ceph mon stat Explanation: Removing unused or failed MON nodes helps maintain a clean and functional cluster configuration. Configure and apply new Ceph configuration settings to change the osd_max_backfills parameter. ee the solution below. Solution: 1. Set the new parameter value: ceph config set osd osd_max_backfills 4 2. Verify the updated configuration: ceph config get osd osd_max_backfills Explanation: Updating cluster configuration parameters like osd_max_backfills optimizes performance and operational behavior. Add a new disk to an existing OSD node and configure it as a new OSD. ee the solution below. Solution: 1. Prepare the disk: ceph -volume lvm prepare --data /dev/sdc 2. Activate the new OSD: ceph -volume lvm activate <osd_id> 3. Verify the OSD addition: ceph osd tree
Enable logging for a specific bucket in RADOS Gateway and verify access logs. ee the solution below. Solution: 1. Enable bucket logging: aws s3api put -bucket -logging --bucket bucket -name --bucket -logging -status '{"LoggingEnabled": {"TargetBucket": "log -bucket", "TargetPrefix": "logs/"}}' 2. Verify the logging status: aws s3api get -bucket -logging --bucket bucket -name Explanation: Bucket logging provides detailed access logs for auditing and monitoring usage patterns. Set up versioning for a bucket in a multisite RADOS Gateway setup and test version replication. ee the solution below. Solution: 1. Enable versioning on the bucket: aws s3api put -bucket -versioning --bucket bucket -name --versioning -configuration Status=Enabled 2. Enable replication in the zonegroup: radosgw -admin zonegroup modify --rgw-zonegroup=multi -zone -group --replication=enabled 3. Verify version replication: radosgw -admin bucket sync status --bucket=bucket -name Explanation: Version replication ensures that all object versions are synchronized across zones in a multisite setup.
Enable and test object locking for a bucket in RADOS Gateway to prevent accidental deletions. ee the solution below. Solution: 1. Enable object locking during bucket creation: aws s3api create -bucket --bucket bucket -name --object -lock-enabled -for-bucket 2. Set a default retention policy: aws s3api put -object -lock-configuration --bucket bucket -name --object -lock-configuration '{"ObjectLockEnabled":"Enabled","Rule":{"DefaultRetention":{"Mode":"GOVERNANCE","Days":30}}}' 3. Test object locking: Attempt to delete a locked object and verify the restriction. Explanation: Object locking enforces retention policies, protecting objects from accidental or malicious deletion. Integrate a RADOS Gateway with an external identity provider for authentication. ee the solution below. Solution: 1. Enable OpenID authentication in the configuration: rgw_openid_enabled = true rgw_openid_endpoint = https://<identity -provider>/oauth2/ rgw_openid_client_id = client -id rgw_openid_client_secret = client -secret 2. Restart the RADOS Gateway: systemctl restart ceph -radosgw@rgw.<hostname> 3. Test authentication with the external provider. Explanation: Integrating with an external identity provider centralizes user management and enhances security.
Configure a Swift container to allow temporary URL access for sharing objects securely. ee the solution below. Solution: 1. Set a temporary URL key for the container: swift post -m "Temp -URL-Key:my -secret -key" 2. Generate a temporary URL for an object: swift tempurl GET 3600 /v1/AUTH_account/container/object my -secret -key Explanation: Temporary URLs provide secure, time-limited access to Swift objects without exposing permanent credentials. Create a Swift user with read -only access to a specific container in RADOS Gateway. ee the solution below. Solution: 1. Create a Swift user: radosgw -admin subuser create --uid=swiftuser --subuser=swiftuser:swift --access=read 2. Grant read -only access to the container: swift post my -container -r swiftuser:swift 3. Verify access: Test downloading files using the Swift client. Explanation: Swift user permissions ensure controlled access to containers, limiting users to specific actions like read- only access.
Set up bucket tagging in RADOS Gateway to categorize objects and filter them based on tags. ee the solution below. Solution: 1. Create a bucket tagging configuration (tags.json): { "TagSet": [ { "Key": "Project", "Value": "Research" }, { "Key": "Environment", "Value": "Production" } ] } 2. Apply the tagging configuration: aws s3api put -bucket -tagging --bucket bucket -name --tagging file://tags.json 3. Verify tags: aws s3api get -bucket -tagging --bucket bucket -name Explanation: Bucket tagging helps organize and filter objects based on metadata, simplifying resource management. Configure and test a bucket to store access logs for another bucket in RADOS Gateway. ee the solution below. Solution: 1. Create a bucket to store logs: aws s3api create -bucket --bucket log -bucket
3. Apply the new CRUSH map: crushtool -c crush.txt -o crush.map ceph osd setcrushmap -i crush.map Explanation: CRUSH maps define how data is distributed across OSDs. Customizing these maps allows fine-grained control over data placement. Set up Ceph storage with authentication enabled and verify that clients require keys to access the cluster. ee the solution below. Solution: 1. Enable authentication in the Ceph configuration file: ceph config set mon auth_allow_insecure_global_id_reclaim false 2. Generate a client key: ceph auth get -or-create client.admin 3. Verify client access using the key: ceph -s --keyring /etc/ceph/ceph.client.admin.keyring Explanation: Enabling authentication adds a layer of security, ensuring only authorized clients can interact with the cluster. Deploy Ceph storage and configure BlueStore as the OSD backend for optimal performance. ee the solution below. Solution: 1. Update the playbook with BlueStore settings: osd_objectstore: bluestore
