2. IT
    3. Openstack(Mitaka) Swift Keystone V2.0部署方案

    Openstack(Mitaka) Swift Keystone V2.0部署方案

    xiaoxiao2021-03-25  141

    swift部署方案,本文章采用的是keystone2.0的接口,跟官方文档有些出入;

    一、安装并配置控制器节点

    1.创建服务凭证和API端点。

    # openstack user create --password PASSWORD swift

    # openstack role add --project services --user swift admin # openstack service create --name swift \ --description "Swift Storage Service" \ object-store

    # openstack endpoint create \ --publicurl 'http://IP:8080/v1/AUTH_%(tenant_id)s' \ --adminurl 'http://IP:8080/v1' \ --internalurl 'http://IP:8080/v1/AUTH_%(tenant_id)s' \ --region RegionOne \ swift

    2.安装并配置组件。 2.1安装软件包: # yum install openstack-swift-proxy python-swiftclient \ python-keystoneclient python-keystonemiddleware \ memcached

    2.2 从对象存储的仓库源中获取代理服务的配置文件: # curl -o /etc/swift/proxy-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/proxy-server.conf-sample?h=stable/mitaka

    2.3 编辑文件 /etc/swift/proxy-server.conf

    在 [DEFAULT] 部分,配置绑定端口,用户和配置目录。 [DEFAULT] bind_port = 8080 user = swift swift_dir = /etc/swift

    在[pipeline:main]部分,删除``tempurl``和``tempauth``模块并增加``authtoken``和``keystoneauth``模块 [pipeline:main] pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk ratelimit authtoken keystoneauth container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server

    在 [app:proxy-server] 部分,启动自动账户创建。 [app:proxy-server] use = egg:swift#proxy account_autocreate = True

    在 [filter:keystoneauth] 部分,配置操作员角色。 [filter:keystoneauth] use = egg:swift#keystoneauth operator_roles = admin,user

    在 [filter:authtoken] 部分,配置认证服务访问。 [filter:authtoken] paste.filter_factory = keystonemiddleware.auth_token:filter_factory auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password #project_domain_name = default #user_domain_name = default project_name = service username = swift password = SWIFT_PASS delay_auth_decision = True

    在 [filter:cache] 部分,配置 memcached 的位置: [filter:cache] use = egg:swift#memcache memcache_servers = controller:11211

    二、安装和配置存储节点

    1.前置条件,使用两个存储节点.

    1.1 安装支持的工具包:

    # yum install xfsprogs rsync

    1.2 使用XFS格式化/dev/sdb和/dev/sdc设备: # mkfs.xfs /dev/sdb # mkfs.xfs /dev/sdc

    1.3 创建挂载点目录结构: # mkdir -p /srv/node/sdb # mkdir -p /srv/node/sdc

    1.4 编辑/etc/fstab文件并添加以下内容: /dev/sdb /srv/node/sdb xfs noatime,nodiratime,nobarrier,logbufs=8 0 2 /dev/sdc /srv/node/sdc xfs noatime,nodiratime,nobarrier,logbufs=8 0 2

    1.5 挂载设备: # mount /srv/node/sdb # mount /srv/node/sdc

    1.6 创建并编辑/etc/rsyncd.conf文件并包含以下内容: uid = swift gid = swift log file = /var/log/rsyncd.log pid file = /var/run/rsyncd.pid address = MANAGEMENT_INTERFACE_IP_ADDRESS

    [account] max connections = 2 path = /srv/node/ read only = False lock file = /var/lock/account.lock

    [container] max connections = 2 path = /srv/node/ read only = False lock file = /var/lock/container.lock

    [object] max connections = 2 path = /srv/node/ read only = False lock file = /var/lock/object.lock

     

    1.7 启动 “rsyncd” 服务和配置它随系统启动: # systemctl enable rsyncd.service # systemctl start rsyncd.service

     

    2.安装并配置组件

    2.1 安装软件包: # yum install openstack-swift-account openstack-swift-container \ openstack-swift-object

    2.2 从对象存储源仓库中获取accounting, container以及object服务配置文件: # curl -o /etc/swift/account-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/account-server.conf-sample?h=stable/mitaka # curl -o /etc/swift/container-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/container-server.conf-sample?h=stable/mitaka # curl -o /etc/swift/object-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/object-server.conf-sample?h=stable/mitaka

    2.3 编辑 /etc/swift/account-server.conf 文件并完成下面操作:

    [DEFAULT] bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS bind_port = 6002 user = swift swift_dir = /etc/swift devices = /srv/node mount_check = True

    [pipeline:main] pipeline = healthcheck recon account-server

    [filter:recon] use = egg:swift#recon recon_cache_path = /var/cache/swift

    2.4 编辑/etc/swift/container-server.conf文件 [DEFAULT] bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS bind_port = 6001 user = swift swift_dir = /etc/swift devices = /srv/node mount_check = True

    [pipeline:main] pipeline = healthcheck recon container-server

    [filter:recon] use = egg:swift#recon recon_cache_path = /var/cache/swift

    2.5 编辑/etc/swift/object-server.conf文件

    [DEFAULT] bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS bind_port = 6000 user = swift swift_dir = /etc/swift devices = /srv/node mount_check = True

    [pipeline:main] pipeline = healthcheck recon object-server

    [filter:recon] use = egg:swift#recon recon_cache_path = /var/cache/swift recon_lock_path = /var/lock

    2.6 确认挂载点目录结构是否有合适的所有权: # chown -R swift:swift /srv/node

    2.7 创建 “recon” 目录和确保它有合适的所有权: # mkdir -p /var/cache/swift # chown -R root:swift /var/cache/swift # chmod -R 775 /var/cache/swift

     

    三、创建,分发并初始化rings

    1.创建账户ring

    1.1 为每个服务构建一个环。提供构建器文件,分区权限,副本计数以及分区重新分配之间的最小时间: # swift-ring-builder /etc/swift/object.builder create part_power replica_count min_part_hours # swift-ring-builder /etc/swift/container.builder create part_power replica_count min_part_hours # swift-ring-builder /etc/swift/account.builder create part_power replica_count min_part_hours

    1.2 添加每个节点到 ring 中,将X替换为指定区域的相应整数(例如,z1将对应于区域1);将dev_mountpt替换/srv/node为您的设备所在的子目录;将part_count替换为用于计算分区权限的分区计数。 # swift-ring-builder /etc/swift/account.builder add zX-SERVICE_IP:6002/dev_mountpt part_count # swift-ring-builder /etc/swift/container.builder add zX-SERVICE_IP:6001/dev_mountpt part_count # swift-ring-builder /etc/swift/object.builder add zX-SERVICE_IP:6000/dev_mountpt part_count

    1.3 验证 ring 的内容: # swift-ring-builder account.builder

    1.4 平衡 ring: # swift-ring-builder /etc/swift/account.builder rebalance # swift-ring-builder /etc/swift/container.builder rebalance # swift-ring-builder /etc/swift/object.builder rebalance

    1.5 复制``account.ring.gz``,container.ring.gz``和``object.ring.gz 文件到每个存储节点和其他运行了代理服务的额外节点的 /etc/swift 目录。

    四、完成安装。

    1.1从对象存储源仓库中获取 /etc/swift/swift.conf 文件: # curl -o /etc/swift/swift.conf \ https://git.openstack.org/cgit/openstack/swift/plain/etc/swift.conf-sample?h=stable/mitaka

    1.2编辑 /etc/swift/swift.conf 文件并完成以下动作: 在``[swift-hash]``部分,为你的环境配置哈希路径前缀和后缀: [swift-hash] swift_hash_path_suffix = HASH_PATH_SUFFIX swift_hash_path_prefix = HASH_PATH_PREFIX 可以用以下例子生成: openstack-config --set /etc/swift/swift.conf swift-hash swift_hash_path_prefix \ $(openssl rand -hex 10)

    openstack-config --set /etc/swift/swift.conf swift-hash swift_hash_path_suffix \ $(openssl rand -hex 10)

    在``[storage-policy:0]``部分,配置默认存储策略: [storage-policy:0] name = Policy-0 default = yes

    1.3 复制``swift.conf`` 文件到每个存储节点和其他允许了代理服务的额外节点的 /etc/swift 目录。

    1.4 在所有节点上,确认配置文件目录是否有合适的所有权: # chown -R root:swift /etc/swift

    1.5 在控制节点和其他运行了代理服务的节点上,启动对象存储代理服务及其依赖服务。 # systemctl enable openstack-swift-proxy.service memcached.service # systemctl start openstack-swift-proxy.service memcached.service

    1.6 在存储节点上,启动对象存储服务,并将其设置为随系统启动: # systemctl enable openstack-swift-account.service openstack-swift-account-auditor.service \ openstack-swift-account-reaper.service openstack-swift-account-replicator.service # systemctl start openstack-swift-account.service openstack-swift-account-auditor.service \ openstack-swift-account-reaper.service openstack-swift-account-replicator.service # systemctl enable openstack-swift-container.service \ openstack-swift-container-auditor.service openstack-swift-container-replicator.service \ openstack-swift-container-updater.service # systemctl start openstack-swift-container.service \ openstack-swift-container-auditor.service openstack-swift-container-replicator.service \ openstack-swift-container-updater.service # systemctl enable openstack-swift-object.service openstack-swift-object-auditor.service \ openstack-swift-object-replicator.service openstack-swift-object-updater.service # systemctl start openstack-swift-object.service openstack-swift-object-auditor.service \ openstack-swift-object-replicator.service openstack-swift-object-updater.service

     

    五、验证操作

    1.1显示服务状态 [root@localhost ~(keystone_admin)]# swift stat Account: AUTH_e55f983f515545268927d514e418308b Containers: 3 Objects: 3 Bytes: 13289508 Containers in policy "policy-0": 3 Objects in policy "policy-0": 3 Bytes in policy "policy-0": 13289508 X-Account-Project-Domain-Id: default X-Timestamp: 1488445918.24801 X-Trans-Id: txc0146ef83ce64d339ba01-0058b9812e Content-Type: text/plain; charset=utf-8 Accept-Ranges: bytes

    1.2 创建``container1``容器 [root@localhost ~(keystone_admin)]# openstack container create container1 +---------------------------------------+------------+------------------------------------+ | account | container | x-trans-id | +---------------------------------------+------------+------------------------------------+ | AUTH_e55f983f515545268927d514e418308b | container1 | tx3ec34f53bfc24e508daee-0058b981a0 | +---------------------------------------+------------+------------------------------------+

    1.3 上传一个测试文件到``container1``容器 [root@localhost ~(keystone_admin)]# openstack object create container1 test.txt  +----------+------------+----------------------------------+ | object | container | etag | +----------+------------+----------------------------------+ | test.txt | container1 | d41d8cd98f00b204e9800998ecf8427e | +----------+------------+----------------------------------+

    1.4 列出``container1``容器里的所有文件 [root@localhost ~(keystone_admin)]# openstack object list container1 +----------+ | Name | +----------+ | test.txt | +----------+

    1.5 从``container1``容器里下载一个测试文件 $ openstack object save container1 FILE

     

    转载请注明原文地址: https://ju.6miu.com/read-5182.html

    技术

    最新回复(0)