Server1
1.Update
sudo apt-get update
sudo apt-get upgrade
2.
sudo apt-get install bridge-utils
3.IP
3.1
sudo vi /etc/network/interfaces
----------------------------------------------
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.75.110
netmask 255.255.255.0
broadcast 192.168.75.255
gateway 192.168.75.2
dns-nameservers 192.168.75.2
auto eth1
iface eth1 inet static
address 192.168.4.1
netmask 255.255.255.0
network 192.168.4.0
broadcast 192.168.4.255
3.2
sudo /etc/init.d/networking restart
4.NTP Server
4.1
sudo apt-get install ntp
4.2
sudo vi /etc/ntp.conf
--------------------------------
server ntp.ubuntu.com
server 127.127.1.0
fudge 127.127.1.0 stratum 10
4.3
sudo service ntp restart
5.database
5.1
sudo apt-get install mysql-server python-mysqldb
设置密码:gis
5.2
sudo vi /etc/mysql/my.cnf
-------------------------------------
bind-address = 0.0.0.0
5.3
sudo restart mysql
sudo mysql -u root -p
use mysql
select host, user, password from user;
delete from user where user='root' and host='localhost';
delete from user where user='root' and host='::1';
delete from user where user='root' and host='127.0.0.1';
delete from user where user='';
update user set host='%' where user='root';
commit;
sudo restart mysql
5.4
sudo mysql -u root -p -e 'CREATE DATABASE keystone;'
5.5
sudo mysql -u root -p -e 'CREATE USER keystone;'
5.6
sudo mysql -u root -p -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%';"
sudo mysql -u root -p -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost'"
5.7
sudo mysql -u root -p -e "SET PASSWORD FOR 'keystone'@'%' = PASSWORD('gis');"
6.
sudo apt-get install keystone
6.1
sudo rm /var/lib/keystone/keystone.db
6.2
sudo vi /etc/keystone/keystone.conf
bind_host = 0.0.0.0
public_port = 5000
admin_port = 35357
admin_token = 012345SECRET99TOKEN012345
compute_port = 8774
verbose = True
debug = True
log_config = /etc/keystone/logging.conf
use_syslog = False
connection = mysql://keystone:gis@192.168.75.110/keystone
6.3
sudo keystone-manage pki_setup
sudo chown -R keystone:keystone /etc/keystone/
sudo chmod g+rx,o+rx -R /etc/keystone/
sudo chmod -R g+rwx,o+rwx /var/log/keystone/
6.4
sudo service keystone restart
6.5
sudo keystone-manage db_sync
7 identity
7.1
export OS_SERVICE_TOKEN=012345SECRET99TOKEN012345
export OS_SERVICE_ENDPOINT=http://192.168.75.110:35357/v2.0
keystone tenant-create --name demo --description "Default Tenant"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Default Tenant |
| enabled | True |
| id | 3b440084158a42c0917603e066261aaf |
| name | demo |
+-------------+----------------------------------+
keystone user-create --tenant-id 3b440084158a42c0917603e066261aaf --name admin --pass secrete
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | |
| enabled | True |
| id | d99081655e834ded8abea8e6f6e111bb |
| name | admin |
| tenantId | 3b440084158a42c0917603e066261aaf |
+----------+----------------------------------+
keystone role-create --name admin
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| id | c55516c9bcae400bad38b96e98e35279 |
| name | admin |
+----------+----------------------------------+
keystone user-role-add --user-id d99081655e834ded8abea8e6f6e111bb --tenant-id 3b440084158a42c0917603e066261aaf --role-id c55516c9bcae400bad38b96e98e35279
7.2
keystone tenant-create --name service --description "Service Tenant"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Service Tenant |
| enabled | True |
| id | d5f00c8160b94fc5acdf2f2a79d790dc |
| name | service |
+-------------+----------------------------------+
keystone user-create --tenant-id d5f00c8160b94fc5acdf2f2a79d790dc --name glance --pass glance
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | |
| enabled | True |
| id | 2d16d19937fd4f3eba46a48d0a5d1c90 |
| name | glance |
| tenantId | d5f00c8160b94fc5acdf2f2a79d790dc |
+----------+----------------------------------+
keystone user-role-add --user-id 2d16d19937fd4f3eba46a48d0a5d1c90 --tenant-id d5f00c8160b94fc5acdf2f2a79d790dc --role-id c55516c9bcae400bad38b96e98e35279
keystone user-create --tenant-id d5f00c8160b94fc5acdf2f2a79d790dc --name ec2 --pass ec2
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | |
| enabled | True |
| id | 2782536bd49a4802a575301ccdb44324 |
| name | ec2 |
| tenantId | d5f00c8160b94fc5acdf2f2a79d790dc |
+----------+----------------------------------+
keystone user-role-add --user-id 2782536bd49a4802a575301ccdb44324 --tenant-id d5f00c8160b94fc5acdf2f2a79d790dc --role-id c55516c9bcae400bad38b96e98e35279
keystone user-create --tenant-id d5f00c8160b94fc5acdf2f2a79d790dc --name swift --pass swiftpass
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | |
| enabled | True |
| id | cdee582c005745808f064ceea1e20953 |
| name | swift |
| tenantId | d5f00c8160b94fc5acdf2f2a79d790dc |
+----------+----------------------------------+
keystone user-role-add --user-id cdee582c005745808f064ceea1e20953 --tenant-id d5f00c8160b94fc5acdf2f2a79d790dc --role-id c55516c9bcae400bad38b96e98e35279
7.3
keystone service-create --name=keystone --type=identity --description="Identity Service"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Identity Service |
| id | c697cfd78fa14b8eaf296af2569b711c |
| name | keystone |
| type | identity |
+-------------+----------------------------------+
keystone endpoint-create \
--region RegionOne \
--service-id=c697cfd78fa14b8eaf296af2569b711c \
--publicurl=http://192.168.75.110:5000/v2.0 \
--internalurl=http://192.168.75.110:5000/v2.0 \
--adminurl=http://192.168.75.110:35357/v2.0
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| adminurl | http://192.168.75.110:35357/v2.0 |
| id | 6a32df6c6c714e30a9830cfe39e8d64f |
| internalurl | http://192.168.75.110:5000/v2.0 |
| publicurl | http://192.168.75.110:5000/v2.0 |
| region | RegionOne |
| service_id | c697cfd78fa14b8eaf296af2569b711c |
+-------------+----------------------------------+
keystone service-create --name=ec2 --type=ec2 --description="EC2 Compatibility Layer"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | EC2 Compatibility Layer |
| id | 528b19e43cec466192c770c26d3a73a3 |
| name | ec2 |
| type | ec2 |
+-------------+----------------------------------+
keystone --token 012345SECRET99TOKEN012345 \
--endpoint http://192.168.75.110:35357/v2.0/ \
endpoint-create \
--region RegionOne \
--service-id=528b19e43cec466192c770c26d3a73a3 \
--publicurl=http://192.168.75.110:8773/services/Cloud \
--internalurl=http://192.168.75.110:8773/services/Cloud \
--adminurl=http://192.168.75.110:8773/services/Admin
+-------------+-------------------------------------------+
| Property | Value |
+-------------+-------------------------------------------+
| adminurl | http://192.168.75.110:8773/services/Admin |
| id | 64007630d09c450a8418985c98dbcd07 |
| internalurl | http://192.168.75.110:8773/services/Cloud |
| publicurl | http://192.168.75.110:8773/services/Cloud |
| region | RegionOne |
| service_id | 528b19e43cec466192c770c26d3a73a3 |
+-------------+-------------------------------------------+
keystone service-create --name=swift --type=object-store --description="Object Storage Service"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Object Storage Service |
| id | b162fbd8a371465bba07b9c0ea3f9c32 |
| name | swift |
| type | object-store |
+-------------+----------------------------------+
keystone endpoint-create \
--region RegionOne \
--service-id=b162fbd8a371465bba07b9c0ea3f9c32 \
--publicurl 'http://192.168.75.110:8888/v1/AUTH_%(tenant_id)s' \
--adminurl 'http://192.168.75.110:8888/v1' \
--internalurl 'http://192.168.75.110:8888/v1/AUTH_%(tenant_id)s'
+-------------+--------------------------------------------------+
| Property | Value |
+-------------+--------------------------------------------------+
| adminurl | http://192.168.75.110:8888/v1 |
| id | 5eb5295ee08d4967838f2b8f3fd44939 |
| internalurl | http://192.168.75.110:8888/v1/AUTH_%(tenant_id)s |
| publicurl | http://192.168.75.110:8888/v1/AUTH_%(tenant_id)s |
| region | RegionOne |
| service_id | b162fbd8a371465bba07b9c0ea3f9c32 |
+-------------+--------------------------------------------------+
8.
unset OS_SERVICE_TOKEN
unset OS_SERVICE_ENDPOINT
9.
keystone --os-auth-url=http://192.168.75.110:35357/v2.0 token-get
keystone --os-username=admin --os-password=secrete --os-auth-url=http://192.168.75.110:35357/v2.0 token-get
keystone --os-username=admin --os-password=secrete --os-tenant-name=demo --os-auth-url=http://192.168.75.110:35357/v2.0 token-get
keystone --os-username=admin --os-password=secrete --os-auth-url=http://192.168.75.110:35357/v2.0 token-get
keystone --os-username=admin --os-password=secrete --os-tenant-name=service --os-auth-url=http://192.168.75.110:35357/v2.0 token-get
11.
vi keystonerc
export OS_USERNAME=swift
export OS_PASSWORD=swiftpass
export OS_TENANT_NAME=service
export OS_AUTH_URL=http://192.168.75.110:35357/v2.0
export OS_REGION_NAME=RegionOne
export OS_SERVICE_TOKEN=012345SECRET99TOKEN012345
export OS_SERVICE_ENDPOINT=http://192.168.75.110:35357/v2.0
export OS_USERNAME=admin
export OS_PASSWORD=secrete
export OS_TENANT_NAME=demo
export OS_AUTH_URL=http://192.168.75.110:35357/v2.0
source keystonerc
12.
keystone user-list
keystone role-list
-------------------------------------Server1, Server2, Server3, Server4----------------------------------------------------
1.安装SSH和Swift的核心包
sudo apt-get install swift openssh-server rsync memcached python-netifaces python-xattr python-memcache
2.在所有节点上创创建配置文件目录
sudo mkdir -p /etc/swift
sudo chown -R swift:swift /etc/swift/
3. 在所有节点上创创建swift配置文件(/etc/swift/swift.conf)
sudo vi /etc/swift/swift.conf
[swift-hash]
# random unique string that can never change (DO NOT LOSE)
swift_hash_path_suffix = fLIbertYgibbitZ
sudo chown -R swift:swift /etc/swift/
------------------------------------Server 2, Server 3, Server 4-----------------------------------------------------------
1.在所有存贮节点上安装Swift包
sudo apt-get install swift-account swift-container swift-object xfsprogs
2. 建立XFS文件系统存贮
sudo fdisk /dev/sdb //#然后一次选择 n, p, 1, 默认, 默认, w
sudo mkfs.xfs -f -i size=1024 /dev/sdb1
( 命令格式: sudo mkfs -t ext3 /dev/sdb1 )
sudo mkdir -p /srv/node/sdb1
sudo echo "/dev/sdb1 /srv/node/sdb1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
sudo mount /srv/node/sdb1
sudo chown -R swift:swift /srv/node
3. 创建数据同步配置文件(/etc/rsyncd.conf)
sudo vi /etc/rsyncd.conf
uid = swift
gid = swift
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
address = 192.168.4.2 或 192.168.4.3 或 192.168.4.4
[account]
max connections = 2
path = /srv/node/
read only = false
lock file = /var/lock/account.lock
[container]
max connections = 2
path = /srv/node/
read only = false
lock file = /var/lock/container.lock
[object]
max connections = 2
path = /srv/node/
read only = false
lock file = /var/lock/object.lock
4.启用系统同步
sudo vi /etc/default/rsync
RSYNC_ENABLE = true
sudo service rsync start
5.创建目录
sudo mkdir -p /var/swift/recon
sudo chown -R swift:swift /var/swift/recon
---------------------------------------------------Server 1----------------------------------------------------------
1.安装swift-proxy节点包
sudo apt-get install swift-proxy memcached python-keystoneclient python-swiftclient python-webob
2.生成SSL认证文件
cd /etc/swift
sudo openssl req -new -x509 -nodes -out cert.crt -keyout cert.key
3.修改缓存配置文件
sudo vi /etc/memcached.conf
将
-l 127.0.0.1
改为
-l 192.168.4.1
4.重启缓存服务
sudo service memcached restart
5.修改swift-proxy缓存配置文件
sudo vi /etc/swift/proxy-server.conf
[DEFAULT]
cert_file = /etc/swift/cert.crt
key_file = /etc/swift/cert.key
bind_port = 8888
user = swift
[pipeline:main]
pipeline = healthcheck cache authtoken keystoneauth proxy-server
[app:proxy-server]
use = egg:swift#proxy
allow_account_management = true
account_autocreate = true
[filter:keystoneauth]
use = egg:swift#keystoneauth
operator_roles = Member,admin,swiftoperator
[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
# Delaying the auth decision is required to support token-less
# usage for anonymous referrers ('.r:*').
delay_auth_decision = true
# cache directory for signing certificate
signing_dir = /home/swift/keystone-signing
# auth_* settings refer to the Keystone server
auth_protocol = http
auth_host = 192.168.75.110
auth_port = 35357
# the same admin_token as provided in keystone.conf
admin_token = 012345SECRET99TOKEN012345
# the service tenant and swift userid and password created in Keystone
admin_tenant_name = service
admin_user = swift
admin_password = swiftpass
[filter:cache]
use = egg:swift#memcache
memcache_servers = 192.168.75.110:11211
[filter:catch_errors]
use = egg:swift#catch_errors
[filter:healthcheck]
use = egg:swift#healthcheck
6. 创建swift的认证目录
sudo mkdir -p /home/swift/keystone-signing
sudo chown -R swift:swift /home/swift/keystone-signing
7.创建account, container, object的ring
cd /etc/swift
sudo swift-ring-builder account.builder create 18 3 24
sudo swift-ring-builder container.builder create 18 3 24
sudo swift-ring-builder object.builder create 18 3 24
8. 将存贮实体加入到环中
sudo swift-ring-builder account.builder add z1-192.168.4.2:6002/sdb1 100
sudo swift-ring-builder container.builder add z1-192.168.4.2:6001/sdb1 100
sudo swift-ring-builder object.builder add z1-192.168.4.2:6000/sdb1 100
sudo swift-ring-builder account.builder add z2-192.168.4.3:6002/sdb1 100
sudo swift-ring-builder container.builder add z2-192.168.4.3:6001/sdb1 100
sudo swift-ring-builder object.builder add z2-192.168.4.3:6000/sdb1 100
sudo swift-ring-builder account.builder add z3-192.168.4.4:6002/sdb1 100
sudo swift-ring-builder container.builder add z3-192.168.4.4:6001/sdb1 100
sudo swift-ring-builder object.builder add z3-192.168.4.4:6000/sdb1 100
9. 查看各个环
sudo swift-ring-builder account.builder
sudo swift-ring-builder container.builder
sudo swift-ring-builder object.builder
10. 平衡各个环
sudo swift-ring-builder account.builder rebalance
sudo swift-ring-builder container.builder rebalance
sudo swift-ring-builder object.builder rebalance
11. 将生成的环信息复制到Proxy节点与Storage节点的/etc/swift目录下
account.ring.gz
container.ring.gz
object.ring.gz
sudo chown -R swift:swift /etc/swift
sudo chmod g+rw,o+rw -R /etc/swift/
sudo scp account.ring.gz zyx@192.168.75.111:/etc/swift
sudo scp account.ring.gz zyx@192.168.75.112:/etc/swift
sudo scp account.ring.gz zyx@192.168.75.113:/etc/swift
sudo scp container.ring.gz zyx@192.168.75.111:/etc/swift
sudo scp container.ring.gz zyx@192.168.75.112:/etc/swift
sudo scp container.ring.gz zyx@192.168.75.113:/etc/swift
sudo scp object.ring.gz zyx@192.168.75.111:/etc/swift
sudo scp object.ring.gz zyx@192.168.75.112:/etc/swift
sudo scp object.ring.gz zyx@192.168.75.113:/etc/swift
12. 将各个配置文件的用户改为swift
sudo chown -R swift:swift /etc/swift
13. 启动代理服务
sudo service proxy-server start
sudo swift-init proxy start (有效)
------------------------------------------Server 2, Server 3, Server 4-----------------------------------------------------------
14.启动存贮服务
sudo service swift-object start
sudo service swift-object-replicator start
sudo service swift-object-updater start
sudo service swift-object-auditor start
sudo service swift-container start
sudo service swift-container-replicator start
sudo service swift-container-updater start
sudo service swift-container-auditor start
sudo service swift-account start
sudo service swift-account-replicator start
sudo service swift-account-updater start
sudo service swift-account-auditor start
sudo swift-init all start (有效)
或
sudo swift-init object-server start
sudo swift-init object-replicator start
sudo swift-init object-updater start
sudo swift-init object-auditor start
sudo swift-init container-server start
sudo swift-init container-replicator start
sudo swift-init container-updater start
sudo swift-init container-auditor start
sudo swift-init account-server start
sudo swift-init account-replicator start
sudo swift-init account-auditor start
------------------------------------------Verify the Installation-------------------------------------------------------------
15.验证Swift安装
15.1设置变量
export ADMINPASS=swiftpass
export SWIFT_PROXY_CONF="/etc/swift/proxy-server.conf"
15.1验证
swift -V 2.0 -A http://192.168.75.110:5000/v2.0 -U service:swift -K swiftpass stat (有效)
curl -d '{"auth":{"tenantName": "service","passwordCredentials":{"username": "swift","password": "swiftpass"}}}' -H "Content-type:application/json" http://192.168.75.110:35357/v2.0/tokens (有效)
{
"access": {
"token": {
"issued_at": "2013-07-20T02:20:19.836225",
"expires": "2013-07-21T02:20:19Z",
"id": "MIIHHAYJ.....",
"tenant": {
"description": "Service Tenant",
"enabled": true,
"id": "5e3af2dac2d1451ba90c4f151a40a463",
"name": "service"
}
},
"serviceCatalog": [
{
"endpoints": [
{
"adminURL": "http://192.168.75.110:8888/v1",
"region": "RegionOne",
"internalURL": "http://192.168.75.110:8888/v1/AUTH_5e3af2dac2d1451ba90c4f151a40a463",
"id": "944b056c8ea44f4bb2f85f350fc6d749",
"publicURL": "http://192.168.75.110:8888/v1/AUTH_5e3af2dac2d1451ba90c4f151a40a463"
}
],
"endpoints_links": [],
"type": "object-store",
"name": "swift"
},
{
"endpoints": [
{
"adminURL": "http://192.168.75.110:8773/services/Admin",
"region": "RegionOne",
"internalURL": "http://192.168.75.110:8773/services/Cloud",
"id": "14c95395690d4d5393ad91c4c9ce0191",
"publicURL": "http://192.168.75.110:8773/services/Cloud"
}
],
"endpoints_links": [],
"type": "ec2",
"name": "ec2"
},
{
"endpoints": [
{
"adminURL": "http://192.168.75.110:35357/v2.0",
"region": "RegionOne",
"internalURL": "http://192.168.75.110:5000/v2.0",
"id": "2c48f04762304a46ae6ae2bacfa0d91a",
"publicURL": "http://192.168.75.110:5000/v2.0"
}
],
"endpoints_links": [],
"type": "identity",
"name": "keystone"
}
],
"user": {
"username": "swift",
"roles_links": [],
"id": "eef77f25cf8b4563bffbcb4d9a6091bc",
"roles": [
{
"name": "_member_"
},
{
"name": "admin"
}
],
"name": "swift"
},
"metadata": {
"is_admin": 0,
"roles": [
"9fe2ff9ee4384b1894a90878d3e92bab",
"76f281288ce7401bbb5472f17e7197ec"
]
}
}
}
swift -A http://192.168.75.110:5000/v2.0 -U service:swift -K swiftpass upload myfiles bigfile1.tgz
15.3上传文件
swift upload myfiles bigfile1.tgz (有效)
swift -V 2.0 -A http://192.168.75.110:5000/v2.0 -U service:swift -K swiftpass stat (有效)
15.4下载文件
swift -A http://192.168.75.110:5000/v2.0 -U service:swift -K swiftpass download myfiles
swift download myfiles (有效)
http://blog.csdn.net/gjhnorth/article/details/9036869
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
http://www.openstack.org.cn/ask/?q-24.html
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Swift多节点安装
安装环境:
Proxy Node:192.168.5.152
Storage Node1:192.168.5.155
Storage Node1:192.168.5.156
Storage Node1:192.168.5.157
一、 安装配置存储节点(Storage Node)
在192.168.5.155存储节点上进行操作,其他存储节点操作内容相同
1、 安装需要的软件包
apt-get update
apt-get install swift swift-account swift-container swift-object swift-doc xfsprogs
2、 创建loopback设备(假设为sdb1)分出一个分区然后格式化
fdisk /dev/sdb
mkfs.xfs -i size=1024 /dev/sdb1
上面的方法是官方文档上的方法,也是推荐的方法,我使用的是创建回环设备来存
dd if=/dev/zero of=/srv/swift-node bs=1024 count=0 seek=1000000
mkfs.xfs -i size=1024 /srv/swift-node
3、 更新fstab文件
cat >> /etc/fstab <<EOF
/dev/sdb1 /swift/node/sdb1 xfs loop,noatime,nodiratime,nobarrier,logbufs=8 0 0
/dev/sdc1 /swift/node/sdc1 xfs loop,noatime,nodiratime,nobarrier,logbufs=8 0 0
/dev/sdd1 /swift/node/sdd1 xfs loop,noatime,nodiratime,nobarrier,logbufs=8 0 0
/dev/sde1 /swift/node/sde1 xfs loop,noatime,nodiratime,nobarrier,logbufs=8 0 0
EOF
4、 挂载
mkdir -p /swift/node/sdb1
mkdir -p /swift/node/sdc1
mkdir -p /swift/node/sdd1
mkdir -p /swift/node/sde1
mount /swift/node/sdb1
mount /swift/node/sdc1
mount /swift/node/sdd1
mount /swift/node/sde1
chown -R swift:swift /swift 注意 没有赋权限,会导致创建失败
5、 创建swift的配置文件
cat >/etc/swift/swift.conf <<EOF
[swift-hash]
# random unique string that can never change (DO NOT LOSE)
swift_hash_path_suffix = `od -t x8 -N 8 -A n </dev/random`
EOF
Note: 这个文件所有的存储节点和代理节点共用,可以用scp拷贝到其它节点
6、 安装rsync
apt-get install rsync
7、 创建rsync配置文件
cat > /etc/rsyncd.conf << EOF
uid = swift
gid = swift
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
address = 192.168.5.155
[account]
max connections = 2
path = /swift/node
read only = false
lock file = /var/lock/account.lock
[container]
max connections = 2
path = /swift/node
read only = false
lock file = /var/lock/container.lock
[object]
max connections = 2
path = /swift/node
read only = false
lock file = /var/lock/object.lock
EOF
注意:path 写你实际的(刚才新建的)分区的位置。address修改为当前storage的地址。
8、 启用rsync
perl -pi -e 's/RSYNC_ENABLE=false/RSYNC_ENABLE=true/' /etc/default/rsync
9、 启动rsync
service rsync start
10、 配置account服务
cat > /etc/swift/account-server.conf << EOF
[DEFAULT]
devices = /swift/node
mount_check = false
bind_ip = 0.0.0.0
bind_port = 6012
workers = 2
log_facility = LOG_LOCAL3
[pipeline:main]
pipeline = account-server
[app:account-server]
use = egg:swift#account
[account-replicator]
[account-auditor]
[account-reaper]
EOF
11、 配置container服务
cat > /etc/swift/container-server.conf << EOF
[DEFAULT]
devices = /swift/node
mount_check = false
bind_ip = 0.0.0.0
bind_port = 6011
workers = 2
log_facility = LOG_LOCAL2
[pipeline:main]
pipeline = container-server
[app:container-server]
use = egg:swift#container
[container-replicator]
[container-updater]
[container-auditor]
[container-sync]
EOF
12、 配置object服务
cat > /etc/swift/object-server.conf << EOF
[DEFAULT]
devices = /swift/node/
mount_check = false
bind_ip = 0.0.0.0
bind_port = 6010
workers = 2
log_facility = LOG_LOCAL1
[pipeline:main]
pipeline = object-server
[app:object-server]
use = egg:swift#object
[object-replicator]
[object-updater]
[object-auditor]
[object-expirer]
EOF
13、 创建swift日志配置文件
cat > /etc/rsyslog.d/10-swift.conf << EOF
local1,local2,local3.* /var/log/swift/all.log
local1.* /var/log/swift/object.log
local2.* /var/log/swift/container.log
local3.* /var/log/swift/account.log
EOF
14、 创建日志目录
mkdir -p /var/log/swift
chown -R syslog.adm /var/log/swift
15、 重启日志服务进程
service rsyslog restart
二、 安装配置代理节点(Proxy Node)
1、 安装需要的软件包
apt-get update
apt-get install swift swift-proxy swift-doc memcached
2、 修改memcached配置文件
perl -pi -e "s/-l 127.0.0.1/-l 192.168.5.152/" /etc/memcached.conf
3、 重启memcached服务
service memcached restart
4、 从存储节点拷贝swift配置文件
mkdir /etc/swift
scp root@192.168.5.155:/etc/swift/swift.conf /etc/swift
5、 创建proxy-server配置文件
--------------------------tempauth认证------------------------------------------------
cat > /etc/swift/proxy-server.conf << EOF
[DEFAULT]
bind_port =8080
bind_ip = 192.168.5.152
user = swift
[pipeline:main]
pipeline = healthcheck cache tempauth proxy-server
[app:proxy-server]
use = egg:swift#proxy
allow_account_management = true
account_autocreate = true
[filter:tempauth]
use = egg:swift#tempauth
user_admin_admin = admin .admin .reseller_admin
user_test_tester = testing .admin
user_test2_tester2 = testing2 .admin
user_test_tester3 = testing3
[filter:healthcheck]
use = egg:swift#healthcheck
[filter:cache]
use = egg:swift#memcache
memcache_servers = 192.168.5.152:11211
EOF
-----------------------------keystone认证----------------------------------------------------------
cat > /etc/swift/proxy-server.conf << EOF
[DEFAULT]
bind_port = 8080
bind_ip = 192.168.5.152
user = swift
log_level = DEBUG
log_facility = LOG_LOCAL1
[pipeline:main]
pipeline = healthcheck cache authtoken keystone proxy-server
[app:proxy-server]
use = egg:swift#proxy
allow_account_management = true
account_autocreate = true
[filter:keystone]
paste.filter_factory = keystone.middleware.swift_auth:filter_factory
operator_roles = admin, swiftoperator
[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
delay_auth_decision = 1
auth_port = 35357
auth_host = 192.168.5.152
auth_protocol = http
service_protocol = http
service_host = 192.168.5.152
service_port = 5000
admin_tenant_name = service
admin_user = swift
admin_password = 12345678
[filter:healthcheck]
use = egg:swift#healthcheck
[filter:cache]
use = egg:swift#memcache
memcache_servers = 192.168.5.152:11211
EOF
6、 创建swift日志配置文件
cat > /etc/rsyslog.d/10-swift.conf << EOF
local1.* /var/log/swift/proxy.log
EOF
7、 创建日志目录
mkdir -p /var/log/swift
chown -R syslo.adm /var/log/swift
8、 重启日志服务进程
service rsyslog restart
9、 首先创建环
cd /etc/swift
swift-ring-builder account.builder create 18 3 1
swift-ring-builder container.builder create 18 3 1
swift-ring-builder object.builder create 18 3 1
Note: 后面的数字第一个为存储分区数,第二个为备份次数,备份次数不能小于ZONE数目,第三个为延迟删除的时间,以小时为单位
10、向环里添加存储设备我前面配置了三台存储节点:
|---------+------+-----------+-----------+------+--------|
| Storage | Zone | IP | Server | Port | Device |
|---------+------+-----------+-----------+------+--------|
| 1 | 1 |192.168.5.155| account | 6012 | sdb1 |
| | | | container | 6011 | sdb1 |
| | | | object | 6010 | sdb1 |
|---------+------+-----------+-----------+------+--------|
| 2 | 2 |192.168.5.156 | account | 6012 | sdb1 |
| | | | container | 6011 | sdb1 |
| | | | object | 6010 | sdb1 |
|---------+------+-----------+-----------+------+--------|
| 3 | 3 |192.168.5.157 | account | 6012 | sdb1 |
| | | | container | 6011 | sdb1 |
| | | | object | 6010 | sdb1 |
|---------+------+-----------+-----------+------+--------|
cd /etc/swift
swift-ring-builder account.builder add z1-192.168.5.155:6012/sdb1 100
swift-ring-builder container.builder add z1-192.168.5.155:6011/sdb1 100
swift-ring-builder object.builder add z1-192.168.5.155:6010/sdb1 100
swift-ring-builder account.builder add z2-192.168.5.156:6012/sdb1 100
swift-ring-builder container.builder add z2-192.168.5.156:6011/sdb1 100
swift-ring-builder object.builder add z2-192.168.5.156:6010/sdb1 100
swift-ring-builder account.builder add z3-192.168.5.157:6012/sdb1 100
swift-ring-builder container.builder add z3-192.168.5.157:6011/sdb1 100
swift-ring-builder object.builder add z3-192.168.5.157:6010/sdb1 100
Note: IP,端口,设备和前面的配置对应
11、 检验每个环里的条目
cd /etc/swift
swift-ring-builder account.builder
swift-ring-builder container.builder
swift-ring-builder object.builder
应该得到类似这样的输出
account.builder, build version 3
262144 partitions, 3 replicas, 3 zones, 3 devices, 0.00 balance
The minimum number of hours before a partition can be reassigned is 1
Devices: id zone ip address port name weight partitions balance meta
0 1 192.168.5.155 6012 sdb1 100.00 262144 0.00
1 2 192.168.5.156 6012 sdb1 100.00 262144 0.00
2 3 192.168.5.157 6012 sdb1 100.00 262144 0.00
14、 平衡环
cd /etc/swift
swift-ring-builder account.builder rebalance
swift-ring-builder container.builder rebalance
swift-ring-builder object.builder rebalance
Note: 这个过程可能需要一些时间
Note: 这三条命令会产生以gz结尾的文件,这些文件就是所有节点要用到的环文件,可以用scp拷贝到其它各节点
Note: 如果创建环的时候指定的副本数大于环的数量,平衡环的时候可能会报类似下面的错误
... in _initial_balance
while available_devs[index]['zone'] in other_zones:
IndexError: list index out of range
15、 分发新生成的环文件
scp /etc/swift/*.gz root@192.168.5.155:/etc/swift/
scp /etc/swift/*.gz root@192.168.5.156:/etc/swift/
scp /etc/swift/*.gz root@192.168.5.157:/etc/swift/
16、 启动各节点相关的服务
# 代理节点
swift-init proxy start
# 存储节点
swift-init all start
三、测试swift
1、得到an X-Storage-Url 和X-Auth-Token
root@node11:/etc/swift# curl -v -H 'X-Storage-User: test:tester' -H 'X-Storage-Pass: testing' http://192.168.5.152:8080/auth/v1.0
* About to connect() to 192.168.5.152 port 8080 (#0)
* Trying 192.168.5.152... connected
> GET /auth/v1.0 HTTP/1.1
> User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
> Host: 192.168.5.152:8080
> Accept: */*
> X-Storage-User: test:tester
> X-Storage-Pass: testing
>
< HTTP/1.1 200 OK
< X-Storage-Url: http://192.168.5.152:8080/v1/AUTH_test
< X-Storage-Token: AUTH_tk51644b8e782040f6ab788caa23ad6a1b
< X-Auth-Token: AUTH_tk51644b8e782040f6ab788caa23ad6a1b
< Content-Length: 0
< Date: Thu, 11 Oct 2012 07:47:53 GMT
<
* Connection #0 to host 192.168.5.152 left intact
* Closing connection #0
root@node11:/etc/swift# curl -v -H 'X-Auth-Token: AUTH_tk51644b8e782040f6ab788caa23ad6a1b' http://192.168.5.152:8080/v1/AUTH_test
* About to connect() to 192.168.5.152 port 8080 (#0)
* Trying 192.168.5.152... connected
> GET /v1/AUTH_test HTTP/1.1
> User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
> Host: 192.168.5.152:8080
> Accept: */*
> X-Auth-Token: AUTH_tk51644b8e782040f6ab788caa23ad6a1b
>
< HTTP/1.1 204 No Content
< X-Account-Object-Count: 0
< X-Account-Bytes-Used: 0
< X-Account-Container-Count: 0
< Accept-Ranges: bytes
< Content-Length: 0
< Date: Thu, 11 Oct 2012 07:48:24 GMT
<
* Connection #0 to host 192.168.5.152 left intact
* Closing connection #0
测试swift目前工作状态
swift -A http://192.168.5.152:8080/auth/v1.0 -U test:tester -K testing stat
将当前目录下test.txt文件上传到myfiles目录
swift -A http://192.168.5.152:8080/auth/v1.0 -U test:tester -K testing upload myfiles test.txt
