Den ons 26 aug. 2020 kl 14:16 skrev Simon Sutter <ssutter@xxxxxxxxxxx>: > Hello, > So I know, the mon services can only bind to just one ip. > But I have to make it accessible to two networks because internal and > external servers have to mount the cephfs. > The internal ip is 10.99.10.1 and the external is some public-ip. > I tried nat'ing it with this: "firewall-cmd --zone=public > --add-forward-port=port=6789:proto=tcp:toport=6789:toaddr=10.99.10.1 > -permanent" > > So the nat is working, because I get a "ceph v027" (alongside with some > gibberish) when I do a telnet "telnet *public-ip* 6789" > But when I try to mount it, I get just a timeout: > mount -vvvv -t ceph *public-ip*:6789:/testing /mnt -o > name=test,secretfile=/root/ceph.client. test.key > mount error 110 = Connection timed out > > The tcpdump also recognizes a "Ceph Connect" packet, coming from the mon. > > How can I get around this problem? > Is there something I have missed? Any ceph client will need direct access to all OSDs involved also. Your mail doesn't really say if the cephfs-mounting client can talk to OSDs? In ceph, traffic is not shuffled via mons, mons only tell the client which OSDs it needs to talk to, then all IO goes directly from client to any involved OSD servers. -- May the most significant bit of your life be positive. _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |