Red Hat SummitDieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.
Chapter 1. RESTful Plug-in
1.1. What is the RESTful Plug-in?
The RESTful plug-in for the Ceph Manager (ceph-mgr) provides an API for interacting with a Red Hat Ceph Storage cluster.
You can use the API to:
- Show the information about Monitors and OSDs
- Create or edit pools
- View and start scheduled processes on OSDs
- Show configuration options for the cluster, Monitor, and OSDs
1.2. Enabling and Securing the RESTful plug-in
The RESTful plug-in offers the REST API access to the status of the cluster over an SSL-secured connection. This section describes how to enable the plug-in and secure it.
Prerequisites
-
Ensure that you have at least one
ceph-mgrdaemon active. See the Installing a Red Hat Ceph Storage section in the Installation Guide for Red Hat Enterprise Linux or Ubuntu. -
If you use a firewall, ensure that the
8003port is enabled on the node with the activeceph-mgrdaemon.
Procedure
Use the following commands on a node with the administration keyring.
Enable the RESTful plug-in.
ceph mgr module enable restful
[root@admin ~]# ceph mgr module enable restfulCopy to Clipboard Copied! Toggle word wrap Toggle overflow Configure an SSL certificate.
If your organization’s certificate authority provides a certificate, set the certificate:
ceph config-key set mgr/restful/hostname/crt -i certificate ceph config-key set mgr/restful/hostname/key -i key
ceph config-key set mgr/restful/hostname/crt -i certificate ceph config-key set mgr/restful/hostname/key -i keyCopy to Clipboard Copied! Toggle word wrap Toggle overflow Replace hostname with the host name of the host where the active
ceph-mgrinstance is running, certificate with the path to the certificate file, and key with the path to the key file, for example:ceph config-key set mgr/restful/node1/crt -i restful.crt ceph config-key set mgr/restful/node1/key -i restful.key
[root@admin ~]# ceph config-key set mgr/restful/node1/crt -i restful.crt [root@admin ~]# ceph config-key set mgr/restful/node1/key -i restful.keyCopy to Clipboard Copied! Toggle word wrap Toggle overflow If you want to use the certificate on all
ceph-mgrinstances, omit the hostname part, for example:ceph config-key set mgr/restful/crt -i restful.crt ceph config-key set mgr/restful/key -i restful.key
[root@admin ~]# ceph config-key set mgr/restful/crt -i restful.crt [root@admin ~]# ceph config-key set mgr/restful/key -i restful.keyCopy to Clipboard Copied! Toggle word wrap Toggle overflow Alternatively, generate a self-signed certificate. However, using a self-signed certificate does not provide full security benefits of the HTTPS protocol.
ceph restful create-self-signed-cert
[root@admin ~]# ceph restful create-self-signed-certCopy to Clipboard Copied! Toggle word wrap Toggle overflow
Create an HTTP user and generate a password for HTTP basic authentication.
ceph restful create-key username
ceph restful create-key usernameCopy to Clipboard Copied! Toggle word wrap Toggle overflow Replace username with name of the user. For example, to create a user named
admin:ceph restful create-key admin
[root@admin ~]# ceph restful create-key admin 3ce361b7-97fb-4820-8edc-1090841f078eCopy to Clipboard Copied! Toggle word wrap Toggle overflow Connect to the RESTful plug-in web page. Open a web browser and enter the following URL:
https://_ceph-mgr_:8003
https://_ceph-mgr_:8003Copy to Clipboard Copied! Toggle word wrap Toggle overflow Replace ceph-mgr with the IP address or host name of the node with the active
ceph-mgrdaemon:https://node1:8003
https://node1:8003Copy to Clipboard Copied! Toggle word wrap Toggle overflow If you used a self-signed certificate, confirm a security exception.
- Optional. If you want to use a static IP address for the RESTful plug-in, configure a load balancer.
Additional Resources
-
The
ceph restful --helpcommand -
The
https://ceph-mgr:8003/docpage, where ceph-mgr is the IP address or host name of the node with the runningceph-mgrinstance - The Using OpenSSL chapter in the Security Guide for Red Hat Enterprise Linux 7
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}