一、安装和配置对象存储服务Swift
在控制节点完成
1. 创建Swift的身份认证证书
- 加载admin客户端脚本:
source admin-openrc.sh
- 创建swift用户:
openstack user create --password-prompt swift
- 将admin角色添加给swift用户:
openstack role add --project service --user swift admin
2. 创建Swift的服务实体
- 创建swift的服务实体:
openstack service create --name swift --description "OpenStack Object Storage" object-store
3. 创建Swift的API端点
- 创建swift的API endpoint:
openstack endpoint create --publicurl 'http://controller:8080/v1/AUTH_%(tenant_id)s' --internalurl 'http://controller:8080/v1/AUTH_%(tenant_id)s' --adminurl 'http://controller:8080' --region RegionOne object-store
二、在控制节点上安装和配置Swift
1. 安装Swift
- 安装Swift:
apt-get install swift swift-proxy python-swiftclient python-keystoneclient python-keystonemiddleware memcached
2. 配置Swift
- 创建/etc/swift目录:
mkdir /etc/swift
- 进入该目录:
cd /etc/swift
- 从对象存储服务源库获取代理服务配置文件:
curl -o /etc/swift/proxy-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/proxy-server.conf-sample?h=stable/kilo
- 编辑文件:/etc/swift/proxy-server.conf
- 修改[DEFAULT]部分,配置绑定端口,用户和配置文件存放的路径:
bind_port = 8080 user = swift swift_dir = /etc/swift
- 在[pipeline:main]部分,启用相应的模块:
pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk ratelimit authtoken keystoneauth container-quotas account-quotas slo dlo proxy-logging proxy-server
- 在[app:proxy-server]部分,启用账户自动创建的功能:
account_autocreate = true
- 在[filter:keystoneauth]部分,配置操作的角色
use = egg:swift#keystoneauth operator_roles = admin,user
- 在[filter:authtoken]部分,配置身份认证服务的访问,注意要注释掉其他的内容:
paste.filter_factory = keystonemiddleware.auth_token:filter_factory auth_uri = http://controller:5000 auth_url = http://controller:35357 auth_plugin = password project_domain_id = default user_domain_id = default project_name = service username = swift password = SWIFT_PASS delay_auth_decision = true
- 在[filter:cache]部分,配置memcached位置:
memcache_servers = 127.0.0.1:11211
三、在对象存储节点上安装和配置Swift
1. 配置对象存储的操作系统环境
配置管理接口:待补充...........................................
配置主机名:待补充...........................................
将两台主机的/etc/hosts内容同步到其他所有节点:
为两台主机分别添加新的磁盘,并创建分区:
fdisk /dev/sdb
fdisk /dev/sdc
在两个节点上分别安装工具包:
apt-get install xfsprogs rsync
格式化/dev/sdb1和/dev/sdc1位XFS:
mkfs.xfs /dev/sdb1
mkfs.xfs /dev/sdc1
创建目录挂载点:
mkdir -p /srv/node/sdb1
mkdir -p /srv/node/sdc1
编辑/etc/fstab,添加这两个内容:
/dev/sdb1 /srv/node/sdb1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 2
/dev/sdc1 /srv/node/sdc1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 2
挂载设备:
mount /srv/node/sdb1
mount /srv/node/sdc1
-
编辑/etc/rsyncd.conf,添加如下内容:
uid = swift gid = swift log file = /var/log/rsyncd.log pid file = /var/run/rsyncd.pid address = MANAGEMENT_INTERFACE_IP_ADDRESS [account] max connections = 2 path = /srv/node/ read only = false lock file = /var/lock/account.lock [container] max connections = 2 path = /srv/node/ read only = false lock file = /var/lock/container.lock [object] max connections = 2 path = /srv/node/ read only = false lock file = /var/lock/object.lock
-
编辑/etc/default/rsync文件,,添加下面内容,启用rsync服务:
RSYNC_ENABLE=true
启动rsync服务:
service rsync start
2. 安装Swift(在两个对象存储节点上安装)
- 安装Swift:
apt-get install swift swift-account swift-container swift-object
3. 获取Swift的配置文件
获取accounting, container, object, container-reconciler和object-expirer service服务的配置文件
curl -o /etc/swift/account-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/account-server.conf-sample?h=stable/kilo
curl -o /etc/swift/container-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/container-server.conf-sample?h=stable/kilo
curl -o /etc/swift/object-expirer.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/object-expirer.conf-sample?h=stable/kilo
curl -o /etc/swift/object-expirer.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/object-expirer.conf-sample?h=stable/kilo
curl -o /etc/swift/object-expirer.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/object-expirer.conf-sample?h=stable/kilo
-
编辑配置文件/etc/swift/account-server.conf:
在[DEFAULT]部分,配置绑定ip地址,端口,用户,配置文件路径,和挂载点的路径:bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS bind_port = 6002 user = swift swift_dir = /etc/swift devices = /srv/node
在[pipeline:main]部分,启用appropriate模块:
pipeline = healthcheck recon account-server
在[filter:recon]部分,配置缓存目录:
recon_cache_path = /var/cache/swift
-
编辑配置文件/etc/swift/container-server.conf:
在[DEFAULT]部分,配置绑定ip地址,端口,用户,配置文件路径,和挂载点的路径:bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS bind_port = 6001 user = swift swift_dir = /etc/swift devices = /srv/node
在[pipeline:main]部分,启用appropriate模块:
pipeline = healthcheck recon container-server
在[filter:recon]部分,配置缓存目录:
recon_cache_path = /var/cache/swift
-
编辑配置文件/etc/swift/object-server.conf:
在[DEFAULT]部分,配置绑定ip地址,端口,用户,配置文件路径,和挂载点的路径:bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS bind_port = 6001 user = swift swift_dir = /etc/swift devices = /srv/node
在[pipeline:main]部分,启用appropriate模块:
pipeline = healthcheck recon object-server
在[filter:recon]部分,配置缓存目录和lock目录:
recon_cache_path = /var/cache/swift recon_lock_path = /var/lock
修改挂载点的权限:
chown -R swift:swift /srv/node
创建recon目录,并修改目录权限:
mkdir -p /var/cache/swift
chown -R swift:swift /var/cache/swift
四、创建初始的rings
1. 创建Account ring(在控制节点上)
- 进入/etc/swift目录:
cd /etc/swift
- 创建基本的account.builder文件:
swift-ring-builder account.builder create 10 3 1
- 添加所有的存储节点到ring中:
swift-ring-builder account.builder add r1z1-10.0.0.51:6002/sdb1 100
swift-ring-builder account.builder add r1z2-10.0.0.51:6002/sdc1 100
swift-ring-builder account.builder add r1z3-10.0.0.52:6002/sdb1 100
swift-ring-builder account.builder add r1z4-10.0.0.52:6002/sdc1 100
2. 校验Account ring
- 校验Account ring的内容:
swift-ring-builder account.builder
- 重新分布ring:
swift-ring-builder account.builder rebalance
3. 创建Container ring(在控制节点上)
- 进入/etc/swift目录:
cd /etc/swift
- 创建基本的container.builder文件:
swift-ring-builder container.builder create 10 3 1
- 添加所有的存储节点到ring中:
swift-ring-builder container.builder add r1z1-10.0.0.51:6001/sdb1 100
swift-ring-builder container.builder add r1z2-10.0.0.51:6001/sdc1 100
swift-ring-builder container.builder add r1z3-10.0.0.52:6001/sdb1 100
swift-ring-builder container.builder add r1z4-10.0.0.52:6001/sdc1 100
4. 校验Container ring
- 校验Container ring的内容:
swift-ring-builder container.builder
- 重新分布ring:
swift-ring-builder container.builder rebalance
5. 创建Object ring(在控制节点上)
- 进入/etc/swift目录:
cd /etc/swift
- 创建基本的object.builder文件:
swift-ring-builder object.builder create 10 3 1
- 添加所有的存储节点到ring中:
swift-ring-builder object.builder add r1z1-10.0.0.51:6000/sdb1 100
swift-ring-builder object.builder add r1z2-10.0.0.51:6000/sdc1 100
swift-ring-builder object.builder add r1z3-10.0.0.52:6000/sdb1 100
swift-ring-builder object.builder add r1z4-10.0.0.52:6000/sdc1 100
6. 校验Object ring
- 校验Object ring的内容:
swift-ring-builder object.builder
- 重新分布ring:
swift-ring-builder object.builder rebalance
7. 分发配置文件
如果有其他的对象存储节点,请将account.ring.gz, container.ring.gz和object.ring.gz三个文件拷贝到其他节点的/etc/swift目录
8. 完成安装
从对象存储资源库中获取/etc/swift/swift.conf文件:
curl -o /etc/swift/swift.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/swift.conf-sample?h=stable/kilo
-
编辑/etc/swift/swift.conf文件:
在[swift-hash]部分,为环境配置哈希路径的前缀和后缀:swift_hash_path_suffix = HASH_PATH_PREFIX(改成唯一值) swift_hash_path_prefix = HASH_PATH_SUFFIX(改成唯一值)
在[storage-policy:0] 部分,配置默认存储策略:
name = Policy-0 default = yes
-
复制文件swift.conf到每个存储节点响应的/etc/swift目录下:
scp swift.conf [email protected]:~/ scp swift.conf [email protected]:~/ sudo cp swift.conf /etc/swift
在所有的存储节点上,设置目录的权限:
chown -R swift:swift /etc/swift
在控制节点和其他存储节点上重启服务:
service memcached restart
service swift-proxy restart
在所有的存储节点上重启服务:
swift-init all start
五、校验Swift的安装(在控制节点上)
- 检查对象存储服务启动的服务组件:
swift -V 3 stat
- 上传一个测试文件:
swift -V 3 upload demo-container1 FILE
- 查看容器:
swift -V 3 list
- 下载测试文件:
swift -V 3 download demo-container1 FILE