[Openstack-operators] [Fuel][ceph] Fuel 7.0 Ceph dm-crypt and multi-site redundancy

Forrest Flagg raymond.flagg at maine.edu
Thu Nov 12 15:49:46 UTC 2015


Thanks for the reply and sorry it took me so long to respond.  Are there
any specific options that fuel uses when it deploys the ceph osd's?  If so,
do you know what configuration files, I suspect the puppet manifests but
I'm trying to verify, those commands are kept in?  It would seem to me that
if all that's needed to add dm-crypt afterwards is to remove the osds and
re-add them then modifying the actual commands that fuel uses should work
as well.  However, I'm not familiar enough to know what files need to be
modified for those changes to take effect during a deployment.

The two questions I asked are sort of related.  I was asking about dm-crypt
for disk end-of-life and warranty replacement.  It would be good to know
that any data on a disk is fully encrypted in these circumstances.

I'm not particularly familiar with federated gateways and I was wonder if
it would work to do offsite replication and backup of our ceph storage.
We'd hopefully be doing daily backups and we need something that can
facilitate that.  I thought federated gateways might be an option to have
some ceph nodes in a separate location.  We've also been considering using
rbd to do incremental snapshots as outlined in [1].

Any additional insight on these ideas would be much appreciated.


On Tue, Nov 10, 2015 at 9:01 PM, Andrew Woodward <xarses at gmail.com> wrote:

> Sent too soon, I'd be interested in what all you are attempting to
> accomplish and see how we might be able to design and add support for this
> On Wed, Nov 11, 2015, 10:59 AM Andrew Woodward <xarses at gmail.com> wrote:
>> There are no provisions in fuel currently for more complex operations
>> like dm-crypt and tuning crush topology. Both can be accomplished post
>> deployment manually however. For dm-crypt you can remove the osd and Re add
>> it using ceph-deploy (you will want to update the partition GUID to match
>> this usage for automatic mounting )
>> For topology changes, I'd just refer to the crush map documentation.
>> On Wed, Nov 11, 2015, 2:21 AM Forrest Flagg <raymond.flagg at maine.edu>
>> wrote:
>>> Hi all,
>>> I'm having some trouble finding information about using Fuel and Ceph
>>> together with more complex options such as encryption and multi-site
>>> redundancy.  Does anyone know how to use Fuel to enabled dm-crypt for ceph
>>> and if so what sort of performance hit you take when doing so?  What about
>>> having multi-site ceph nodes for offsite backup?  Would using federated
>>> gateways be a workable option or is there a better way to deal with of
>>> off-site redundancy/backup?  Thanks,
>>> Forrest
>>> _______________________________________________
>>> OpenStack-operators mailing list
>>> OpenStack-operators at lists.openstack.org
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>> --
>> --
>> Andrew Woodward
>> Mirantis
>> Fuel Community Ambassador
>> Ceph Community
> --
> --
> Andrew Woodward
> Mirantis
> Fuel Community Ambassador
> Ceph Community
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20151112/38379064/attachment.html>

More information about the OpenStack-operators mailing list