summaryrefslogtreecommitdiffstats
path: root/doc/rados/deployment/preflight-checklist.rst
diff options
context:
space:
mode:
Diffstat (limited to 'doc/rados/deployment/preflight-checklist.rst')
-rw-r--r--doc/rados/deployment/preflight-checklist.rst109
1 files changed, 109 insertions, 0 deletions
diff --git a/doc/rados/deployment/preflight-checklist.rst b/doc/rados/deployment/preflight-checklist.rst
new file mode 100644
index 00000000..d45de989
--- /dev/null
+++ b/doc/rados/deployment/preflight-checklist.rst
@@ -0,0 +1,109 @@
+=====================
+ Preflight Checklist
+=====================
+
+.. versionadded:: 0.60
+
+This **Preflight Checklist** will help you prepare an admin node for use with
+``ceph-deploy``, and server nodes for use with passwordless ``ssh`` and
+``sudo``.
+
+Before you can deploy Ceph using ``ceph-deploy``, you need to ensure that you
+have a few things set up first on your admin node and on nodes running Ceph
+daemons.
+
+
+Install an Operating System
+===========================
+
+Install a recent release of Debian or Ubuntu (e.g., 16.04 LTS) on
+your nodes. For additional details on operating systems or to use other
+operating systems other than Debian or Ubuntu, see `OS Recommendations`_.
+
+
+Install an SSH Server
+=====================
+
+The ``ceph-deploy`` utility requires ``ssh``, so your server node(s) require an
+SSH server. ::
+
+ sudo apt-get install openssh-server
+
+
+Create a User
+=============
+
+Create a user on nodes running Ceph daemons.
+
+.. tip:: We recommend a username that brute force attackers won't
+ guess easily (e.g., something other than ``root``, ``ceph``, etc).
+
+::
+
+ ssh user@ceph-server
+ sudo useradd -d /home/ceph -m ceph
+ sudo passwd ceph
+
+
+``ceph-deploy`` installs packages onto your nodes. This means that
+the user you create requires passwordless ``sudo`` privileges.
+
+.. note:: We **DO NOT** recommend enabling the ``root`` password
+ for security reasons.
+
+To provide full privileges to the user, add the following to
+``/etc/sudoers.d/ceph``. ::
+
+ echo "ceph ALL = (root) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/ceph
+ sudo chmod 0440 /etc/sudoers.d/ceph
+
+
+Configure SSH
+=============
+
+Configure your admin machine with password-less SSH access to each node
+running Ceph daemons (leave the passphrase empty). ::
+
+ ssh-keygen
+ Generating public/private key pair.
+ Enter file in which to save the key (/ceph-client/.ssh/id_rsa):
+ Enter passphrase (empty for no passphrase):
+ Enter same passphrase again:
+ Your identification has been saved in /ceph-client/.ssh/id_rsa.
+ Your public key has been saved in /ceph-client/.ssh/id_rsa.pub.
+
+Copy the key to each node running Ceph daemons::
+
+ ssh-copy-id ceph@ceph-server
+
+Modify your ~/.ssh/config file of your admin node so that it defaults
+to logging in as the user you created when no username is specified. ::
+
+ Host ceph-server
+ Hostname ceph-server.fqdn-or-ip-address.com
+ User ceph
+
+
+Install ceph-deploy
+===================
+
+To install ``ceph-deploy``, execute the following::
+
+ wget -q -O- 'https://download.ceph.com/keys/release.asc' | sudo apt-key add -
+ echo deb http://ceph.com/debian-dumpling/ $(lsb_release -sc) main | sudo tee /etc/apt/sources.list.d/ceph.list
+ sudo apt-get update
+ sudo apt-get install ceph-deploy
+
+
+Ensure Connectivity
+===================
+
+Ensure that your Admin node has connectivity to the network and to your Server
+node (e.g., ensure ``iptables``, ``ufw`` or other tools that may prevent
+connections, traffic forwarding, etc. to allow what you need).
+
+
+Once you have completed this pre-flight checklist, you are ready to begin using
+``ceph-deploy``.
+
+.. _OS Recommendations: ../../../start/os-recommendations