Ceph Nautilus : How to enable the Ceph MGR dashboard - ceph

I have recently installed Ceph Nautilus.
ceph version 14.2.1 (d555a9489eb35f84f2e1ef49b77e19da9d113972) nautilus (stable)
I cannot see any "dashboard" module (neither in enabled nor in disabled state). I an checking through "ceph mgr module ls"
If I try to enable it, I get following error.
[user#system mydir]$ ceph mgr module enable dashboard
Error ENOENT: all mgr daemons do not support module 'dashboard', pass --force to force enablement
How can I enable the dashboard module?

Install the appropriate package from the below link
# rpm -Uvh http://download.ceph.com/rpm-nautilus/el7/noarch/ceph-mgr-dashboard-14.2.1-0.el7.noarch.rpm
Note: it will ask for few dependencies, install with yum/apt package manager and then execute the above command.
Enable the ceph mgr dashboard
# ceph mgr module enable dashboard
# ceph mgr module ls
Create self-signed certificate
# sudo ceph dashboard create-self-signed-cert
Self-signed certificate created
Create a user for Dashboard
Example: [ceph dashboard ac-user-create (username) (password) administrator]
# ceph dashboard ac-user-create cent password administrator
{"username": "cent", "lastUpdate": 1560292901, "name": null, "roles": ["administrator"], "password": "$2b$12$w60gItcbKd6PULNYI9McmOBMiAzFoKJ9T9XGva8vC6dxIyqMsE4kK", "email": null}
# ceph mgr services
{
"dashboard": "https://ceph-mgr:8443/"
}
Note: Here you can access with IP address of ceph-mgr node, instead of hostname.
Make sure firewall port is open
# firewall-cmd --add-port=8443/tcp --permanent
# firewall-cmd --reload
Open the dashboard url in any browser
https://ceph-mgr:8443 or https://192.168.1.10:8443
Enter the username: cent and password: password
Here you go...

Related

How to create a user in a digitalocean droplet and give ssh permissions using terraform?

I am using terraform to provision a server on Digitalocean while also using the "provisioner remote-exec block" feature to run some linux commands into the server. But the issue now is I need to run some docker commands with a new user so I must have a new user and all permissions assigned including ssh but I don't seem to find my way around it.
I added the block below to the configuration file and got errors as the user seem not to be able to perform ssh activities and my guess is permissions.
provisioner "remote-exec" {
inline = [
"apt-get update",
"sudo apt install docker.io -y",
"sudo snap install docker",
"useradd -m chainsafe",
"sudo usermod -aG ssh chainsafe",
"apt-get update",
"systemctl enable forest.service",
"docker run -p 1234:1234 --rm --detach ghcr.io/chainsafe/forest:latest --encrypt-keystore false --auto-download-snapshot --chain calibnet",
"systemctl start forest.service",
]
connection {
type = var.type
user = var.user
private_key = file("~/sammy")
host = self.ipv4_address
agent = var.agent
}
}
I was expecting that the user is created and the connection block can use the new user to run the docker command. Terraform gets stuck trying to perform the process but the ssh handshake is flawed hence errors

Unable to access the Kubernetes Dashboard on Google Cloud Platform

This is my first time of setting up Kubernetes on Google Cloud Platform.
These are the steps I followed:
I created an account on Google Cloud Platform and spun up a new instance:
https://console.cloud.google.com/compute
Installed the gcloud SDK:
curl https://sdk.cloud.google.com | bash
Configured my Google Cloud Platform account information
gcloud auth login
Installed the latest verion of Kubernetes
curl -sS https://get.k8s.io | bash
Launched a new cluster:
kubernetes/cluster/kube-up.sh
Confirmed that my configuration along with the cluster management credentials are stored in:
sudo nano /home/promisepreston/.kube/config
Installed kubectl on the server
curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl
Ran the command below which outputted the URL for the master services including DNS, UI, and monitoring
kubectl cluster-info
Deployed the Dashboard UI by running the following command:
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml
And finally, I tried accessing the Dashboard by running the following command:
kubectl proxy
Which should make the Dashboard available at:
http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
However, when I visit that URL I get error:
Unable to connect
And even when I try the command below:
curl http://localhost:8001/api
I get the error below:
curl: (7) Failed to connect to localhost port 8001: Connection refused
I have looked through a lot of documentation and tried multiple solutions, but none seems to work for me.
Installed kubectl on the server
You need kubectl on machine, from which you're going to access your cluster. If you installed it on the server and you ran kubectl proxy on the server - then you can access the proxy only from your server (depends on your network config).
If you do curl http://localhost:8001/api on the server - it will work.
So, you need to install kubectl on your machine, set up the k8s context for it and then run kubectl proxy - after that, all requests to proxy will be forwarded to your cluster.
In each request to k8s API server you need to be authenticated, when you run kubectl proxy - basically proxy will take care of authentication and SSL/TLS related stuff.
Read this for more info: Use an HTTP Proxy to Access the Kubernetes API
and The Kubernetes API
Configure Access to Multiple Clusters - may also be useful
Basically you need to do the following:
Note: These should be done directly on your local machine, and not on the server or the terminal connecting to the server, but directly on your local machine:
Install the gcloud SDK:
# Add the Cloud SDK distribution URI as a package source
echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] http://packages.cloud.google.com/apt cloud-sdk main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
# Import the Google Cloud public key
curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key --keyring /usr/share/keyrings/cloud.google.gpg add -
# Update the package list and install the Cloud SDK
sudo apt-get update && sudo apt-get install google-cloud-sdk
Configure your Google Cloud Platform account information:
gcloud auth login
Install Kubectl the Kubernetes command line tool:
curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl
Install Minikube that will be using to install Kubernetes on your local machine:
curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube_latest_amd64.deb
sudo dpkg -i minikube_latest_amd64.deb
Start Minikube to pull the latest image of Kubenetes on your local system and configure it with Kubectl:
minikube start
If you already have some clusters set up, you can now use it to access your shiny new cluster:
kubectl get po -A
Minikube bundles the Kubernetes Dashboard, allowing you to get easily acclimated to your new environment:
minikube dashboard

Nginx ingress controller at kubernetes not allowing installation of some package

I am looking to execute
apt install tcpdump
but facing permission denial, upon looking to set the directory to root, it is asking me for password and I don't know from where to get that password.
I installed nginx helm chart from stable/nginx repository with no RBAC
Please see snapshot for details on error, while I tried installing tcpdump in the pod after doing ssh into it.
In Using GDB with Nginx, you can find troubleshooting section:
Shortly:
find the node where your pod is running (kubectl get pods -o wide)
ssh into the node
find the docker_ID for this image (docker ps | grep pod_name)
run docker exec -it --user=0 --privileged docker_ID bash
Note: Runtime privilege and Linux capabilities
When the operator executes docker run --privileged, Docker will enable access to all devices on the host as well as set some configuration in AppArmor or SELinux to allow the container nearly all the same access to the host as processes running outside containers on the host. Additional information about running with --privileged is available on the Docker Blog.
Additional resources:
ROOT IN CONTAINER, ROOT ON HOST
Hope this help.

Ceph-Mgr-Dashboard not working with Ceph Naultilus Release

I install ceph cluster with ceph-deploy tool. And I want to install ceph-mgr-dashboard that its removed from ceph-mgr modules. In the official ceph tell if you want to use ceph-dashboard must be installl ceph-mgr-dashboard package and enable its.
This package with apt install ceph-mgr-dashboard. But it don't do anything with its. This is very miserable for ceph document. There's instruction but can't use follow its.
Install the dashboard rpm in all the mgr servers:
yum install ceph-mgr-dashboard.noarch
Generate self-signed certificate (key point, in my installations, dashboard does not run without certificate):
ceph dashboard create-self-signed-cert
Enable dashboard:
sudo ceph mgr module enable dashboard
check status:
sudo ceph mgr services

kubectl : connection refused

I am on the way of installing minkube 0.19.1 in Ubuntu 16.04 following the kubernetes documentation. As prerequisits I have installed kubectl and Oracle VirtualBox.
When I check kubectl with kubectl version it gives following.
Client Version: version.Info{Major:"1", Minor:"6", GitVersion:"v1.6.6", GitCommit:"7fa1c1756d8bc963f1a389f4a6937dc71f08ada2", GitTreeState:"clean", BuildDate:"2017-06-16T18:34:20Z", GoVersion:"go1.7.6", Compiler:"gc", Platform:"linux/amd64"}
The connection to the server localhost:8080 was refused - did you specify the right host or port?
But when I netstat the port to check the process it gives nothing for the results.
I have setup Google cloud SDK as well.
I have searched and tried for many solutions inclusing this but was not able to resolve my issue.
Here are my gcloud config and info results.
$gcloud config list
[compute]
zone = asia-southeast1-a
[core]
account = userName#mail.com
disable_usage_reporting = False
project = sampleproject1990
$gcloud info
Google Cloud SDK [159.0.0]
Platform: [Linux, x86_64] ('Linux', 'userName', '4.8.0-54-generic', '#57~16.04.1-Ubuntu SMP Wed May 24 16:22:28 UTC 2017', 'x86_64', 'x86_64')
Python Version: [2.7.12 (default, Nov 19 2016, 06:48:10) [GCC 5.4.0 20160609]]
Python Location: [/usr/bin/python2]
Site Packages: [Disabled]
Installation Root: [/home/userName/products/google-cloud-sdk]
Installed Components:
kubectl: []
core: [2017.06.09]
gcloud: []
gsutil: [4.26]
bq: [2.0.24]
alpha: [2017.03.24]
System PATH: [PATH=/usr/lib/jvm/java-8-oracle/bin:/home/userName/bin:/home/userName/.local/bin:/usr/local/maven/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin:/usr/lib/jvm/java-8-oracle/bin:/usr/lib/jvm/java-8-oracle/db/bin:/usr/lib/jvm/java-8-oracle/jre/bin:/usr/local/apache-maven-3.3.9/bin]
Python PATH: [/home/userName/products/./google-cloud-sdk/lib/third_party:/home/userName/products/google-cloud-sdk/lib:/usr/lib/python2.7/:/usr/lib/python2.7/plat-x86_64-linux-gnu:/usr/lib/python2.7/lib-tk:/usr/lib/python2.7/lib-old:/usr/lib/python2.7/lib-dynload]
Cloud SDK on PATH: [False]
Kubectl on PATH: [/usr/local/bin/kubectl]
WARNING: There are old versions of the Google Cloud Platform tools on your system PATH.
/usr/local/bin/kubectl
Installation Properties: [/home/userName/products/google-cloud-sdk/properties]
User Config Directory: [/home/userName/.config/gcloud]
Active Configuration Name: [my-configuration]
Active Configuration Path: [/home/userName/.config/gcloud/configurations/config_my-configuration]
Account: [userName#mail.com]
Project: [sampleproject1990]
Current Properties:
[core]
project: [sampleproject1990]
account: [userName#mail.com]
disable_usage_reporting: [False]
[compute]
zone: [asia-southeast1-a]
Logs Directory: [/home/userName/.config/gcloud/logs]
Last Log File: [/home/userName/.config/gcloud/logs/2017.06.21/12.39.23.391849.log]
git: [git version 2.7.4]
ssh: [OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g 1 Mar 2016]
Can anyone tell me how I can fix this issue ?
I had similar issues with Minikube and virtualbox driver. Please ensure the interface to which the virtualbox is configured, is up .
I did a sudo ifconfig vboxnet0 up and my issue got resolved
I faced the same issue. Turns out that I was running the command without being the root user. So, if you login as the super user (sudo -i), it might work.
This issue is because the Kubelet is not running or is not healthy.
One way to resolve this issue:
$ sudo swapoff -a
$ sudo systemctl enable kubelet
$ sudo systemctl start kubelet
After this, deploy Kubernetes with kubeadm as given below:
$ sudo kubeadm init --ignore-preflight-errors=all
After loading the kubeadm credentials, untaint the master node and join worker nodes if you are working on a cluster.
And now give the command:
$ sudo kubectl cluster-info
The server and the client should be running with the same Kubernetes version.
If this solution doesn't work, scrape Kubernetes, kubectl, kubeadm and kubelet and follow the Kubernetes installation steps alone from this guide.