Openstack Swift 安装部署总结

环境

  • 硬件

    这里只使用了一台服务器,既作为Controller Node,也作为Storage Node

主机名 IP OS 磁盘 文件系统
sf-dev 10.202.127.4 Centos-7.4 /dev/sdb
/dev/sdc
/dev/sdd
XFS
  • 软件

    我们使用Openstack Pike版本

  • 配置可用的Openstack源

    这里使用了清华开源镜像。配置服务器镜像:

    cd /etc/yum.repos.d/
    vim CentOS-Base.repo
    

    增加如下配置

    ...
    [openstack]
    name=Openstack
    baseurl=https://mirrors.tuna.tsinghua.edu.cn/centos/7/cloud/x86_64/openstack-pike/
    gpgcheck=0
    ...
    

    使用YUM跟新库

    yum update -y
    

Swift组件安装于配置

1. 安装必要的组件包

# yum install openstack-swift-proxy python-swiftclient \
  python-keystoneclient python-keystonemiddleware \
  memcached
  • 从Swift源镜像获取代理服务配置文件,并进行配置

    # curl -o /etc/swift/proxy-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/proxy-server.conf-sample?h=stable/pike
    

    编辑代理服务器配置文件/etc/swift/proxy-server.conf

    1. 编辑 [DEFAULT] 段内容,配置如下内容

      [DEFAULT]
      ...
      bind_port = 8080
      user = swift
      swift_dir = /etc/swift
      
    2. 编辑 [pipeline:main]

      [pipeline:main]
      pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit tempauth copy container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server  
      
    3. 编辑 [app:proxy-server] 段内容,允许自动创建账户

      [app:proxy-server]
      use = egg:swift#proxy
      ...
      account_autocreate = True
      
    4. [filter:tempauth] 段中,设置允许的的账户/用户

      [filter:tempauth]
      ...
      user_admin_admin = admin .admin .reseller_admin
      user_test_tester = testing .admin
      
    5. [filter:cache] 段中,设置memcache位置

      [filter:cache]
      use = egg:swift#memcache
      ...
      memcache_servers = 127.0.0.1:11211
      

注意:如果控制节点与存储节点分离,以上配置只需在控制节点进行配置,如果使用keystone请参考配置说明,更详细的说明请阅读官方文档

2. 存储节点组件包安装于配置说明

  • 安装实用软件包

    # yum install xfsprogs rsync
    
  • 格式化磁盘

    # mkfs.xfs /dev/sdb -f
    # mkfs.xfs /dev/sdc -f
    # mkfs.xfs /dev/sdd -f
    
  • 创建mount点

    # mkdir -p /srv/node/sdb
    # mkdir -p /srv/node/sdc
    # mkdir -p /srv/node/sdd
    
  • 编辑 /etc/fstab 文件,添加如下内容:

    /dev/sdb /srv/node/sdb xfs noatime,nodiratime,nobarrier,logbufs=8 0 2
    /dev/sdc /srv/node/sdc xfs noatime,nodiratime,nobarrier,logbufs=8 0 2
    /dev/sdd /srv/node/sdd xfs noatime,nodiratime,nobarrier,logbufs=8 0 2
    
  • Mount 设备

    # mount /srv/node/sdb
    # mount /srv/node/sdc
    # mount /srv/node/sdd
    
  • 创建并编辑 /etc/rsyncd.conf 文件,内容如下:

    uid = swift
    gid = swift
    log file = /var/log/rsyncd.log
    pid file = /var/run/rsyncd.pid
    address = 10.202.127.4 #控制节点IP
    
    [account]
    max connections = 2
    path = /srv/node/
    read only = False
    lock file = /var/lock/account.lock
    
    [container]
    max connections = 2
    path = /srv/node/
    read only = False
    lock file = /var/lock/container.lock
    
    [object]
    max connections = 2
    path = /srv/node/
    read only = False
    lock file = /var/lock/object.lock
    
  • 存储节点软件包安装

    # yum install openstack-swift-account openstack-swift-container \
      openstack-swift-object
    
  • 从Swift源镜像获取账户(accounting)、容器(container)以及对象(object)服务配置文件,并进行配置

    # curl -o /etc/swift/account-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/account-server.conf-sample?h=stable/pike
    # curl -o /etc/swift/container-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/container-server.conf-sample?h=stable/pike
    # curl -o /etc/swift/object-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/object-server.conf-sample?h=stable/pike
    
  • 编辑账户服务配置文件 /etc/swift/account-server.conf

    1. [DEFAULT] 中配置如下信息:

      [DEFAULT]
      ...
      bind_ip = 10.202.127.4
      bind_port = 6202
      user = swift
      swift_dir = /etc/swift
      devices = /srv/node
      mount_check = True
      
    2. 编辑 [pipeline:main]

      [pipeline:main]
      pipeline = healthcheck recon account-server
      
    3. [filter:recon] 中,设置recon cache 目录:

      [filter:recon]
      use = egg:swift#recon
      ...
      recon_cache_path = /var/cache/swift
      
  • 编辑账户服务配置文件 /etc/swift/container-server.conf

    1. [DEFAULT] 中配置如下信息:

      [DEFAULT]
      ...
      bind_ip = 10.202.127.4
      bind_port = 6201
      user = swift
      swift_dir = /etc/swift
      devices = /srv/node
      mount_check = True
      
    2. 编辑 [pipeline:main]

      [pipeline:main]
      pipeline = healthcheck recon container-server
      
    3. [filter:recon] 中,设置recon cache 目录:

      [filter:recon]
      use = egg:swift#recon
      ...
      recon_cache_path = /var/cache/swift
      
  • 编辑账户服务配置文件 /etc/swift/object-server.conf

    1. [DEFAULT] 中配置如下信息:

      [DEFAULT]
      ...
      bind_ip = 10.202.127.4
      bind_port = 6200
      user = swift
      swift_dir = /etc/swift
      devices = /srv/node
      mount_check = True
      
    2. 编辑 [pipeline:main]

      [pipeline:main]
      pipeline = healthcheck recon object-server
      
    3. [filter:recon] 中,设置recon cache 目录:

      [filter:recon]
      use = egg:swift#recon
      ...
      recon_cache_path = /var/cache/swift
      recon_lock_path = /var/lock
      
  • Mount 点目录所属权限设置

    # chown -R swift:swift /srv/node
    
  • 创建 recon目录,并设置目录所属权限

    # mkdir -p /var/cache/swift
    # chown -R root:swift /var/cache/swift
    # chmod -R 775 /var/cache/swift
    

3. 创建Rings

在启动对象存储服务前,需要创建并初始化account,container,object的rings。这里使用一个region,1个zone。总共设置2^10(1024)个最大分区(partitions),使用3副本策略(replicas),设置1小时来限制需要多次移动分区时为最小间隔

  • 创建account ring

    cd /etc/swift
    # swift-ring-builder account.builder create 10 3 1
    

    添加所有存储到ring

    # swift-ring-builder account.builder add \
      --region 1 --zone 1 --ip 10.202.127.4 --port 6202 --device sdb --weight 100
    # swift-ring-builder account.builder add \
      --region 1 --zone 1 --ip 10.202.127.4 --port 6202 --device sdc --weight 100
    # swift-ring-builder account.builder add \
      --region 1 --zone 1 --ip 10.202.127.4 --port 6202 --device sdd --weight 100
    

    Rebalance the ring

    # swift-ring-builder account.builder rebalance
    

    确认ring

    # swift-ring-builder account.builder
    
  • 创建container ring

    cd /etc/swift
    # swift-ring-builder container.builder create 10 3 1
    

    添加所有存储到ring

    # swift-ring-builder container.builder add \
      --region 1 --zone 1 --ip 10.202.127.4 --port 6201 --device sdb --weight 100
    # swift-ring-builder container.builder add \
      --region 1 --zone 1 --ip 10.202.127.4 --port 6201 --device sdc --weight 100
    # swift-ring-builder container.builder add \
      --region 1 --zone 1 --ip 10.202.127.4 --port 6201 --device sdd --weight 100
    

    Rebalance the ring

    # swift-ring-builder container.builder rebalance
    

    确认ring

    # swift-ring-builder container.builder
    
  • 创建object ring

    cd /etc/swift
    # swift-ring-builder object.builder create 10 3 1
    

    添加所有存储到ring

    # swift-ring-builder object.builder add \
      --region 1 --zone 1 --ip 10.202.127.4 --port 6200 --device sdb --weight 100
    # swift-ring-builder object.builder add \
      --region 1 --zone 1 --ip 10.202.127.4 --port 6200 --device sdc --weight 100
    # swift-ring-builder object.builder add \
      --region 1 --zone 1 --ip 10.202.127.4 --port 6200 --device sdd --weight 100
    

    Rebalance the ring

    # swift-ring-builder object.builder rebalance
    

    确认ring

    # swift-ring-builder object.builder
    

注意:如果有多个存储节点,需要将ring配置文件 account.ring.gz, container.ring.gzobject.ring.gz 分发到各个存储节点的 /etc/swift 目录下

3. 配置swift.conf 并启动各组件服务

  • 从swift git仓库中获取配置文件到 /etc/swift/ 目录

    # curl -o /etc/swift/swift.conf \
      https://git.openstack.org/cgit/openstack/swift/plain/etc/swift.conf-sample?h=stable/pike
    

    编辑配置文件/etc/swift/swift.conf

    1. [swift-hash] 中,设置如下内容:

      [swift-hash]
      ...
      swift_hash_path_suffix = HASH_PATH_SUFFIX #替换为自己的内容,如swift
      swift_hash_path_prefix = HASH_PATH_PREFIX #替换为自己的内容,如swift
      
    2. 创建并配置默认策略

      [storage-policy:0]
      ...
      name = Policy-0
      default = yes
      
    3. 如果是多存储节点,将配置文件 swift.conf 拷贝到各节点的 /etc/swift 目录下

    4. 修改所有节点 /etc/swift/ 目录所属权限如下:

      # chown -R root:swift /etc/swift
      
  • 控制节点启动代理服务和memcache服务

    # systemctl enable openstack-swift-proxy.service memcached.service
    # systemctl start openstack-swift-proxy.service memcached.service
    
  • 存储节点启动如下服务

    # systemctl enable openstack-swift-account.service openstack-swift-account-auditor.service \
      openstack-swift-account-reaper.service openstack-swift-account-replicator.service
    # systemctl start openstack-swift-account.service openstack-swift-account-auditor.service \
      openstack-swift-account-reaper.service openstack-swift-account-replicator.service
    # systemctl enable openstack-swift-container.service \
      openstack-swift-container-auditor.service openstack-swift-container-replicator.service \
      openstack-swift-container-updater.service
    # systemctl start openstack-swift-container.service \
      openstack-swift-container-auditor.service openstack-swift-container-replicator.service \
      openstack-swift-container-updater.service
    # systemctl enable openstack-swift-object.service openstack-swift-object-auditor.service \
      openstack-swift-object-replicator.service openstack-swift-object-updater.service
    # systemctl start openstack-swift-object.service openstack-swift-object-auditor.service \
      openstack-swift-object-replicator.service openstack-swift-object-updater.service
    

服务验证

新建并编辑 testrc 文件

cd $HOME
vim testrc

写入 /etc/swift/proxy-server.conf 配置文件中 配置的用户权限信息,如下:

export ST_AUTH=http://10.202.127.4:8080/auth/v1.0
export ST_USER=test:tester
export ST_KEY=testing

执行上诉配置脚本,使配置信息生效

. testrc

查看swift服务状态

swift stat

获取 X-Storage-UrlX-Auth-Token

curl -v -H 'X-Storage-User: test:tester' -H 'X-Storage-Pass: testing' http://127.0.0.1:8080/auth/v1.0

查看账户

curl -v -H 'X-Auth-Token: ' 

我们可以使用如下命令获取账户下容器列表

swift list

获取容器下的对象列表

swift list 

你可能感兴趣的:(Openstack-Swift)