...
Connect to mayanas instances using SSH to setup Service Principal account, which is required only if you are prceeding planning to configure HA services. Otherwise you may skip to Step 2. MayaNAS requires a Service Principal account with sufficient permissions to manipulate disk attachments for proper sharing and fencing, and also storage read-write access to object storage. It also needs sufficient permission to float the virtual IP across multiple instances. By having separate service account for all MayaNAS deployments you can enforce proper security measures as the assigned roles are limited to this project instance only.
The service principal account is created from Azure cloud shell or other system where login credentials were already established, and not from the MayaNAS instances
az ad sp create-for-rbac --name mayanas-sp --password Mayanas@123
Info Please take a note of the tenant ID for the newly created service principal account. You may choose the same service principal name but the password is given as an example only.
On mayanas1:
sudo az login--service-principal -u http://mayanas-sp --tenant b9f7862a-7153-4501-8039-8d9b37d7c0a9
On mayanas2:sudo az login--service-principal -u http://mayanas-sp --tenant b9f7862a-7153-4501-8039-8d9b37d7c0a9
Warning Please make sure login to service principal is done as root user. It is a one time setup only.
Change the default password to something random by running
Code Block language bash # /opt/mayastor/web/genrandpass.sh
Or to set your own password
Code Block language bash # /opt/mayastor/web/changepass.sh Login name (default admin): Login password: Password again:
And then restart the web server for password changes to take effect
No Format # /opt/mayastor/web/stop # /opt/mayastor/web/start
Now you can proceed with High-Availability setup using the wizard from Administration Web console available on http://<mayanas-ip>:2020