 60 +:command:`conf` + Path to a ceph.conf file. This is used to initialize the Ceph context + for autodiscovery of monitor addresses and auth secrets. The default is + to use the standard search path for ceph.conf files. -:command:`osdkeepalive` - int, Default: 5 +:command: `mds_namespace=` + Specify the non-default file system to be mounted. Not passing this + option mounts the default file system. :command:`mount_timeout` - int (seconds), Default: 60 + int (seconds), Default: 60 -:command:`osd_idle_ttl` - int (seconds), Default: 60 +:command:`name` + RADOS user to authenticate as when using CephX. Default: guest -:command:`caps_wanted_delay_min` - int, cap release delay, Default: 5 +:command:`secret` + secret key for use with CephX. This option is insecure because it exposes + the secret on the command line. To avoid this, use the secretfile option. -:command:`caps_wanted_delay_max` - int, cap release delay, Default: 60 +:command:`secretfile` + path to file containing the secret key to use with CephX +:command:`recover_session=` + Set auto reconnect mode in the case where the client is blacklisted. The + available modes are ``no`` and ``clean``. The default is ``no``. + + - ``no``: never attempt to reconnect when client detects that it has been + blacklisted. Blacklisted clients will not attempt to reconnect and + their operations will fail too. + + - ``clean``: client reconnects to the Ceph cluster automatically when it + detects that it has been blacklisted. During reconnect, client drops + dirty data/metadata, invalidates page caches and writable file handles. + After reconnect, file locks become stale because the MDS loses track of + them. If an inode contains any stale file locks, read/write on the inode + is not allowed until applications release all stale file locks. + +Advanced +-------- :command:`cap_release_safety` - int, Default: calculated - -:command:`readdir_max_entries` - int, Default: 1024 + int, Default: calculated -:command:`readdir_max_bytes` - int, Default: 524288 (512*1024) +:command:`caps_wanted_delay_max` + int, cap release delay, Default: 60 -:command:`write_congestion_kb` - int (kb), max writeback in flight. scale with available - memory. Default: calculated from available memory +:command:`caps_wanted_delay_min` + int, cap release delay, Default: 5 -:command:`snapdirname` - string, set the name of the hidden snapdir. Default: .snap +:command:`dirstat` + funky `cat dirname` for stats, Default: off -:command:`name` - RADOS user to authenticate as when using cephx. Default: guest +:command:`nodirstat` + no funky `cat dirname` for stats -:command:`secret` - secret key for use with cephx. This option is insecure because it exposes - the secret on the command line. To avoid this, use the secretfile option. +:command:`ip` + my ip -:command:`secretfile` - path to file containing the secret key to use with cephx +:command:`noasyncreaddir` + no dcache readdir -:command:`ip` - my ip +:command:`nocrc` + no data crc on writes :command:`noshare` - create a new client instance, instead of sharing an existing - instance of a client mounting the same cluster + create a new client instance, instead of sharing an existing instance of + a client mounting the same cluster -:command:`dirstat` - funky `cat dirname` for stats, Default: off +:command:`osdkeepalive` + int, Default: 5 -:command:`nodirstat` - no funky `cat dirname` for stats +:command:`osdtimeout` + int (seconds), Default: 60 -:command:`rbytes` - Report the recursive size of the directory contents for st_size on - directories. Default: off +:command:`osd_idle_ttl` + int (seconds), Default: 60 -:command:`norbytes` - Do not report the recursive size of the directory contents for - st_size on directories. +:command:`rasize` + int (bytes), max readahead. Default: 8388608 (8192*1024) -:command:`nocrc` - no data crc on writes +:command:`rbytes` + Report the recursive size of the directory contents for st_size on + directories. Default: off -:command:`noasyncreaddir` - no dcache readdir +:command:`norbytes` + Do not report the recursive size of the directory contents for + st_size on directories. -:command:`conf` - Path to a ceph.conf file. This is used to initialize the ceph context - for autodiscovery of monitor addresses and auth secrets. The default is - to use the standard search path for ceph.conf files. +:command:`readdir_max_bytes` + int, Default: 524288 (512*1024) -:command:`recover_session=` - Set auto reconnect mode in the case where the client is blacklisted. The - available modes are ``no`` and ``clean``. The default is ``no``. +:command:`readdir_max_entries` + int, Default: 1024 - - ``no``: never attempt to reconnect when client detects that it has been blacklisted. Blacklisted clients will not attempt to reconnect and their operations will fail too. +:command:`rsize` + int (bytes), max read size. Default: 16777216 (16*1024*1024) - - ``clean``: client reconnects to the ceph cluster automatically when it detects that it has been blacklisted. During reconnect, client drops dirty data/metadata, invalidates page caches and writable file handles. After reconnect, file locks become stale because the MDS loses track of them. If an inode contains any stale file locks, read/write on the inode is not allowed until applications release all stale file locks. +:command:`snapdirname` + string, set the name of the hidden snapdir. Default: .snap +:command:`write_congestion_kb` + int (kb), max writeback in flight. scale with available + memory. Default: calculated from available memory -:command: `mds_namespace=` - Specify the non-default file system to be mounted. Not passing this option - mounts the default file system. +:command:`wsize` + int (bytes), max write size. Default: 16777216 (16*1024*1024) (writeback + uses smaller of wsize and stripe unit) -Mount Secrets -============= -If the `secret` and `secretfile` options are not specified on the command-line -then the mount helper will spawn a child process that will use the standard -ceph library routines to find a keyring and fetch the secret from it. Examples ======== Mount the full file system:: - mount.ceph monhost:/ /mnt/foo + mount.ceph :/ /mnt/mycephfs -If there are multiple monitors:: +Assuming mount.ceph is installed properly, it should be automatically invoked +by mount(8):: - mount.ceph monhost1,monhost2,monhost3:/ /mnt/foo + mount -t ceph :/ /mnt/mycephfs -If :doc:`ceph-mon `\(8) is running on a non-standard -port:: +Mount only part of the namespace/file system:: - mount.ceph monhost1:7000,monhost2:7000,monhost3:7000:/ /mnt/foo + mount.ceph :/some/directory/in/cephfs /mnt/mycephfs -To automatically determine the monitor addresses from local configuration:: +Mount non-default FS, in case cluster has multiple FSs:: - mount.ceph :/ /mnt/foo + mount -t ceph :/ /mnt/mycephfs2 -o mds_namespace=mycephfs2 -To mount only part of the namespace:: +Pass the monitor host's IP address, optionally:: - mount.ceph monhost1:/some/small/thing /mnt/thing + mount.ceph 192.168.0.1:/ /mnt/mycephfs -Assuming mount.ceph(8) is installed properly, it should be -automatically invoked by mount(8) like so:: +Pass the port along with IP address if it's running on a non-standard port:: - mount -t ceph monhost:/ /mnt/foo + mount.ceph 192.168.0.1:7000:/ /mnt/mycephfs -If you have more than one file system on your Ceph cluster, you can mount the -non-default FS on your local FS as follows:: +If there are multiple monitors, passes addresses separated by a comma:: + + mount.ceph 192.168.0.1,192.168.0.2,192.168.0.3:/ /mnt/mycephfs + +If authentication is enabled on Ceph cluster:: + + mount.ceph :/ /mnt/mycephfs -o name=fs_username + +Pass secret key for CephX user optionally:: + + mount.ceph :/ /mnt/mycephfs -o name=fs_username,secret=AQATSKdNGBnwLhAAnNDKnH65FmVKpXZJVasUeQ== + +Pass file containing secret key to avoid leaving secret key in shell's command +history:: + + mount.ceph :/ /mnt/mycephfs -o name=fs_username,secretfile=/etc/ceph/fs_username.secret - mount -t ceph :/ /mnt/mycephfs2 -o name=fs,mds_namespace=mycephfs2 Availability ============ @@ -195,6 +217,7 @@ Availability refer to the Ceph documentation at http://ceph.com/docs for more information. + See also ======== -- 2.47.3