Chapter 11. Deployment Scenarios

When you deploy a cluster with ceph-deploy, you do not have to bootstrap the monitor manually or create the client.admin user or keyring. The steps you execute in the Storage Cluster Quick Start will invoke ceph-deploy to do that for you.

When you execute ceph-deploy new <initial-monitor(s)>, Ceph will create a monitor keyring for you (only used to bootstrap monitors), and it will generate an initial Ceph configuration file for you, which contains the following authentication settings, indicating that Ceph enables authentication by default:

auth_cluster_required = cephx
auth_service_required = cephx
auth_client_required = cephx

auth_cluster_required = cephx
auth_service_required = cephx
auth_client_required = cephx

When you execute ceph-deploy mon create-initial, Ceph will bootstrap the initial monitor(s), retrieve a ceph.client.admin.keyring file containing the key for the client.admin user. Additionally, it will also retrieve keyrings that give ceph-deploy and ceph-disk utilities the ability to prepare and activate OSDs.

When you execute ceph-deploy admin <node-name> (note: Ceph must be installed first), you are pushing a Ceph configuration file and the ceph.client.admin.keyring to the /etc/ceph directory of the node. You will be able to execute Ceph administrative functions as root on the command line of that node.

When you deploy a cluster manually, you have to bootstrap the monitor manually and create the client.admin user and keyring. The steps for monitor bootstrapping are the logical steps you must perform when using third party deployment tools like Chef, Puppet, Juju, etc.