On 27-02-2024 05:45, Michael Worsham wrote:
I was setting up the Ceph cluster via this URL (https://computingforgeeks.com/install-ceph-storage-cluster-on-ubuntu-linux-servers/) and didn't know if there was a way to do it via the "ceph orch daemon add osd ceph-osd-01:/dev/sdb" command or not?
Is it possible to set the OSD to encryption after the fact or does that involve some other process?
You can't enable encryption after the OSDs have been created. So you
would need to reprovision each OSD. I think Using a spec file with the
option "encrypted: true" in there is the easiest way of doing this [1].
So the procedure would be:
- destroy all of your OSDs if you do not have stored any data in it.
Otherwise do this one OSD (or failure domain) at a time.
- use ceph-volume zap command to clean the OSDs, i.e.: cephadm shell --
ceph-volume lvm zap /path/to/device --destroy
- check with cephadm shell -- ceph orch device ls --wide --refresh if
all the drives you want to use are available
- Test your spec file in a dry-run to see if cephadm would do what you
expect: cephadm shell --mount /path/to/your/specfile/directory -- ceph
orch apply osd -i /mnt/specfile-directory/example.spec --dry-run
If this gives the outcome you want, you can omit the --dry-run part and
let cephadm provision the OSDs for you.
Note that to prevent cephadm by redeploying the "newly" discovered
available drives you best make sure (and remove) the current OSD
specfiles if present. And or pause cephadm.
Gr. Stefan
[1]: https://docs.ceph.com/en/latest/cephadm/services/osd/#osd-service
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx
