ceph – sort osds by utilisation

  1. Version 1 – keep it simple

    $ ceph osd df  | awk '{ print "osd."$1, "size: "$5, "usage: " $8 }' | sort -nk5
    

    OSDs can be listed twice – depends on the crushmap.

  2. Version 2 – json + python

    $ ceph osd df tree -f json | python sort_hdd_osds.py
    osd.28  utilization: 15.278888
    osd.15  utilization: 19.700484
    osd.58  utilization: 25.052757
    osd.31  utilization: 28.781335
    osd.22  utilization: 31.525527
    osd.2   utilization: 32.456151
    osd.47  utilization: 32.496669
    osd.39  utilization: 32.598765
    osd.17  utilization: 34.17247
    osd.40  utilization: 34.375297
    osd.56  utilization: 35.102418
    osd.48  utilization: 36.400253
    osd.50  utilization: 36.608321
    osd.52  utilization: 36.628858
    osd.38  utilization: 36.929235
    osd.13  utilization: 37.222498
    osd.30  utilization: 40.405145
    osd.59  utilization: 40.708111
    osd.62  utilization: 40.813985
    osd.43  utilization: 41.488432
    osd.53  utilization: 42.457611
    osd.49  utilization: 42.834021
    osd.23  utilization: 42.907104
    osd.18  utilization: 48.978743
    

    L22@sort_hdd_osds.py – specifies the bucket type which is used (not the device class!)

ceph – wrong osd id with lvm+filestore

Not sure why…but i’ve found a strange ceph-volume behavior with lvm and filestore.

ceph-volume lvm list shows the wrong osd id while the affected osd is online with a another id.

$ mount | grep ceph-2
/dev/mapper/vg00-datalv1 on /var/lib/ceph/osd/ceph-2 type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
$ cat /var/lib/ceph/osd/ceph-2/whoami 
2
$ sudo ceph osd metadata osd.2 | egrep "id|objectstore"
    "id": 2,
    "osd_objectstore": "filestore",
$ sudo ceph-volume lvm list
[...]
====== osd.8 =======

  [data]    /dev/vg00/datalv1

      type                      data
      journal uuid              XqM6CP-embw-gIfs-UN2Q-gRDR-TVWP-y1q5Te
      osd id                    8
      cluster fsid              ed62dbfb-f0f7-4b13-ace0-4ccea0c4a6bf
      cluster name              ceph
      osd fsid                  38e7bfb3-ad57-4979-b8a9-3f875e6cb6f5
      encrypted                 0
      data uuid                 W3h12f-xg3y-ij1Z-F70h-yx2n-SyD9-ioNEC7
      cephx lockbox secret
      crush device class        None
      data device               /dev/vg00/datalv1
      vdo                       0
      journal device            /dev/vg00/journallv1

  [journal]    /dev/vg00/journallv1

      type                      journal
      journal uuid              XqM6CP-embw-gIfs-UN2Q-gRDR-TVWP-y1q5Te
      osd id                    8
      cluster fsid              ed62dbfb-f0f7-4b13-ace0-4ccea0c4a6bf
      cluster name              ceph
      osd fsid                  38e7bfb3-ad57-4979-b8a9-3f875e6cb6f5
      encrypted                 0
      data uuid                 W3h12f-xg3y-ij1Z-F70h-yx2n-SyD9-ioNEC7
      cephx lockbox secret
      crush device class        None
      data device               /dev/vg00/datalv1
      vdo                       0
      journal device            /dev/vg00/journallv1

And if you try to start the osd via ceph-volume lvm trigger with the “wrong” ID 8 it will…

$ sudo ceph-volume lvm trigger 8-38e7bfb3-ad57-4979-b8a9-3f875e6cb6f5
Running command: mount -t xfs -o rw,noatime,inode64 /dev/vg00/datalv1 /var/lib/ceph/osd/ceph-8
Running command: ln -snf /dev/vg00/journallv1 /var/lib/ceph/osd/ceph-8/journal
Running command: chown -R ceph:ceph /dev/dm-2
Running command: systemctl enable ceph-volume@lvm-8-38e7bfb3-ad57-4979-b8a9-3f875e6cb6f5
Running command: systemctl start ceph-osd@8
--> ceph-volume lvm activate successful for osd ID: 8

$ sudo cat /var/log/ceph/ceph-osd.8.log
2018-07-04 19:28:34.754576 7f346e67fd80  0 set uid:gid to 167:167 (ceph:ceph)
2018-07-04 19:28:34.754598 7f346e67fd80  0 ceph version 12.2.5 (cad919881333ac92274171586c827e01f554a70a) luminous (stable), process (unknown), pid 3755
2018-07-04 19:28:34.754872 7f346e67fd80 -1 OSD id 2 != my id 8

FAIL! Same with the correct ID 2…

[vagrant@ceph-osd2 ~]$ sudo ceph-volume lvm trigger 2-38e7bfb3-ad57-4979-b8a9-3f875e6cb6f5
-->  RuntimeError: could not find osd.2 with fsid 38e7bfb3-ad57-4979-b8a9-3f875e6cb6f5

To fix that problem we need to adjust the datatag: ceph.osd_id on the LVM device.

$ sudo lvs -o lv_tags vg00/datalv1
  LV Tags                                                                                                                                                                                                                                                                                                                                                                                                                                     
  ceph.cephx_lockbox_secret=,ceph.cluster_fsid=ed62dbfb-f0f7-4b13-ace0-4ccea0c4a6bf,ceph.cluster_name=ceph,ceph.crush_device_class=None,ceph.data_device=/dev/vg00/datalv1,ceph.data_uuid=W3h12f-xg3y-ij1Z-F70h-yx2n-SyD9-ioNEC7,ceph.encrypted=0,ceph.journal_device=/dev/vg00/journallv1,ceph.journal_uuid=XqM6CP-embw-gIfs-UN2Q-gRDR-TVWP-y1q5Te,ceph.osd_fsid=38e7bfb3-ad57-4979-b8a9-3f875e6cb6f5,ceph.osd_id=8,ceph.type=data,ceph.vdo=0
$ sudo lvs -o lv_tags vg00/journallv1
  LV Tags                                                                                                                                                                                                                                                                                                                                                                                                                                        
  ceph.cephx_lockbox_secret=,ceph.cluster_fsid=ed62dbfb-f0f7-4b13-ace0-4ccea0c4a6bf,ceph.cluster_name=ceph,ceph.crush_device_class=None,ceph.data_device=/dev/vg00/datalv1,ceph.data_uuid=W3h12f-xg3y-ij1Z-F70h-yx2n-SyD9-ioNEC7,ceph.encrypted=0,ceph.journal_device=/dev/vg00/journallv1,ceph.journal_uuid=XqM6CP-embw-gIfs-UN2Q-gRDR-TVWP-y1q5Te,ceph.osd_fsid=38e7bfb3-ad57-4979-b8a9-3f875e6cb6f5,ceph.osd_id=8,ceph.type=journal,ceph.vdo=0
  1. Remove the old datatag

    lvchange --deltag ceph.osd_id=8 vg00/datalv1
    lvchange --deltag ceph.osd_id=8 vg00/journallv1
  2. Add the correct datatag

    lvchange --addtag ceph.osd_id=2 vg00/datalv1
    lvchange --addtag ceph.osd_id=2 vg00/journallv1

And et voilà

$ sudo ceph-volume lvm trigger 2-38e7bfb3-ad57-4979-b8a9-3f875e6cb6f5
Running command: mount -t xfs -o rw,noatime,inode64 /dev/vg00/datalv1 /var/lib/ceph/osd/ceph-2
Running command: ln -snf /dev/vg00/journallv1 /var/lib/ceph/osd/ceph-2/journal
Running command: chown -R ceph:ceph /dev/dm-2
Running command: systemctl enable ceph-volume@lvm-2-38e7bfb3-ad57-4979-b8a9-3f875e6cb6f5
 stderr: Created symlink from /etc/systemd/system/multi-user.target.wants/ceph-volume@lvm-2-38e7bfb3-ad57-4979-b8a9-3f875e6cb6f5.service to /usr/lib/systemd/system/ceph-volume@.service.
Running command: systemctl start ceph-osd@2
--> ceph-volume lvm activate successful for osd ID: 2
$ sudo cat /var/log/ceph/ceph-osd.2.log
2018-07-04 19:40:04.075588 7fa9cbf6bd80  0 set uid:gid to 167:167 (ceph:ceph)                                                                                                                                                                                                                                                
2018-07-04 19:40:04.075608 7fa9cbf6bd80  0 ceph version 12.2.5 (cad919881333ac92274171586c827e01f554a70a) luminous (stable), process (unknown), pid 4165                                                                                                                                                                     
2018-07-04 19:40:04.080821 7fa9cbf6bd80  0 pidfile_write: ignore empty --pid-file                       
2018-07-04 19:40:04.109636 7fa9cbf6bd80  0 load: jerasure load: lrc load: isa                                                                                                                                                                                                                                                
2018-07-04 19:40:04.110273 7fa9cbf6bd80  0 filestore(/var/lib/ceph/osd/ceph-2) backend xfs (magic 0x58465342)                                                                                                                                                                                       
2018-07-04 19:40:04.121305 7fa9cbf6bd80  0 filestore(/var/lib/ceph/osd/ceph-2) start omap initiation
[...]    

ceph-ansible: minimal containerized deployment (docker)

tested with v3.0.26

group_vars/all.yml

---
monitor_interface: eth1
radosgw_interface: eth1
public_network: 10.20.30.0/24
cluster_network: 192.168.121.0/24
ceph_conf_overrides:
    osd:
        osd scrub during recovery: false
ceph_docker_image: "ceph/daemon"
ceph_docker_image_tag: latest
ceph_docker_registry: 10.20.30.1:5000
containerized_deployment: true

group_vars/osds.yml

---
crush_location: true
osd_crush_location: "\"root={{ ceph_crush_root }} rack={{ ceph_crush_rack }} host={{ ansible_hostname }}\""
osd_objectstore: bluestore
osd_scenario: non-collocated
devices:
- /dev/sdb
- /dev/sdc
- /dev/sdd
- /dev/sde
- /dev/sdf
- /dev/sdg
- /dev/sdh
dedicated_devices:
- /dev/nvme0n1
- /dev/nvme0n1
- /dev/nvme0n1
- /dev/nvme0n1
- /dev/nvme0n1
- /dev/nvme0n1
- /dev/nvme0n1

group_vars/mons.yml (optional)

---
openstack_config: true
openstack_glance_pool:
  name: images
  pg_num: "{{ osd_pool_default_pg_num }}"
  rule_name: ""
openstack_pools:
  - "{{ openstack_glance_pool }}"

SUSE Cloud – missing cinder key on computes

2017-11-01 14:30:53.970 27835 ERROR nova.virt.libvirt.driver [instance: c5618826-98cb-4fd6-9d6f-b8899bd320b7] libvirtError: Secret not found: no secret with matching uuid '5b7c1b36-
9093-4a13-b14d-da8b8cbdd8a6'
2017-11-01 14:30:53.970 27835 ERROR nova.virt.libvirt.driver [instance: c5618826-98cb-4fd6-9d6f-b8899bd320b7] 
2017-11-01 14:30:53.971 27835 ERROR nova.virt.block_device [req-9f046c95-fecf-46e5-874d-43b42da1e63f 62169e96ed4b485aa2dfb2ca3235305c 05f20019f1c94952937a7f34087f5471 - - -] [instan
ce: c5618826-98cb-4fd6-9d6f-b8899bd320b7] Driver failed to attach volume 9f33b42f-79ba-472f-8e10-9525f186cde1 at /dev/vdb

Unless you find a key on the compute like (something with crowbar-$ID)

# virsh secret-list 
 UUID                                  Usage
--------------------------------------------------------------------------------
 5b7c1b36-9093-4a13-b14d-da8b8cbdd8a6  ceph crowbar-5b7c1b36-9093-4a13-b14d-da8b8cbdd8a6 secret

you can/have to fix it on your own:

#!/bin/bash

ID="5b7c1b36-9093-4a13-b14d-da8b8cbdd8a6"
# get cinder key from ceph cluster - ceph auth get-key client.cinder
CINDERKEY="AQA4cw1aa2tAAhAAxYl2l/lCaer3squRBdXBYg=="
FILE="<secret ephemeral='no' private='no'><uuid>$ID</uuid><usage type='ceph'><name>client.cinder secret</name></usage></secret>"
FILENAME="/tmp/secret.xml"

for host in 01 02 03 04 05; do
	dest="compute${host}"
	echo "Verifiy host $dest:"
	if ! ssh $dest virsh secret-get-value $ID; then
		echo "Create secret for cinder user."
		ssh $dest "echo \"$FILE\" > $FILENAME"
		ssh $dest virsh secret-define --file $FILENAME
		ssh $dest virsh secret-set-value --secret $ID --base64 $CINDERKEY
	fi
	echo "ok!"	
done

ceph metasearch – elasticsearch backend – part 2

requirements

  • ceph cluster (kraken release)
  • elasticsearch

The rgw syncer is only used/triggered in multisite configurations – so we need to setup a second zone for the metasearch.

environment / settings

export rgwhost="192.168.122.80"
export elastichost="192.168.122.71"
export realm="demo"
export zonegrp="zone-1"
export 1zone="zone1-a"
export 2zone="zone1-b" # used for metasearch
export sync_akey="$( cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1 )"
export sync_skey="$( cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 40 | head -n 1 )"
export user_akey="$( cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1 )"
export user_skey="$( cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 40 | head -n 1 )"

setup (see also part1)

create first zone
# radosgw-admin realm create --rgw-realm=${realm} --default
# radosgw-admin zonegroup create --rgw-realm=${realm} --rgw-zonegroup=${zonegrp} --endpoints=http://${rgwhost}:80 --master --default
# radosgw-admin zone create --rgw-realm=${realm} --rgw-zonegroup=${zonegrp} --rgw-zone=${1zone} --endpoints=http://${rgwhost}:80 --access-key=${sync_akey} --secret=${sync_skey} --master --default
# radosgw-admin user create --uid=sync --display-name="zone sync" --access-key=${sync_akey} --secret=${sync_skey} --system
# radosgw-admin period update --commit
# systemctl restart ceph-radosgw@rgw.${rgwhost}
create second zone
# radosgw-admin zone create --rgw-realm=${realm} --rgw-zonegroup=${zonegrp} --rgw-zone=${2zone} --access-key=${sync_akey} --secret=${sync_skey} --endpoints=http://${rgwhost}:81
# radosgw-admin zone modify --rgw-realm=${realm} --rgw-zonegroup=${zonegrp} --rgw-zone=${2zone} --tier-type=elasticsearch --tier-config=endpoint=http://${elastichost}:9200,num_replicas=1,num_shards=10
# radosgw-admin period update --commit

Restart the first radosgw and the start the second radosgw. For example:

# screen -dmS rgw2zone radosgw --keyring /etc/ceph/ceph.client.admin.keyring -f --rgw-zone=${2zone} --rgw-frontends="civetweb port=81"

Check elasticsearch for the new index:

# curl http://${elastichost}:9200/_cat/indices | grep rgw-${realm}
yellow open rgw-demo    z0UiKOOFQl682yILobYbMw 5 1 1 0 11.7kb 11.7kb

modify header/metadata

create a user

radosgw-admin user create --uid=rmichel --display-name="rmichel" --access-key=${user_akey} --secret=${user_skey}

upload some test data….

s3cmd is configured with the ${user_akey} + ${user_skey} and the ${rgwhost}:80 as the endpoint.

# s3cmd modify --add-header x-amz-meta-color:green s3://bucket1/admin.key
modify: 's3://bucket1/admin.key'
# s3cmd info s3://bucket1/admin.key
s3://bucket1/admin.key (object):
   File size: 63
   Last mod:  Thu, 27 Apr 2017 21:14:55 GMT
   MIME type: text/plain
   Storage:   STANDARD
   MD5 sum:   ee40e385a45c4855bd360cfbdbd48711
   SSE:       none
   policy:    <?xml version="1.0" encoding="UTF-8"?><ListBucketResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Name>bucket1</Name><Prefix></Prefix><Marker></Marker><MaxKeys>1000</MaxKeys><IsTruncated>false</IsTruncated><Contents><Key>admin.key</Key><LastModified>2017-04-27T21:14:55.494Z</LastModified><ETag>&quot;ee40e385a45c4855bd360cfbdbd48711&quot;</ETag><Size>63</Size><StorageClass>STANDARD</StorageClass><Owner><ID>rmichel</ID><DisplayName>rmichel</DisplayName></Owner></Contents></ListBucketResult>
   cors:      none
   ACL:       rmichel: FULL_CONTROL
   x-amz-meta-color: green
   x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33152/mtime:1493326171/atime:1493326171/md5:ee40e385a45c4855bd360cfbdbd48711/ctime:1493326171

query elasticsearch

The radosgw creates a index with the name rgw-${realm} (ref ceph.git)

In my case the url is http://${elastichost}:9200/rgw-${realm}/

# curl http://192.168.122.71:9200/rgw-demo/_search?q=meta.custom.color=green | python -m json.tool
{
    "_shards": {
        "failed": 0,
        "successful": 5,
        "total": 5
    },
    "hits": {
        "hits": [
            {
                "_id": "d9b0c7a5-f9e5-4c6e-a0c2-48642840c98b.14125.1:admin.key:",
                "_index": "rgw-demo",
                "_score": 0.23691465,
                "_source": {
                    "bucket": "bucket1",
                    "instance": "",
                    "meta": {
                        "content_type": "text/plain",
                        "custom": {
                            "color": "green",
                            "s3cmd-attrs": "uid:0/gname:root/uname:root/gid:0/mode:33152/mtime:1493326171/atime:1493326171/md5:ee40e385a45c4855bd360cfbdbd48711/ctime:1493326171"
                        },
                        "etag": "ee40e385a45c4855bd360cfbdbd48711",
                        "mtime": "2017-04-27T21:14:55.483Z",
                        "size": 63,
                        "x-amz-copy-source": "/bucket1/admin.key",
                        "x-amz-date": "Thu, 27 Apr 2017 21:14:55 +0000",
                        "x-amz-metadata-directive": "REPLACE"
                    },
                    "name": "admin.key",
                    "owner": {
                        "display_name": "rmichel",
                        "id": "rmichel"
                    },
                    "permissions": [
                        "rmichel"
                    ]
                },
                "_type": "object"
            }
        ],
        "max_score": 0.23691465,
        "total": 1
    },
    "timed_out": false,
    "took": 102
}

ceph radosgw (set)lifecycle – AWS v4 is broken

First – s3cmd config
Setting signature_v2 = true is not enough! You have to set --signature-v2 as a parameter.

Second – ‘Prefix’ tag
You have specify a Prefix tag – and yes with a captial P!

without prefix tag
<LifecycleConfiguration>
    <Rule>
        <ID>ExampleRule</ID>
	<Status>Enabled</Status>
        <Expiration>
             <Days>1</Days>
        </Expiration>
    </Rule>
</LifecycleConfiguration>
[root@kraken ~]# s3cmd setlifecycle lc.xml s3://bucket1 --signature-v2
ERROR: S3 error: 403 (AccessDenied)
with closing prefix tag
<LifecycleConfiguration>
    <Rule>
        <ID>ExampleRule</ID>
	</Prefix>
	<Status>Enabled</Status>
        <Expiration>
             <Days>1</Days>
        </Expiration>
    </Rule>
</LifecycleConfiguration>
[root@kraken ~]# s3cmd setlifecycle lc.xml s3://bucket1 --signature-v2
ERROR: S3 error: 403 (AccessDenied)
with prefix tag – working!
<LifecycleConfiguration>
    <Rule>
        <ID>ExampleRule</ID>
	<Prefix></Prefix>
	<Status>Enabled</Status>
        <Expiration>
             <Days>1</Days>
        </Expiration>
    </Rule>
</LifecycleConfiguration>
[root@kraken ~]# s3cmd setlifecycle lc.xml s3://bucket1 --signature-v2
s3://bucket1/: Lifecycle Policy updated
version

ceph version 11.2.0 (f223e27eeb35991352ebc1f67423d4ebc252adb7)
s3cmd version 1.6.1

ceph metasearch – elasticsearch backend

Fetch zonegroup configuration (json struct)
# radosgw-admin zonegroup get > /tmp/zonegroup.json

change the tier_type to elasticsearch

Import the configuration
# radosgw-admin zonegroup set --infile /tmp/zonegroup.json
Fetch zone configuration (json struct)
# radosgw-admin zone get > /tmp/zone.json

Add the following parameter endpoint & {url} for the section tier_config

    "tier_config": [
        {
            "key": "endpoint",
            "val": "http:\/\/192.168.122.71:9200"
        }
    ],
Import the configuration
# radosgw-admin zone set --infile /tmp/zone.json

OR

# radosgw-admin zone modify --rgw-zonegroup={zonegroup-name} --rgw-zone={zone-name} --tier-config=endpoint={url}
Update & Commit
# radosgw-admin period update --commit

to be continued… part2

Fixing ceph partition uuid or OSD data dir is not mounted

OSD_UUID

4fbd7e29-9d25-41b8-afd0-062c0ceff05d

JOURNAL_UUID

45b0969e-9b03-4f30-b4c6-b4b80ceff106

To fix the partition uuid

sgdisk --info=##partnr## -t ##partnr##:##part-uuid## /dev/##disk##

eg.
sgdisk --info=1 -t 1:4fbd7e29-9d25-41b8-afd0-062c0ceff05d /dev/sda1

Ref: /lib/udev/rules.d/95-ceph-osd.rules

[notepad] ceph journal size/ssd speed

ceph journal size (doc)

osd journal size = {2 * (expected throughput * filestore max sync interval)}

The default for filestore max sync interval is 5 therefore for a 10Gbit network the “perfect” size would be

osd journal size = { 2 * ( 1280 * 5 ) } = 12.5 GB

ceph ssd speed (journal)

The optimum would be sum of all disk seq write speeds – 11 disks with ~110mb/s = ~1210mb/s – an Intel P3520 might would fit.

How many journals per ssd?

Oh thats easy.

Journals = (ssd seq write speed) / (hdd seq write speed)

Journals = 1350 / 115 = ~11

(For the Intel P3520 with 11 hdds)