前言:不积硅步,无以至千里;不积小流,无以成江海
有点小看了swift,今天是被swift折磨的一天,下面请看受害者第一视角
swift组件安装
控制节点安装swift
创建swift用户
opnestack user create --domain default --password 000000 swift
关联admin角色到service项目和swift用户
openstack role add --project service --user swift admin
创建swift服务实体
openstack service create --name swift --description 'Openstack Object Storage' Object-service
创建相关端点
openstack endpoint create --region RegionOne object-store admin http://controller:8080/v1/AUTH_%(project_id)s
openstack endpoint create --region RegionOne object-store internal http;//controller:8080/v1/AUTH_%(project_id)s
openstack endpoint create --region RegionOne object-store public http://controller:8080/v1/AUTH_%(project_id)s
安装相关组件
yum install openstack-swift-proxy python-swiftclient python-keystoneclient \
python-keystonemiddleware -y
middleware中间件
更改相关配置
备份是个好习惯
vi /etc/swift/proxy-server.conf
[DEFAULT]
bind_ip = 0.0.0.0
bind_port = 8080
user = swift
[pipeline:main] 加载过滤器到pipeline
pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk
ratelimit authtoken keystoneauth container-quotas account-quotas
slo dlo versioned_writes proxy-logging proxy-server
pipeline传输途径
[app:proxy-server]
use = egg:swift#proxy
allow_account_management = true
management管理
account_autocreate = true
account账户
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = swift
password = 000000
delay_auth_decision = true
delay延迟 decision决定
service_token_roles_required = True
required必须的
[filter:keystoneauth]
use = egg:swift#keystoneauth
operator_roles = admin,user
[filter:healthcheck]
use = egg:swift#healthcheck
[filter:cache]
cache缓存
use = egg:swift#memcache
memcache_servers = controller:11211
[filter:ratelimit]
use = egg:swift#ratelimit
[filter:domain_remap]
use = egg:swift#domain_remap
[filter:catch_errors]
use = egg:swift#catch_errors
[filter:cname_lookup]
use = egg:swift#cname_lookup
[filter:staticweb]
use = egg:swift#staticweb
[filter:tempurl]
use = egg:swift#tempurl
[filter:formpost]
use = egg:swift#formpost
[filter:name_check]
use = egg:swift#name_check
[filter:list-endpoints]
use = egg:swift#list_endpoints
[filter:proxy-logging]
use = egg:swift#proxy_logging
[filter:bulk]
use = egg:swift#bulk
[filter:slo]
use = egg:swift#slo
[filter:dlo]
use = egg:swift#dlo
[filter:container-quotas]
use = egg:swift#container_quotas
container容器
[filter:account-quotas]
use = egg:swift#account_quotas
[filter:gatekeeper]
use = egg:swift#gatekeeper
[filter:container_sync]
use = egg:swift#container_sync
[filter:xprofile]
use = egg:swift#xprofile
[filter:versioned_writes]:
use = egg:swift#versioned_writes
在计算节点部署对象存储服务
准备工作
计算节点要新增4个硬盘
新增要echo '- - -' >/sys/class/scsi_host/host0/scan扫描下
安装相应软件包
yum install xfsprogs rsync -y
将新增硬盘格式化为XFS
mkfs.xfs /dev/sdc
mkfs.xfs /dev/sdd
mkfs.xfs /dev/sde
mkfs.xfs /dev/sdf
创建安装目录点结构
mkdir -p /srv/node/sdc
mkdir -p /srv/node/sdd
mkdir -p /srv/node/sde
mkdir -p /srv/node/sdf
查找新增分区的uuid并记录下来
blkid
编辑/etc/fstab文件
以uuid=新增分区uuid 新增分区名 xfs noatime 0 2
的形式更改文件
安装设备
mount /srv/node/sdc
mount /srv/node/sdd
mount /srv/node/sde
mount /srv/node/sdf
编辑/etc/rsyncd.conf
uid = swift
gid = swift
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
address = object1
[account]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/account.lock
[container]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/container.lock
[object]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/object.lock
重启服务并设置为开机自启
上面是准备工作这里才是真正的安装
安装相应软件包
yum install openstack-swift-account openstack-swift-container openstack-swift-object -y
编辑/etc/swift/account-server.conf
备份
[DEFAULT]
bind_ip = 192.168.200.101
bind_port = 6202
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = true
[pipeline:main]
pipeline = healthcheck recon account-server
[app:account-server]
use = egg:swift#account
[filter:healthcheck]
use = egg:swift#healthcheck
[filter:recon]
use = egg:swift#recon
recon_cache_path = /var/cache/swift
[account-replicator]
[account-auditor]
[account-reaper]
[filter:xprofile]
use = egg:swift#xprofile
编辑/etc/swift/container-server.conf
记得备份
[DEFAULT]
bind_ip = 192.168.200.101
bind_port = 6201
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = true
[pipeline:main]
pipeline = healthcheck recon container-server
[app:container-server]
use = egg:swift#container
[filter:healthcheck]
use = egg:swift#healthcheck
[filter:recon]
use = egg:swift#recon
[container-replicator]
[container-updater]
[container-auditor]
[container-sync]
[filter:xprofile]
use = egg:swift#xprofile
[container-sharder]
编辑/etc/swift/object-server.conf
记得备份
[DEFAULT]
bind_ip = 0.0.0.0
bind_port = 6200
swift_dir = /etc/swift
devices = /srv/node
mount_check = true
[pipeline:main]
pipeline = healthcheck recon object-server
[app:object-server]
use = egg:swift#object
recon_cache_path = /var/cache/swift
recon_lock_path = /var/lock
[filter:healthcheck]
use = egg:swift#healthcheck
[filter:recon]
use = egg:swift#recon
[object-replicator]
[object-reconstructor]
[object-updater]
[object-expirer]
[filter:xprofile]
use = egg:swift#xprofile
[object-relinker]
[object-auditor]
log_name = object-auditor
log_facility = LOG_LOCAL0
log_level = INFO
log_address=/dev/log
更改相关文件权限
chown -R swift:swift /srv/node
mkdir -p /var/cache/swift
chown -R root:swift /var/cache/swift
chmod -R 775 /var/cache/swift
创建和分发初始环
♾️ python 代码:cd /etc/swift
swift-ring-builder account.builder create 10 3 1
swift-ring-builder account.builder add \
--region 1 --zone 1 --ip 192.168.200.101 --port 6202 --device sdc --weight 100
swift-ring-builder account.builder add \
--region 1 --zone 1 --ip 192.168.200.101 --port 6202 --device sdd --weight 100
swift-ring-builder account.builder add \
--region 1 --zone 1 --ip 192.168.200.101 --port 6202 --device sde --weight 100
swift-ring-builder account.builder add \
--region 1 --zone 1 --ip 192.168.200.101 --port 6202 --device sdf --weight 100
平衡并验证
swift-ring-builder account.builder rebalance
swift-ring-builder account.builder创建容器环
♾️ python 代码:swift-ring-builder container.builder create 10 3 1
swift-ring-builder container.builder add \
--region 1 --zone 1 --ip 192.168.200.101 --port 6201 --device sdc --weight 100
swift-ring-builder container.builder add \
--region 1 --zone 1 --ip 192.168.200.101 --port 6201 --device sdd --weight 100
swift-ring-builder container.builder add \
--region 1 --zone 1 --ip 192.168.200.101 --port 6201 --device sde --weight 100
swift-ring-builder container.builder add \
--region 1 --zone 1 --ip 192.168.200.101 --port 6201 --device sdf --weight 100
平衡并验证
swift-ring-builder account.builder rebalance
swift-ring-builder account.builder创建对象环
♾️ python 代码:swift-ring-builder object.builder create 10 3 1
swift-ring-builder object.builder add \
--region 1 --zone 1 --ip 192.168.200.101 --port 6200 --device sdc --weight 100
swift-ring-builder object.builder add \
--region 1 --zone 1 --ip 192.168.200.101 --port 6200 --device sdd --weight 100
swift-ring-builder object.builder add \
--region 1 --zone 1 --ip 192.168.200.101 --port 6200 --device sde --weight 100
swift-ring-builder object.builder add \
--region 1 --zone 1 --ip 192.168.200.101 --port 6200 --device sdf --weight 100
平衡并验证
swift-ring-builder account.builder rebalance
swift-ring-builder account.builder配置控制节点下文件
vi /etc/swift/swift.conf
[swift-hash]
swift_hash_path_suffix = swift
swift_hash_path_prefix = swift
[storage-policy:0]
name = Policy-0
default = yes
复制到计算节点上
scp swift.conf 192.168.200.101:/etc/swift
重启服务并设置为开机自启
systemctl enable openstack-swift-proxy.service memcached.service
systemctl start openstack-swift-proxy.service memcached.service
在存储节点启动所有服务
systemctl enable openstack-swift-account.service openstack-swift-account-auditor.service \
openstack-swift-account-reaper.service openstack-swift-account-replicator.service
systemctl start openstack-swift-account.service openstack-swift-account-auditor.service \
openstack-swift-account-reaper.service openstack-swift-account-replicator.service
systemctl enable openstack-swift-container.service \
openstack-swift-container-auditor.service openstack-swift-container-replicator.service \
openstack-swift-container-updater.service
systemctl start openstack-swift-container.service \
openstack-swift-container-auditor.service openstack-swift-container-replicator.service \
openstack-swift-container-updater.service
systemctl enable openstack-swift-object.service openstack-swift-object-auditor.service \
openstack-swift-object-replicator.service openstack-swift-object-updater.service
systemctl start openstack-swift-object.service openstack-swift-object-auditor.service \
openstack-swift-object-replicator.service openstack-swift-object-updater.service
总结:
swift看上去要配置的很多,实际上每个配置文件差别不大,纸老虎,纯纸老虎