From 8555a3420fbae5d867b33cd94000f87b745279cb Mon Sep 17 00:00:00 2001 From: Zac Dover Date: Wed, 30 Nov 2022 13:56:52 +1000 Subject: [PATCH] doc/cephadm: add airgapped install procedure Add a procedure describing an installation with an airgapped registry. This commit ingests work done in https://github.com/ceph/ceph/pull/44346 that was abandoned for lo these past eleven months. The PR connected with this commit supersedes that PR. Signed-off-by: Zac Dover (cherry picked from commit 292894dc920cda58f58109761e04be82e884fbb9) --- doc/cephadm/install.rst | 45 +++++++++++++++++++++++++---- doc/cephadm/services/monitoring.rst | 4 +++ 2 files changed, 44 insertions(+), 5 deletions(-) diff --git a/doc/cephadm/install.rst b/doc/cephadm/install.rst index 67b8ab9a137d..a19b14c9edc0 100644 --- a/doc/cephadm/install.rst +++ b/doc/cephadm/install.rst @@ -362,7 +362,9 @@ Different deployment scenarios Single host ----------- -To configure a Ceph cluster to run on a single host, use the ``--single-host-defaults`` flag when bootstrapping. For use cases of this, see :ref:`one-node-cluster`. +To configure a Ceph cluster to run on a single host, use the +``--single-host-defaults`` flag when bootstrapping. For use cases of this, see +:ref:`one-node-cluster`. The ``--single-host-defaults`` flag sets the following configuration options:: @@ -370,12 +372,22 @@ The ``--single-host-defaults`` flag sets the following configuration options:: global/osd_pool_default_size = 2 mgr/mgr_standby_modules = False -For more information on these options, see :ref:`one-node-cluster` and ``mgr_standby_modules`` in :ref:`mgr-administrator-guide`. +For more information on these options, see :ref:`one-node-cluster` and +``mgr_standby_modules`` in :ref:`mgr-administrator-guide`. + +.. _cephadm-airgap: Deployment in an isolated environment ------------------------------------- -You can install Cephadm in an isolated environment by using a custom container registry. You can either configure Podman or Docker to use an insecure registry, or make the registry secure. Ensure your container image is inside the registry and that you have access to all hosts you wish to add to the cluster. +You can install Cephadm in an isolated environment by using a custom container +registry. You can either configure Podman or Docker to use an insecure +registry, or make the registry secure. This is sometimes referred to as +"airgapping". Registries that are not directly connected to the internet are +referred to as "airgapped". + +Ensure your container image is inside the registry and that you +have access to all hosts you wish to add to the cluster. Run a local container registry: @@ -383,13 +395,36 @@ Run a local container registry: podman run --privileged -d --name registry -p 5000:5000 -v /var/lib/registry:/var/lib/registry --restart=always registry:2 -If you are using an insecure registry, configure Podman or Docker with the hostname and port where the registry is running. +If you are using an insecure registry, configure Podman or Docker with the +hostname and port where the registry is running. .. note:: For every host which accesses the local insecure registry, you will need to repeat this step on the host. Next, push your container image to your local registry. -Then run bootstrap using the ``--image`` flag with your container image. For example: +* Ceph container image. See :ref:`containers`. +* Prometheus container image +* Node exporter container image +* Grafana container image +* Alertmanager container image + +Now, create a temporary configuration file for setting the montoring +images. (See :ref:`cephadm_monitoring-images`): + +.. prompt:: bash $ + + $ cat < initial-ceph.conf + +:: + + [mgr] + mgr/cephadm/container_image_prometheus **:5000/prometheus + mgr/cephadm/container_image_node_exporter **:5000/node_exporter + mgr/cephadm/container_image_grafana **:5000/grafana + mgr/cephadm/container_image_alertmanager **:5000/alertmanger + +Then run bootstrap using the ``--image`` flag with your container image. For +example: .. prompt:: bash # diff --git a/doc/cephadm/services/monitoring.rst b/doc/cephadm/services/monitoring.rst index 6c332befe886..86e3e3f699ab 100644 --- a/doc/cephadm/services/monitoring.rst +++ b/doc/cephadm/services/monitoring.rst @@ -103,6 +103,8 @@ example spec file: spec: port: 4200 +.. _cephadm_monitoring-images: + Using custom images ~~~~~~~~~~~~~~~~~~~ @@ -161,6 +163,8 @@ For example, if you had changed the prometheus image ceph config rm mgr mgr/cephadm/container_image_prometheus +See also :ref:`cephadm-airgap`. + .. _cephadm-overwrite-jinja2-templates: Using custom configuration files -- 2.47.3