swift部署方案,本文章采用的是keystone2.0的接口,跟官方文档有些出入;
一、安装并配置控制器节点
1.创建服务凭证和API端点。
# openstack user create --password PASSWORD swift
# openstack role add --project services --user swift admin # openstack service create --name swift \ --description "Swift Storage Service" \ object-store
# openstack endpoint create \ --publicurl 'http://IP:8080/v1/AUTH_%(tenant_id)s' \ --adminurl 'http://IP:8080/v1' \ --internalurl 'http://IP:8080/v1/AUTH_%(tenant_id)s' \ --region RegionOne \ swift
2.安装并配置组件。 2.1安装软件包: # yum install openstack-swift-proxy python-swiftclient \ python-keystoneclient python-keystonemiddleware \ memcached
2.2 从对象存储的仓库源中获取代理服务的配置文件: # curl -o /etc/swift/proxy-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/proxy-server.conf-sample?h=stable/mitaka
2.3 编辑文件 /etc/swift/proxy-server.conf
在 [DEFAULT] 部分,配置绑定端口,用户和配置目录。 [DEFAULT] bind_port = 8080 user = swift swift_dir = /etc/swift
在[pipeline:main]部分,删除``tempurl``和``tempauth``模块并增加``authtoken``和``keystoneauth``模块 [pipeline:main] pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk ratelimit authtoken keystoneauth container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server
在 [app:proxy-server] 部分,启动自动账户创建。 [app:proxy-server] use = egg:swift#proxy account_autocreate = True
在 [filter:keystoneauth] 部分,配置操作员角色。 [filter:keystoneauth] use = egg:swift#keystoneauth operator_roles = admin,user
在 [filter:authtoken] 部分,配置认证服务访问。 [filter:authtoken] paste.filter_factory = keystonemiddleware.auth_token:filter_factory auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password #project_domain_name = default #user_domain_name = default project_name = service username = swift password = SWIFT_PASS delay_auth_decision = True
在 [filter:cache] 部分,配置 memcached 的位置: [filter:cache] use = egg:swift#memcache memcache_servers = controller:11211
二、安装和配置存储节点
1.前置条件,使用两个存储节点.
1.1 安装支持的工具包:
# yum install xfsprogs rsync
1.2 使用XFS格式化/dev/sdb和/dev/sdc设备: # mkfs.xfs /dev/sdb # mkfs.xfs /dev/sdc
1.3 创建挂载点目录结构: # mkdir -p /srv/node/sdb # mkdir -p /srv/node/sdc
1.4 编辑/etc/fstab文件并添加以下内容: /dev/sdb /srv/node/sdb xfs noatime,nodiratime,nobarrier,logbufs=8 0 2 /dev/sdc /srv/node/sdc xfs noatime,nodiratime,nobarrier,logbufs=8 0 2
1.5 挂载设备: # mount /srv/node/sdb # mount /srv/node/sdc
1.6 创建并编辑/etc/rsyncd.conf文件并包含以下内容: uid = swift gid = swift log file = /var/log/rsyncd.log pid file = /var/run/rsyncd.pid address = MANAGEMENT_INTERFACE_IP_ADDRESS
[account] max connections = 2 path = /srv/node/ read only = False lock file = /var/lock/account.lock
[container] max connections = 2 path = /srv/node/ read only = False lock file = /var/lock/container.lock
[object] max connections = 2 path = /srv/node/ read only = False lock file = /var/lock/object.lock
1.7 启动 “rsyncd” 服务和配置它随系统启动: # systemctl enable rsyncd.service # systemctl start rsyncd.service
2.安装并配置组件
2.1 安装软件包: # yum install openstack-swift-account openstack-swift-container \ openstack-swift-object
2.2 从对象存储源仓库中获取accounting, container以及object服务配置文件: # curl -o /etc/swift/account-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/account-server.conf-sample?h=stable/mitaka # curl -o /etc/swift/container-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/container-server.conf-sample?h=stable/mitaka # curl -o /etc/swift/object-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/object-server.conf-sample?h=stable/mitaka
2.3 编辑 /etc/swift/account-server.conf 文件并完成下面操作:
[DEFAULT] bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS bind_port = 6002 user = swift swift_dir = /etc/swift devices = /srv/node mount_check = True
[pipeline:main] pipeline = healthcheck recon account-server
[filter:recon] use = egg:swift#recon recon_cache_path = /var/cache/swift
2.4 编辑/etc/swift/container-server.conf文件 [DEFAULT] bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS bind_port = 6001 user = swift swift_dir = /etc/swift devices = /srv/node mount_check = True
[pipeline:main] pipeline = healthcheck recon container-server
[filter:recon] use = egg:swift#recon recon_cache_path = /var/cache/swift
2.5 编辑/etc/swift/object-server.conf文件
[DEFAULT] bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS bind_port = 6000 user = swift swift_dir = /etc/swift devices = /srv/node mount_check = True
[pipeline:main] pipeline = healthcheck recon object-server
[filter:recon] use = egg:swift#recon recon_cache_path = /var/cache/swift recon_lock_path = /var/lock
2.6 确认挂载点目录结构是否有合适的所有权: # chown -R swift:swift /srv/node
2.7 创建 “recon” 目录和确保它有合适的所有权: # mkdir -p /var/cache/swift # chown -R root:swift /var/cache/swift # chmod -R 775 /var/cache/swift
三、创建,分发并初始化rings
1.创建账户ring
1.1 为每个服务构建一个环。提供构建器文件,分区权限,副本计数以及分区重新分配之间的最小时间: # swift-ring-builder /etc/swift/object.builder create part_power replica_count min_part_hours # swift-ring-builder /etc/swift/container.builder create part_power replica_count min_part_hours # swift-ring-builder /etc/swift/account.builder create part_power replica_count min_part_hours
1.2 添加每个节点到 ring 中,将X替换为指定区域的相应整数(例如,z1将对应于区域1);将dev_mountpt替换/srv/node为您的设备所在的子目录;将part_count替换为用于计算分区权限的分区计数。 # swift-ring-builder /etc/swift/account.builder add zX-SERVICE_IP:6002/dev_mountpt part_count # swift-ring-builder /etc/swift/container.builder add zX-SERVICE_IP:6001/dev_mountpt part_count # swift-ring-builder /etc/swift/object.builder add zX-SERVICE_IP:6000/dev_mountpt part_count
1.3 验证 ring 的内容: # swift-ring-builder account.builder
1.4 平衡 ring: # swift-ring-builder /etc/swift/account.builder rebalance # swift-ring-builder /etc/swift/container.builder rebalance # swift-ring-builder /etc/swift/object.builder rebalance
1.5 复制``account.ring.gz``,container.ring.gz``和``object.ring.gz 文件到每个存储节点和其他运行了代理服务的额外节点的 /etc/swift 目录。
四、完成安装。
1.1从对象存储源仓库中获取 /etc/swift/swift.conf 文件: # curl -o /etc/swift/swift.conf \ https://git.openstack.org/cgit/openstack/swift/plain/etc/swift.conf-sample?h=stable/mitaka
1.2编辑 /etc/swift/swift.conf 文件并完成以下动作: 在``[swift-hash]``部分,为你的环境配置哈希路径前缀和后缀: [swift-hash] swift_hash_path_suffix = HASH_PATH_SUFFIX swift_hash_path_prefix = HASH_PATH_PREFIX 可以用以下例子生成: openstack-config --set /etc/swift/swift.conf swift-hash swift_hash_path_prefix \ $(openssl rand -hex 10)
openstack-config --set /etc/swift/swift.conf swift-hash swift_hash_path_suffix \ $(openssl rand -hex 10)
在``[storage-policy:0]``部分,配置默认存储策略: [storage-policy:0] name = Policy-0 default = yes
1.3 复制``swift.conf`` 文件到每个存储节点和其他允许了代理服务的额外节点的 /etc/swift 目录。
1.4 在所有节点上,确认配置文件目录是否有合适的所有权: # chown -R root:swift /etc/swift
1.5 在控制节点和其他运行了代理服务的节点上,启动对象存储代理服务及其依赖服务。 # systemctl enable openstack-swift-proxy.service memcached.service # systemctl start openstack-swift-proxy.service memcached.service
1.6 在存储节点上,启动对象存储服务,并将其设置为随系统启动: # systemctl enable openstack-swift-account.service openstack-swift-account-auditor.service \ openstack-swift-account-reaper.service openstack-swift-account-replicator.service # systemctl start openstack-swift-account.service openstack-swift-account-auditor.service \ openstack-swift-account-reaper.service openstack-swift-account-replicator.service # systemctl enable openstack-swift-container.service \ openstack-swift-container-auditor.service openstack-swift-container-replicator.service \ openstack-swift-container-updater.service # systemctl start openstack-swift-container.service \ openstack-swift-container-auditor.service openstack-swift-container-replicator.service \ openstack-swift-container-updater.service # systemctl enable openstack-swift-object.service openstack-swift-object-auditor.service \ openstack-swift-object-replicator.service openstack-swift-object-updater.service # systemctl start openstack-swift-object.service openstack-swift-object-auditor.service \ openstack-swift-object-replicator.service openstack-swift-object-updater.service
五、验证操作
1.1显示服务状态 [root@localhost ~(keystone_admin)]# swift stat Account: AUTH_e55f983f515545268927d514e418308b Containers: 3 Objects: 3 Bytes: 13289508 Containers in policy "policy-0": 3 Objects in policy "policy-0": 3 Bytes in policy "policy-0": 13289508 X-Account-Project-Domain-Id: default X-Timestamp: 1488445918.24801 X-Trans-Id: txc0146ef83ce64d339ba01-0058b9812e Content-Type: text/plain; charset=utf-8 Accept-Ranges: bytes
1.2 创建``container1``容器 [root@localhost ~(keystone_admin)]# openstack container create container1 +---------------------------------------+------------+------------------------------------+ | account | container | x-trans-id | +---------------------------------------+------------+------------------------------------+ | AUTH_e55f983f515545268927d514e418308b | container1 | tx3ec34f53bfc24e508daee-0058b981a0 | +---------------------------------------+------------+------------------------------------+
1.3 上传一个测试文件到``container1``容器 [root@localhost ~(keystone_admin)]# openstack object create container1 test.txt +----------+------------+----------------------------------+ | object | container | etag | +----------+------------+----------------------------------+ | test.txt | container1 | d41d8cd98f00b204e9800998ecf8427e | +----------+------------+----------------------------------+
1.4 列出``container1``容器里的所有文件 [root@localhost ~(keystone_admin)]# openstack object list container1 +----------+ | Name | +----------+ | test.txt | +----------+
1.5 从``container1``容器里下载一个测试文件 $ openstack object save container1 FILE