Setting-up keyring on client machines

Edit online

Most Ceph clusters are run with the authentication enabled, and the client needs the keys in order to communicate with cluster machines. You can generate the keyring which can give details to clients to reach the Ceph monitors.

Prerequisites

Edit online

  • A running IBM Storage Ceph cluster.

  • Root access to the nodes.

Procedure

Edit online

  1. On the node where you want to set up the keyring, create a directory ceph in the /etc folder:

    Example 

    [root@host01 ~]# mkdir /etc/ceph/

  2. Navigate to /etc/ceph directory in the ceph directory:

    Example 

    [root@host01 ~]# cd /etc/ceph/

  3. Generate the keyring for the client:

    Syntax 

    ceph auth get-or-create client.CLIENT_NAME -o /etc/ceph/NAME_OF_THE_FILE

    Example 

    [root@host01 ceph]# ceph auth get-or-create client.fs -o /etc/ceph/ceph.keyring

  4. Verify the output in the ceph.keyring file:

    Example 

    [root@host01 ceph]# cat ceph.keyring

[client.fs]
        key = AQAvoH5gkUCsExAATz3xCBLd4n6B6jRv+Z7CVQ==

    The resulting output should be put into a keyring file, for example /etc/ceph/ceph.keyring.