Install swift using keystone-certified multi-node

Last Update:2018-12-03 Source: Internet

Author: User

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Please indicate the source for reprinting: http://blog.csdn.net/cywosp/article/details/7439440 Note: The red areas below are marked with redundant information due to the blog editor 1. Summary description
All operations involved in this article are verified on Ubuntu Server 11.10 64-bit system. This article refers to the relevant documentation of Openstack keystone, the specific information is as follows:
Linux system version: Ubuntu Server 11.10 64-bit oneiric
Proxy Server IP: 192.168.112.129
Storage Server One: 192.168.112.130
Storage Server Two: 192.168.112.131
Storage Server Three: 192.168.112.132
Keystone Server IP: 192.168.112.133
Official document: www.openstack.org
Reference document: http://keystone.openstack.org/installing.html
Swift version: 1.4.8
Keystone version: 2012.2
2. Create swift users for each machine

sudo useradd -mk / home / swift / -s / bin / bash swift
sudo passwd swift #Add a password for the swift user

Edit the / etc / sudoer file and add the following code at the end of the file
swift ALL = (ALL) NOPASSWD: ALL
3. Download the source code (operate under swift users)
1. Install the git tool
sudo apt-get install git-core

2. Download the keystone and swift source code in the Proxy machine
su swift #Switch to swift user
sudo mkdir / home / swift / openstack #Create a directory to store
cd / home / swift / openstack
git clone https://github.com/openstack/swift.git #download swift
cd swift
git checkout 1.4.8 # Use version 1.4.8, in the swift directory you can
#Use the git tag command to see how many versions there are

git clone https://github.com/openstack/keystone.git
cd keystone
git checkout 75a8dfe

3. Download swift in each storage node machine
su swift #Switch to swift user
sudo mkdir / home / swift / openstack #Create a directory to store
cd / home / swift / openstack
git clone https://github.com/openstack/swift.git #download swift
cd swift
git checkout 1.4.8 # Use version 1.4.8, in the swift directory you can
#Use the git tag command to see how many versions there are

4. Download keystone and python-keystoneclient in the machine of Auth (keystone) node
su swift #Switch to swift user
sudo mkdir / home / swift / openstack #Create a directory to store
cd / home / swift / openstack
git clone https://github.com/openstack/keystone.git
cd keystone
git checkout 75a8dfe

git clone https://github.com/openstack/python-keystoneclient.git
cd / home / swift / openstack / python-keystoneclient
4. Install swift and keystone and related dependencies (operate under swift users)
1. Installation on all Storage nodes
sudo apt-get --option Dpkg :: Options :: =-force-confold --assume-yes update
sudo apt-get install pep8 pylint python-pip screen unzip wget psmisc git-core lsof vim-nox curl python-mysqldb

cd / home / swift / openstack /
sudo pip install -r ./swift/tools/ pip-requires #install swift related dependencies, here may take some time
#Install swift
cd / home / swift / openstack / swift
sudo python setup.py install --record file.txt #If you want to delete the installed things need to be deleted by the root user, delete method:
sudo cat file.txt | xargs rm -rf

2. Installation on the Proxy node
sudo apt-get --option Dpkg :: Options :: =-force-confold --assume-yes update
sudo apt-get install pep8 pylint python-pip screen unzip wget psmisc git-core lsof vim-nox curl python-mysqldb

cd / home / swift / openstack /
sudo pip install -r ./swift/tools/ pip-requires
cd / home / swift / openstack / swift
sudo python setup.py install --record file.txt

cd / home / swift / openstack / keystone
sudo pip install -r ./tools/pip-requires
sudo python setup.py install --record file.txt

3. Installation of Auth (Keystone) node
sudo apt-get --option Dpkg :: Options :: =-force-confold --assume-yes update
sudo apt-get install pep8 pylint python-pip screen unzip wget psmisc git-core lsof vim-nox curl python-mysqldb mysql-server mysql-client

cd / home / swift / openstack /
sudo pip install -r ./keystone/tools/pip-requires
sudo pip install -r ./ python-keystoneclient / tools / pip-requires

cd / home / swift / openstack / python-keystoneclient /
sudo python setup.py install --record file.txt
cd / home / swift / openstack / keystone
sudo python setup.py install --record file.txt
5. Proxy node settings (192.168.112.129)
1.sudo apt-get install memcached #install cache server
Modify the /etc/memcached.conf file and change -l 127.0.0.1 to -l 192.168.112.129 (here I set it according to my own situation, the specific reason is shown in the figure in the first point)
sudo service memcached restart

sudo mkdir / etc / swift
cd / etc / swift
sudo chown -R swift: swift / etc / swift
cp /home/swift/openstack/swift/etc/proxy-server.conf / etc / swift /
cp /home/swift/openstack/swift/etc/swift.conf / etc / swift /

2. Modify the /etc/swift/proxy-server.conf file, the specific content is as follows, items that are not in the original file need to be added by themselves
[DEFAULT]
bind_port = 8080
user = swift
swift_dir = / etc / swift
workers = 1

[pipeline: main]
pipeline = healthcheck cache swift3 authtoken keystone proxy-server

[app: proxy-server]
use = egg: swift # proxy
allow_account_management = true
account_autocreate = true

[filter: keystone]
paste.filter_factory = keystone.middleware.swift_auth: filter_factory
operator_roles = Member, admin

[filter: authtoken]
paste.filter_factory = keystone.middleware.auth_token: filter_factory
auth_host = 192.168.112.133
auth_port = 35357
auth_protocol = http
auth_uri = http://192.168.112.133:5000/
admin_tenant_name = service
admin_user = swift
admin_password = admin

[filter: swift3]
use = egg: swift # swift3

[filter: healthcheck]
use = egg: swift # healthcheck

[filter: cache]
use = egg: swift # memcache

The 192.168.112.133 part is the IP of the Auth (Keystone) node
3. Modify /etc/swift/swift.conf, the ‘cynric’ part is changed at will, you can change it according to your needs
[swift-hash]
swift_hash_path_suffix = cynric

4. Generate related ring and builder files, use the following command to generate, the bold part is changed according to the specific situation, the specific reason see the figure in the summary description. Each machine uses one domain (z1, z2, z3 ... increment in sequence)
sudo chown -R swift: swift / etc / swift / *
cd / etc / swift
swift-ring-builder object.builder create 18 3 1
swift-ring-builder container.builder create 18 3 1
swift-ring-builder account.builder create 18 3 1

export HOST_IP = 192.168.112.130

swift-ring-builder object.builder add z1-$ {HOST_IP}: 6010 / sdb1 100

A table below, you can log in to view
+ ------------------------ +
| Tables_in_keystone |
+ ------------------------ +
| ec2_credential |
| endpoint |
| metadata |
| migrate_version |
| role |
| service |
| tenant |
| token |
| user |
| user_tenant_membership |
+ ------------------------ +

4. Create the corresponding keystone user and keystone service endpoint
#! / usr / bin / env bash

ADMIN_PASSWORD = admin
ENABLE_SWIFT = 1
ENABLE_ENDPOINTS = 1

KEYSTONE_CONF = $ {KEYSTONE_CONF:-/ etc / keystone / keystone.conf}
SERVICE_PASSWORD = $ {SERVICE_PASSWORD:-$ ADMIN_PASSWORD}

# Extract some info from Keystone's configuration file
if [[-r "$ KEYSTONE_CONF"]]; then
CONFIG_SERVICE_TOKEN = $ (sed 's / [[: space:]] // g' $ KEYSTONE_CONF | grep ^ admin_token = | cut -d '=' -f2)
CONFIG_ADMIN_PORT = $ (sed 's / [[: space:]] // g' $ KEYSTONE_CONF | grep ^ admin_port = | cut -d '=' -f2)
fi

export SERVICE_TOKEN = $ {SERVICE_TOKEN:-$ CONFIG_SERVICE_TOKEN}
if [[-z "$ SERVICE_TOKEN"]]; then
echo "No service token found."
echo "Set SERVICE_TOKEN manually from keystone.conf admin_token."
exit 1
fi

export SERVICE_ENDPOINT = $ {SERVICE_ENDPOINT: -http: //127.0.0.1: $ {CONFIG_ADMIN_PORT: -35357} /v2.0}

function get_id () {
echo `" $ @ "| grep 'id' | awk '{print $ 4}'`
}

# Tenants
ADMIN_TENANT = $ (get_id keystone tenant-create --name = admin)
SERVICE_TENANT = $ (get_id keystone tenant-create --name = service)
DEMO_TENANT = $ (get_id keystone tenant-create --name = demo)

# Users
ADMIN_USER = $ (get_id keystone user-create --name = admin \
--pass = "$ ADMIN_PASSWORD" \
--email=admin@example.com)
DEMO_USER = $ (get_id keystone user-create --name = demo \
--pass = "$ ADMIN_PASSWORD" \
--email=admin@example.com)

# Roles
ADMIN_ROLE = $ (get_id keystone role-create --name = admin)
MEMBER_ROLE = $ (get_id keystone role-create --name = Member)
KEYSTONEADMIN_ROLE = $ (get_id keystone role-create --name = KeystoneAdmin)
KEYSTONESERVICE_ROLE = $ (get_id keystone role-create --name = KeystoneServiceAdmin)
SYSADMIN_ROLE = $ (get_id keystone role-create --name = sysadmin)

# Add Roles to Users in Tenants
keystone user-role-add --user $ ADMIN_USER --role $ ADMIN_ROLE --tenant_id $ ADMIN_TENANT
keystone user-role-add --user $ DEMO_USER --role $ MEMBER_ROLE --tenant_id $ DEMO_TENANT
keystone user-role-add --user $ DEMO_USER --role $ SYSADMIN_ROLE --tenant_id $ DEMO_TENANT
keystone user-role-add --user $ ADMIN_USER --role $ ADMIN_ROLE --tenant_id $ DEMO_TENANT

# TODO (termie): these two might be dubious
keystone user-role-add --user $ ADMIN_USER --role $ KEYSTONEADMIN_ROLE --tenant_id $ ADMIN_TENANT
keystone user-role-add --user $ ADMIN_USER --role $ KEYSTONESERVICE_ROLE --tenant_id $ ADMIN_TENANT

# Services
KEYSTONE_SERVICE = $ (get_id \
keystone service-create --name = keystone \
--type = identity \
--description = "Keystone Identity Service")
if [[-n "$ ENABLE_ENDPOINTS"]]; then
keystone endpoint-create --region RegionOne --service_id $ KEYSTONE_SERVICE \
--publicurl 'http: // localhost: $ [public_port) s / v2.0' \
--adminurl 'http: // localhost: $ [admin_port) s / v2.0' \
--internalurl 'http: // localhost: $ [admin_port) s / v2.0'
fi

if [[-n "$ ENABLE_SWIFT"]]; then
SWIFT_SERVICE = $ (get_id keystone service-create --name = swift \
--type = "object-store" \
--description = "Swift Service")
SWIFT_USER = $ (get_id keystone user-create --name = swift \
--pass = "$ SERVICE_PASSWORD" \
--tenant_id $ SERVICE_TENANT \
--email=swift@example.com)
keystone user-role-add --tenant_id $ SERVICE_TENANT \
--user $ SWIFT_USER \
--role $ ADMIN_ROLE
keystone endpoint-create --region RegionOne --service_id $ SWIFT_SERVICE \
--publicurl 'http://192.168.112.129:8080/v1/AUTH_$(tenant_id)s' \
--adminurl 'http://192.168.112.129:8080/' \
--internalurl 'http://192.168.112.129:8080/v1/AUTH_$(tenant_id)s'
fi
Copy the above shell code to a file and execute it (in the Auth (Keystone) host).
It creates data for the following main relationships:
Tenant User Roles password
-------------------------------------------------- ---------
admin admin admin admin
service swift admin admin
demo admin admin admin
demo demo Member, sysadmin admin

Note: When creating a swift endpoint, each URL must point to a Proxy node, such as the above IP address (192.168.112.129). If there are multiple Proxy nodes, multiple endpoints need to be added.

8. Start the service of each node (operation under swift user)
Proxy node: swift-init proxy start

Storage nodes: swift-init all start

Auth (Keystone) node:

sudo screen -S keystone #Create a temporary terminal named keystone so that it can be hidden
Hide extra print information

su swift #Switch to swift user

keystone-all #A lot of information will be output here, which can be used during debugging

Quickly press the Ctrl + a Ctrl + d key, at this time will return a message similar to this [detached from
4334.key], remember the number of the red part, you can use the command to restore the original keystone temporary terminal: sudo screen -r 4334

9. Verification and use
a. Verify that the entire storage architecture is successful (operate on the Proxy node or the node where swift is installed)

swift -A http://192.168.112.133:5000/v2.0 -U admin -K admin stat -V 2

Successful execution will return information similar to the following:

Account: AUTH_308722b8cc8747a5afdd9b7b1f6155e8

Containers: 0

Objects: 0

Bytes: 0

Accept-Ranges: bytes

b. Test with curl

curl -d '{"auth": {"tenantName": "admin", "passwordCredentials": {"username": "admin", "password": "admin"}}}' -H "Content-type: application / json "http://192.168.112.133:35357/v2.0/tokens | python -mjson.tool

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More

Install swift using keystone-certified multi-node

Contact Us

What's Trending

Top 10 Tags

Top 10 Keywords

A Free Trial That Lets You Build Big!

Sales Support

After-Sales Support

Install swift using keystone-certified multi-node

Contact Us

What's Trending

Top 10 Tags

Top 10 Keywords

Trending Topic

A Free Trial That Lets You Build Big!

Sales Support

After-Sales Support