CentOS7安装Openstack【Swift篇】

本文主要关注与OpenStack对象存储的安装

控制节点

  • 基础配置

    • 关闭selinux、防火墙
    • 设置时间同步
    • 配置swift文件

      1
      2
      3
      # vi /etc/swift/swift.conf
      [swift-hash]
      swift_hash_path_suffix = `od -t x8 -N 8 -A n </dev/random`
    • 配置日志

      • 创建swift日志配置文件

        1
        2
        # vi /etc/rsyslog.d/10-swift.conf
        local0.* /var/log/swift/proxy.log
      • 创建日志目录

        1
        2
        # mkdir -p /var/log/swift
        # chown -R swift:swift /var/log/swift
      • 重启日志服务

        1
        service rsyslog restart
  • 创建身份认证服务

    • 生效环境变量admin-openrc.sh 参见CentOS7安装Openstack【Keystone篇】
    • 创建swift用户

      1
      keystone user-create --name swift --pass SWIFT_PASS
    • 授予admin角色

      1
      keystone user-role-add --user swift --tenant service --role admin
    • 创建swift 服务实例

      1
      2
      keystone service-create --name swift --type object-store \
      --description "OpenStack Object Storage"
    • 创建对象服务API endpoints

      1
      2
      3
      4
      5
      6
      keystone endpoint-create \
      --service-id $(keystone service-list | awk '/ object-store / {print $2}') \
      --publicurl 'http://controller:8080/v1/AUTH_%(tenant_id)s' \
      --internalurl 'http://controller:8080/v1/AUTH_%(tenant_id)s' \
      --adminurl http://controller:8080 \
      --region regionOne
  • 安装配置控制节点组件

    • 安装

      1
      yum install swift swift-proxy python-swiftclient python-keystoneclient python-keystonemiddleware memcached
    • 创建/etc/swift 目录

      1
      mkdir /etc/swift
    • 复制获取代理服务配置文件sample,创建\etc\swift\proxy-server.conf proxy-server.conf-sample

      • [DEFAULT]部分,配置绑定的端口,用户和配置目录

        1
        2
        3
        4
        5
        [DEFAULT]
        ...
        bind_port = 8080
        user = swift
        swift_dir = /etc/swift
      • [pipeline:main]部分,启动合适的modules

        1
        2
        [pipeline:main]
        pipeline = authtoken cache healthcheck keystoneauth proxy-logging proxy-server
      • [app:proxy-server]部分,启动账户管理

        1
        2
        3
        4
        [app:proxy-server]
        ...
        allow_account_management = true
        account_autocreate = true
      • [filter:keystoneauth]部分,配置操作的角色

        1
        2
        3
        4
        [filter:keystoneauth]
        use = egg:swift#keystoneauth
        ...
        operator_roles = admin,_member_
      • [filter:authtoken]部分,配置身份认证访问

        1
        2
        3
        4
        5
        6
        7
        8
        9
        [filter:authtoken]
        paste.filter_factory = keystonemiddleware.auth_token:filter_factory
        ...
        auth_uri = http://controller:5000/v2.0
        identity_uri = http://controller:35357
        admin_tenant_name = service
        admin_user = swift
        admin_password = SWIFT_PASS
        delay_auth_decision = true
      • [filter:cache]部分,配置memcached 位置

        1
        2
        3
        [filter:cache]
        ...
        memcache_servers = 127.0.0.1:11211
  • 配置Ring

    • 进入/etc/swift目录
    • 创建Ring

      1
      2
      3
      # swift-ring-builder account.builder create 10 3 1
      # swift-ring-builder container.builder create 10 3 1
      # swift-ring-builder object.builder create 10 3 1
    • 向环里添加存储设备

      1
      2
      3
      4
      5
      6
      7
      8
      9
      # swift-ring-builder account.builder add r1z1-172.18.216.188:6002/sdb1 100
      # swift-ring-builder account.builder add r1z1-172.18.216.33:6002/sdb1 100
      # swift-ring-builder account.builder add r1z2-172.18.216.38:6002/sdb1 200
      # swift-ring-builder container.builder add r1z1-172.18.216.188:6001/sdb1 100
      # swift-ring-builder container.builder add r1z1-172.18.216.33:6001/sdb1 100
      # swift-ring-builder container.builder add r1z2-172.18.216.38:6001/sdb1 200
      # swift-ring-builder object.builder add r1z1-172.18.216.188:6000/sdb1 100
      # swift-ring-builder object.builder add r1z1-172.18.216.33:6000/sdb1 100
      # swift-ring-builder object.builder add r1z2-172.18.216.38:6000/sdb1 200
    • 平衡环

      1
      2
      3
      # swift-ring-builder account.builder rebalance
      # swift-ring-builder container.builder rebalance
      # swift-ring-builder object.builder rebalance

      PS:这三条命令会产生以gz结尾的文件,gz文件是所有节点要用到的环文件,可以用scp拷贝到其它各节点

  • 启动服务

    • 创建cache目录,设置权限

      1
      2
      # mkdir -p /var/cache/swift
      # chown -R swift:swift /var/cache/swift/
    • 设置/etc/swift目录权限

      1
      # chown -R swift:swift /etc/swift
    • 启动服务

      1
      2
      3
      # service memcached start
      # chkconfig memcached on
      # swift-init proxy start

存储节点

  • 基础配置

    • 关闭selinux、防火墙
    • 设置时间同步
  • 安装配置存储节点组件

    • 安装

      1
      2
      # yum install –y python-setuptools xinetd xfsprogs
      # yum install -y openstack-swift-account openstack-swift-container openstack-swift-object rsync
    • 配置存储

      • 创建/dev/sdb1分区,过程省略
      • 格式化磁盘为xfs格式

        1
        # mkfs.xfs -i size=1024 /dev/sdb1
      • 添加开机自启动项

        1
        # echo "/dev/sdb1 /swift/node1 xfs loop,noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
      • 创建挂载目录

        1
        # mkdir -p /swift/node1
      • 挂载磁盘

        1
        # mount /swift/node1
      • 设置目录权限

        1
        # chown -R swift:swift /swift
    • 配置swift.conf文件, 从代理节点拷贝过来即可,使用scp命令

    • 配置rsync,创建/etc/rsync.conf文件

      1
      2
      3
      4
      5
      6
      7
      8
      9
      10
      11
      12
      13
      14
      15
      16
      17
      18
      19
      20
      21
      # vi /etc/rsync.conf
      uid = swift
      gid = swift
      log file = /var/log/rsyncd.log
      pid file = /var/run/rsyncd.pid
      address = 127.0.0.1
      [account]
      max connections = 2
      path = /swift/node1
      read only = false
      lock file = /var/lock/account.lock
      [container]
      max connections = 2
      path = /swift/node1
      read only = false
      lock file = /var/lock/container.lock
      [object]
      max connections = 2
      path = /swift/node1
      read only = false
      lock file = /var/lock/object.lock

      启用rsync

      1
      2
      # sed -i 's/yes/no/' /etc/xinetd.d/rsync
      # sed -i 's/IPv6/IPv4/' /etc/xinetd.d/rsync

      启动xinetd

      1
      2
      # service xinetd start
      # chkconfig xinetd on
  • 配置存储服务

    • 配置account服务

      1
      2
      3
      4
      5
      6
      7
      8
      9
      10
      11
      12
      13
      14
      15
      16
      17
      18
      19
      20
      21
      [DEFAULT]
      bind_ip = 172.18.216.188
      bind_port = 6002
      user = swift
      swift_dir = /etc/swift
      devices = /swift/node1
      mount_check = false
      [pipeline:main]
      pipeline = healthcheck recon account-server
      [app:account-server]
      use = egg:swift#account
      #recon_cache_spath = /var/cache/swift
      [account-replicator]
      vm_test_node=no
      [account-auditor]
      [account-reaper]
      [filter:recon]
      use = egg:swift#recon
      recon_cache_path = /var/cache/swift
      [filter:healthcheck]
      use = egg:swift#healthcheck
    • 配置container服务

      1
      2
      3
      4
      5
      6
      7
      8
      9
      10
      11
      12
      13
      14
      15
      16
      17
      18
      19
      20
      21
      [DEFAULT]
      bind_ip = 172.18.216.188
      bind_port = 6001
      user = swift
      swift_dir = /etc/swift
      devices = /swift/node1
      mount_check = false
      [pipeline:main]
      pipeline = healthcheck recon container-server
      [app:container-server]
      use = egg:swift#container
      [container-replicator]
      vm_test_mode=no
      [container-updater]
      [container-auditor]
      [container-sync]
      [filter:recon]
      use = egg:swift#recon
      recon_cache_path = /var/cache/swift
      [filter:healthcheck]
      use = egg:swift#healthcheck
    • 配置object服务

      1
      2
      3
      4
      5
      6
      7
      8
      9
      10
      11
      12
      13
      14
      15
      16
      17
      18
      19
      20
      21
      22
      [DEFAULT]
      bind_ip = 172.18.216.188
      bind_port = 6000
      user = swift
      swift_dir = /etc/swift
      devices = /swift/node1
      mount_check = false
      [pipeline:main]
      pipeline = healthcheck recon object-server
      [app:object-server]
      use = egg:swift#object
      [object-replicator]
      vm_test_mode=no
      [object-updater]
      [object-auditor]
      [object-reconstructor]
      [filter:recon]
      use = egg:swift#recon
      recon_cache_path = /var/cache/swift
      recon_lock_path = /var/lock
      [filter:healthcheck]
      use = egg:swift#healthcheck
  • 拷贝代理节点生成的环文件 scp

  • 配置日志

    • 创建swift日志配置文件

      1
      2
      # vi /etc/rsyslog.d/10-swift.conf
      local0.* /var/log/swift/proxy.log
    • 创建日志目录

      1
      2
      # mkdir -p /var/log/swift
      # chown -R swift:swift /var/log/swift
    • 重启日志服务

      1
      service rsyslog restart
  • 启动服务

    • 创建cache目录,设置权限

      1
      2
      # mkdir -p /var/cache/swift
      # chown -R swift:swift /var/cache/swift/
    • 设置/etc/swift目录权限

      1
      # chown -R swift:swift /etc/swift
    • 启动服务

      1
      swift-init all start

安装验证

PS:注意先source环境变量

  • 在客户端查看swift验证

    1
    swift stat
  • 在客户端上传文件到swift中

    1
    swift upload container file

参考资料