Note:
This topic has been translated from a Chinese forum by GPT and might contain errors.
Original topic: tidb部署时的ssh
[TiDB Usage Environment] Production Environment
[TiDB Version] 7.5.0
Everyone, there’s a problem that’s been bothering me. When deploying a single-node version of TiDB, I usually create a new TiDB user to configure SSH communication (ssh-keygen -t rsa; ssh-copy-id -i ~/.ssh/id_rsa.pub 127.0.0.1). I don’t quite understand what this SSH communication is for. Can someone explain it to me? 
The default behavior of TiUP scripts is to execute the corresponding scripts via SSH, even if you have only one machine. It does not directly execute the scripts on a single machine.
I don’t quite understand 
, is there an official explanation?
SSH communication is password-free communication between nodes, meaning that some communications require the SSH protocol to send files and such, so you don’t need to enter a password.
When TiUP executes some operating system commands, it needs to be executed on different machines each time. If there is no SSH passwordless login, it will keep asking you to enter the password, which can be very annoying as you might need to enter the password several to dozens of times during a single deployment. Therefore, configuring SSH passwordless login is very user-friendly, as it doesn’t require you to enter the password, making the process much smoother.
If you’ve installed other clusters like Hadoop or used tools like Ansible, you would know that multiple machines are generally accessed through SSH. Otherwise, how would you transfer data to each machine or execute a command on multiple machines simultaneously?
Thank you, I have rarely set up clusters before, so there is a lot I don’t understand.
Even a single machine needs to be configured for mutual trust.
TiUP doesn’t know if you are using a single machine; it follows the process for cluster deployment, requiring SSH to execute commands and SCP to copy files.
The machine where the tiup command is executed is called the control machine, and the machines where you deploy TiDB components are other machines. Therefore, you need to SSH over. However, in your environment, the control machine and the machine where the TiDB components are deployed happen to be the same machine, which is why you are experiencing the situation you described.
Actually, it should be called mutual trust. Without it, you would have to enter a password every time you remotely access another machine, which is very inconvenient.
No password is required for communication between two machines; a network connection is established directly.
Passwordless communication, transferring files or executing commands to other nodes.
|
username: cf_data
|
username: 
|
username: 
|
username: 
|
username: 
|
username: 
|
username: 
|
username: 
|
username: 
|
username: