O'Reilly logo

Learning Ceph - Second Edition by Karan Singh, Vaibhav Bhembre, Anthony D'Atri

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Cluster authentication

Ceph provides Kerberos-type authentication for all clients and daemons of the cluster using the cephx protocol. Each entity that communicates with other cluster components needs to communicate using their respective keys. Any MON can authenticate a client based on the key it provides, then send it a session key to use when talking to other processes within the cluster, such as OSDs. Once the session expires the clients need to authenticate to the cluster again before they can resume talking to OSDs. The list of keys that authorized clients can use are retrieved by the auth list subcommand.

root@ceph-client0:~# ceph auth listinstalled auth entries:client.adminkey: AQBSdLVZN8DNDBAAIwIhHp/np5uUk9Rftzb5kg==caps: [mds] allow ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required