| Ubuntu 22.04 All of users’ systemd have to place in directory ~/.config/systemd/user/ If you want start user systemd unit when user login, run: 1 systemctl --user enable <service> List of available types of systemd units: 1 2 3 4 5 6 7 8 9 10 11 12 13 systemctl -t help Available unit types: service mount swap socket target device automount timer path slice scope Create user systemd file to make ssh connection:

Ubuntu 22.04 on all nodes Ceph on single host Ceph on isolated environment Let’s prepare our network environment to deploy Ceph without the Internet We need to create 6 nodes: 3 for ceph installation (ceph1, ceph2, ceph3) 1 for apt repository (aptly) 1 for docker registry (harbor) 1 for dns server (infra) Also we need set up 3 networks: Ceph Internal to connect only ceph nodes to each other Internal to connect ceph, aptly and harbor nodes vLan to connect aptly and harbor nodes to the internet And we need a dns server to resolve names connected with ip pools:

Quick links | Ubuntu 22.04 Install Aptly Official instruction here: 1 2 3 4 echo "deb [signed-by=/etc/apt/keyrings/aptly.asc] http://repo.aptly.info/ squeeze main" | sudo tee /etc/apt/sources.list.d/aptly.list sudo mkdir -p /etc/apt/keyrings; sudo chmod 755 /etc/apt/keyrings sudo wget -O /etc/apt/keyrings/aptly.asc https://www.aptly.info/pubkey.txt sudo apt update && sudo apt install aptly Create aptly config: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 cat <<EOF | sudo tee /etc/aptly.

Quick links | Ubuntu 22.04 List of parameters used in application.yaml Parameters from mongo Good connect string: mongodb+srv://<login>:<password>@<hostname>/<database-to-connect>?replicaSet=<name-of-replicaset>&readPreference=secondary&retryWrites=true&w=majority&authSource=admin&tls=true Repository with all files Run mongodb inside Docker 1 2 3 4 docker run --rm --name mongodb -p 27017:27017 \ -e MONGO_INITDB_ROOT_USERNAME=admin \ -e MONGO_INITDB_ROOT_PASSWORD=secret \ mongo Connect to admin’s db and create a db with user (auth db will be the same db): 1 2 3 4 5 6 7 8 9 10 11 12 13 14 mongosh "mongodb://admin:secret@localhost/admin?

Quick links | Ubuntu 22.04 At first, let’s set environment variables 1 2 3 4 DOMAIN=mongodb SUBJ="/CN=Local trust issuer" # format: # SUBJ="/C=RU/ST=someobl/L=somecity/O=somecompany/CN=$DOMAIN" Get a Certificate Authority certificate 1 2 3 openssl genrsa -out rootCA.key 4096 openssl req -x509 -new -nodes -key rootCA.key \ -sha256 -days 1024 -subj "$SUBJ" -out rootCA.pem Now we have public and private keys: rootCA.key and rootCA.pem. Let’s get information about our root Certificate Authority certificate:

Based on a good person’s article Connect to the master node and create a key and certificate for the user Let’s set env variables for master node, user and group Permissions can be set to groups 1 2 3 4 5 MASTER_HOST=<your_master_host> ssh $MASTER_HOST K8S_USER=bob GROUP=space Generate the key for the user 1 openssl genrsa -out "$K8S_USER.key" 2048 Create a request for a public key 1 2 3 4 5 6 7 8 9 10 openssl req -new -key "$K8S_USER.