openstack安装说明（5）

前言：不积硅步，无以至千里；不积小流，无以成江海

有点小看了swift，今天是被swift折磨的一天，下面请看受害者第一视角

swift组件安装

控制节点安装swift
创建swift用户
opnestack user create --domain default --password 000000 swift

关联admin角色到service项目和swift用户
openstack role add --project service --user swift admin

创建swift服务实体
openstack service create --name swift --description 'Openstack Object Storage' Object-service

创建相关端点
openstack endpoint create --region RegionOne object-store admin http://controller:8080/v1/AUTH_%(project_id)s
openstack endpoint create --region RegionOne object-store internal http;//controller:8080/v1/AUTH_%(project_id)s
openstack endpoint create --region RegionOne object-store public http://controller:8080/v1/AUTH_%(project_id)s

安装相关组件
yum install openstack-swift-proxy python-swiftclient python-keystoneclient \
python-keystonemiddleware -y
middleware中间件

更改相关配置
备份是个好习惯
vi /etc/swift/proxy-server.conf
[DEFAULT]
bind_ip = 0.0.0.0
bind_port = 8080
user = swift

[pipeline:main] 加载过滤器到pipeline
pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk
ratelimit authtoken keystoneauth container-quotas account-quotas
slo dlo versioned_writes proxy-logging proxy-server
pipeline传输途径

[app:proxy-server]
use = egg:swift#proxy
allow_account_management = true
management管理
account_autocreate = true
account账户

[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = swift
password = 000000
delay_auth_decision = true
delay延迟 decision决定
service_token_roles_required = True
required必须的
[filter:keystoneauth]
use = egg:swift#keystoneauth
operator_roles = admin,user

[filter:healthcheck]
use = egg:swift#healthcheck

[filter:cache]
cache缓存
use = egg:swift#memcache
memcache_servers = controller:11211

[filter:ratelimit]
use = egg:swift#ratelimit

[filter:domain_remap]
use = egg:swift#domain_remap

[filter:catch_errors]
use = egg:swift#catch_errors

[filter:cname_lookup]
use = egg:swift#cname_lookup

[filter:staticweb]
use = egg:swift#staticweb

[filter:tempurl]
use = egg:swift#tempurl

[filter:formpost]
use = egg:swift#formpost

[filter:name_check]
use = egg:swift#name_check

[filter:list-endpoints]
use = egg:swift#list_endpoints

[filter:proxy-logging]
use = egg:swift#proxy_logging

[filter:bulk]
use = egg:swift#bulk

[filter:slo]
use = egg:swift#slo

[filter:dlo]
use = egg:swift#dlo

[filter:container-quotas]
use = egg:swift#container_quotas
container容器

[filter:account-quotas]
use = egg:swift#account_quotas

[filter:gatekeeper]
use = egg:swift#gatekeeper

[filter:container_sync]
use = egg:swift#container_sync

[filter:xprofile]
use = egg:swift#xprofile

[filter:versioned_writes]：
use = egg:swift#versioned_writes

在计算节点部署对象存储服务

准备工作
计算节点要新增4个硬盘
新增要echo '- - -' >/sys/class/scsi_host/host0/scan扫描下

安装相应软件包
yum install xfsprogs rsync -y

将新增硬盘格式化为XFS
mkfs.xfs /dev/sdc
mkfs.xfs /dev/sdd
mkfs.xfs /dev/sde
mkfs.xfs /dev/sdf

创建安装目录点结构
mkdir -p /srv/node/sdc
mkdir -p /srv/node/sdd
mkdir -p /srv/node/sde
mkdir -p /srv/node/sdf

查找新增分区的uuid并记录下来
blkid

编辑/etc/fstab文件
以uuid=新增分区uuid 新增分区名 xfs noatime 0 2
的形式更改文件

安装设备
mount /srv/node/sdc
mount /srv/node/sdd
mount /srv/node/sde
mount /srv/node/sdf

编辑/etc/rsyncd.conf
uid = swift
gid = swift
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
address = object1

[account]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/account.lock

[container]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/container.lock

[object]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/object.lock

重启服务并设置为开机自启

上面是准备工作这里才是真正的安装
安装相应软件包
yum install openstack-swift-account openstack-swift-container openstack-swift-object -y

编辑/etc/swift/account-server.conf
备份
[DEFAULT]
bind_ip = 192.168.200.101
bind_port = 6202
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = true

[pipeline:main]
pipeline = healthcheck recon account-server

[app:account-server]
use = egg:swift#account

[filter:healthcheck]
use = egg:swift#healthcheck

[filter:recon]
use = egg:swift#recon
recon_cache_path = /var/cache/swift

[account-replicator]

[account-auditor]

[account-reaper]
[filter:xprofile]
use = egg:swift#xprofile

编辑/etc/swift/container-server.conf
记得备份
[DEFAULT]
bind_ip = 192.168.200.101
bind_port = 6201
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = true

[pipeline:main]
pipeline = healthcheck recon container-server

[app:container-server]
use = egg:swift#container

[filter:healthcheck]
use = egg:swift#healthcheck

[filter:recon]
use = egg:swift#recon

[container-replicator]

[container-updater]

[container-auditor]

[container-sync]
[filter:xprofile]
use = egg:swift#xprofile
[container-sharder]

编辑/etc/swift/object-server.conf
记得备份
[DEFAULT]
bind_ip = 0.0.0.0
bind_port = 6200
swift_dir = /etc/swift
devices = /srv/node
mount_check = true

[pipeline:main]
pipeline = healthcheck recon object-server

[app:object-server]
use = egg:swift#object
recon_cache_path = /var/cache/swift
recon_lock_path = /var/lock

[filter:healthcheck]
use = egg:swift#healthcheck

[filter:recon]
use = egg:swift#recon

[object-replicator]

[object-reconstructor]

[object-updater]

[object-expirer]
[filter:xprofile]
use = egg:swift#xprofile

[object-relinker]

[object-auditor]
log_name = object-auditor
log_facility = LOG_LOCAL0
log_level = INFO
log_address=/dev/log

更改相关文件权限
chown -R swift:swift /srv/node
mkdir -p /var/cache/swift
chown -R root:swift /var/cache/swift
chmod -R 775 /var/cache/swift

创建和分发初始环

cd /etc/swift
swift-ring-builder account.builder create 10 3 1
swift-ring-builder account.builder add \
   --region 1 --zone 1 --ip 192.168.200.101 --port 6202 --device sdc --weight 100
swift-ring-builder account.builder add \
   --region 1 --zone 1 --ip 192.168.200.101 --port 6202 --device sdd --weight 100
swift-ring-builder account.builder add \
   --region 1 --zone 1 --ip 192.168.200.101 --port 6202 --device sde --weight 100
swift-ring-builder account.builder add \
   --region 1 --zone 1 --ip 192.168.200.101 --port 6202 --device sdf --weight 100
平衡并验证
swift-ring-builder account.builder rebalance
swift-ring-builder account.builder

创建容器环

swift-ring-builder container.builder create 10 3 1
swift-ring-builder container.builder add \
  --region 1 --zone 1 --ip 192.168.200.101 --port 6201 --device sdc --weight 100
swift-ring-builder container.builder add \
  --region 1 --zone 1 --ip 192.168.200.101 --port 6201 --device sdd --weight 100
swift-ring-builder container.builder add \
  --region 1 --zone 1 --ip 192.168.200.101 --port 6201 --device sde --weight 100
swift-ring-builder container.builder add \
  --region 1 --zone 1 --ip 192.168.200.101 --port 6201 --device sdf --weight 100
平衡并验证
swift-ring-builder account.builder rebalance
swift-ring-builder account.builder

创建对象环

swift-ring-builder object.builder create 10 3 1
swift-ring-builder object.builder add \
  --region 1 --zone 1 --ip 192.168.200.101 --port 6200 --device sdc --weight 100
swift-ring-builder object.builder add \
  --region 1 --zone 1 --ip 192.168.200.101 --port 6200 --device sdd --weight 100
swift-ring-builder object.builder add \
  --region 1 --zone 1 --ip 192.168.200.101 --port 6200 --device sde --weight 100
swift-ring-builder object.builder add \
  --region 1 --zone 1 --ip 192.168.200.101 --port 6200 --device sdf --weight 100
平衡并验证
swift-ring-builder account.builder rebalance
swift-ring-builder account.builder

配置控制节点下文件
vi /etc/swift/swift.conf
[swift-hash]
swift_hash_path_suffix = swift
swift_hash_path_prefix = swift

[storage-policy:0]
name = Policy-0
default = yes
复制到计算节点上
scp swift.conf 192.168.200.101:/etc/swift
重启服务并设置为开机自启
systemctl enable openstack-swift-proxy.service memcached.service
systemctl start openstack-swift-proxy.service memcached.service
在存储节点启动所有服务
systemctl enable openstack-swift-account.service openstack-swift-account-auditor.service \
openstack-swift-account-reaper.service openstack-swift-account-replicator.service
systemctl start openstack-swift-account.service openstack-swift-account-auditor.service \
openstack-swift-account-reaper.service openstack-swift-account-replicator.service
systemctl enable openstack-swift-container.service \
openstack-swift-container-auditor.service openstack-swift-container-replicator.service \
openstack-swift-container-updater.service
systemctl start openstack-swift-container.service \
openstack-swift-container-auditor.service openstack-swift-container-replicator.service \
openstack-swift-container-updater.service
systemctl enable openstack-swift-object.service openstack-swift-object-auditor.service \
openstack-swift-object-replicator.service openstack-swift-object-updater.service
systemctl start openstack-swift-object.service openstack-swift-object-auditor.service \
openstack-swift-object-replicator.service openstack-swift-object-updater.service

总结：
swift看上去要配置的很多，实际上每个配置文件差别不大，纸老虎，纯纸老虎