Please indicate the source for reprinting: http://blog.csdn.net/cywosp/article/details/7439440 Note: The red areas below are marked with redundant information due to the blog editor 1. Summary description
All operations involved in this article are verified on Ubuntu Server 11.10 64-bit system. This article refers to the relevant documentation of Openstack keystone, the specific information is as follows:
Linux system version: Ubuntu Server 11.10 64-bit oneiric
Proxy Server IP: 192.168.112.129
Storage Server One: 192.168.112.130
Storage Server Two: 192.168.112.131
Storage Server Three: 192.168.112.132
Keystone Server IP: 192.168.112.133
Official document: www.openstack.org
Reference document: http://keystone.openstack.org/installing.html
Swift version: 1.4.8
Keystone version: 2012.2
2. Create swift users for each machine
sudo useradd -mk / home / swift / -s / bin / bash swift
sudo passwd swift #Add a password for the swift user
Edit the / etc / sudoer file and add the following code at the end of the file
swift ALL = (ALL) NOPASSWD: ALL
3. Download the source code (operate under swift users)
1. Install the git tool
sudo apt-get install git-core
2. Download the keystone and swift source code in the Proxy machine
su swift #Switch to swift user
sudo mkdir / home / swift / openstack #Create a directory to store
cd / home / swift / openstack
git clone https://github.com/openstack/swift.git #download swift
cd swift
git checkout 1.4.8 # Use version 1.4.8, in the swift directory you can
#Use the git tag command to see how many versions there are
git clone https://github.com/openstack/keystone.git
cd keystone
git checkout 75a8dfe
3. Download swift in each storage node machine
su swift #Switch to swift user
sudo mkdir / home / swift / openstack #Create a directory to store
cd / home / swift / openstack
git clone https://github.com/openstack/swift.git #download swift
cd swift
git checkout 1.4.8 # Use version 1.4.8, in the swift directory you can
#Use the git tag command to see how many versions there are
4. Download keystone and python-keystoneclient in the machine of Auth (keystone) node
su swift #Switch to swift user
sudo mkdir / home / swift / openstack #Create a directory to store
cd / home / swift / openstack
git clone https://github.com/openstack/keystone.git
cd keystone
git checkout 75a8dfe
git clone https://github.com/openstack/python-keystoneclient.git
cd / home / swift / openstack / python-keystoneclient
4. Install swift and keystone and related dependencies (operate under swift users)
1. Installation on all Storage nodes
sudo apt-get --option Dpkg :: Options :: =-force-confold --assume-yes update
sudo apt-get install pep8 pylint python-pip screen unzip wget psmisc git-core lsof vim-nox curl python-mysqldb
cd / home / swift / openstack /
sudo pip install -r ./swift/tools/ pip-requires #install swift related dependencies, here may take some time
#Install swift
cd / home / swift / openstack / swift
sudo python setup.py install --record file.txt #If you want to delete the installed things need to be deleted by the root user, delete method:
sudo cat file.txt | xargs rm -rf
2. Installation on the Proxy node
sudo apt-get --option Dpkg :: Options :: =-force-confold --assume-yes update
sudo apt-get install pep8 pylint python-pip screen unzip wget psmisc git-core lsof vim-nox curl python-mysqldb
cd / home / swift / openstack /
sudo pip install -r ./swift/tools/ pip-requires
cd / home / swift / openstack / swift
sudo python setup.py install --record file.txt
cd / home / swift / openstack / keystone
sudo pip install -r ./tools/pip-requires
sudo python setup.py install --record file.txt
3. Installation of Auth (Keystone) node
sudo apt-get --option Dpkg :: Options :: =-force-confold --assume-yes update
sudo apt-get install pep8 pylint python-pip screen unzip wget psmisc git-core lsof vim-nox curl python-mysqldb mysql-server mysql-client
cd / home / swift / openstack /
sudo pip install -r ./keystone/tools/pip-requires
sudo pip install -r ./ python-keystoneclient / tools / pip-requires
cd / home / swift / openstack / python-keystoneclient /
sudo python setup.py install --record file.txt
cd / home / swift / openstack / keystone
sudo python setup.py install --record file.txt
5. Proxy node settings (192.168.112.129)
1.sudo apt-get install memcached #install cache server
Modify the /etc/memcached.conf file and change -l 127.0.0.1 to -l 192.168.112.129 (here I set it according to my own situation, the specific reason is shown in the figure in the first point)
sudo service memcached restart
sudo mkdir / etc / swift
cd / etc / swift
sudo chown -R swift: swift / etc / swift
cp /home/swift/openstack/swift/etc/proxy-server.conf / etc / swift /
cp /home/swift/openstack/swift/etc/swift.conf / etc / swift /
2. Modify the /etc/swift/proxy-server.conf file, the specific content is as follows, items that are not in the original file need to be added by themselves
[DEFAULT]
bind_port = 8080
user = swift
swift_dir = / etc / swift
workers = 1
[pipeline: main]
pipeline = healthcheck cache swift3 authtoken keystone proxy-server
[app: proxy-server]
use = egg: swift # proxy
allow_account_management = true
account_autocreate = true
[filter: keystone]
paste.filter_factory = keystone.middleware.swift_auth: filter_factory
operator_roles = Member, admin
[filter: authtoken]
paste.filter_factory = keystone.middleware.auth_token: filter_factory
auth_host = 192.168.112.133
auth_port = 35357
auth_protocol = http
auth_uri = http://192.168.112.133:5000/
admin_tenant_name = service
admin_user = swift
admin_password = admin
[filter: swift3]
use = egg: swift # swift3
[filter: healthcheck]
use = egg: swift # healthcheck
[filter: cache]
use = egg: swift # memcache
The 192.168.112.133 part is the IP of the Auth (Keystone) node
3. Modify /etc/swift/swift.conf, the ‘cynric’ part is changed at will, you can change it according to your needs
[swift-hash]
swift_hash_path_suffix = cynric
4. Generate related ring and builder files, use the following command to generate, the bold part is changed according to the specific situation, the specific reason see the figure in the summary description. Each machine uses one domain (z1, z2, z3 ... increment in sequence)
sudo chown -R swift: swift / etc / swift / *
cd / etc / swift
swift-ring-builder object.builder create 18 3 1
swift-ring-builder container.builder create 18 3 1
swift-ring-builder account.builder create 18 3 1
export HOST_IP = 192.168.112.130
swift-ring-builder object.builder add z1-$ {HOST_IP}: 6010 / sdb1 100
Please indicate the source for reprinting: http://blog.csdn.net/cywosp/article/details/7439440 Note: The red areas below are marked with redundant information due to the blog editor 1. Summary description
All operations involved in this article are verified on Ubuntu Server 11.10 64-bit system. This article refers to the relevant documentation of Openstack keystone, the specific information is as follows:
Linux system version: Ubuntu Server 11.10 64-bit oneiric
Proxy Server IP: 192.168.112.129
Storage Server One: 192.168.112.130
Storage Server Two: 192.168.112.131
Storage Server Three: 192.168.112.132
Keystone Server IP: 192.168.112.133
Official document: www.openstack.org
Reference document: http://keystone.openstack.org/installing.html
Swift version: 1.4.8
Keystone version: 2012.2
2. Create swift users for each machine
sudo useradd -mk / home / swift / -s / bin / bash swift
sudo passwd swift #Add a password for the swift user
Edit the / etc / sudoer file and add the following code at the end of the file
swift ALL = (ALL) NOPASSWD: ALL
3. Download the source code (operate under swift users)
1. Install the git tool
sudo apt-get install git-core
2. Download the keystone and swift source code in the Proxy machine
su swift #Switch to swift user
sudo mkdir / home / swift / openstack #Create a directory to store
cd / home / swift / openstack
git clone https://github.com/openstack/swift.git #download swift
cd swift
git checkout 1.4.8 # Use version 1.4.8, in the swift directory you can
#Use the git tag command to see how many versions there are
git clone https://github.com/openstack/keystone.git
cd keystone
git checkout 75a8dfe
3. Download swift in each storage node machine
su swift #Switch to swift user
sudo mkdir / home / swift / openstack #Create a directory to store
cd / home / swift / openstack
git clone https://github.com/openstack/swift.git #download swift
cd swift
git checkout 1.4.8 # Use version 1.4.8, in the swift directory you can
#Use the git tag command to see how many versions there are
4. Download keystone and python-keystoneclient in the machine of Auth (keystone) node
su swift #Switch to swift user
sudo mkdir / home / swift / openstack #Create a directory to store
cd / home / swift / openstack
git clone https://github.com/openstack/keystone.git
cd keystone
git checkout 75a8dfe
git clone https://github.com/openstack/python-keystoneclient.git
cd / home / swift / openstack / python-keystoneclient
4. Install swift and keystone and related dependencies (operate under swift users)
1. Installation on all Storage nodes
sudo apt-get --option Dpkg :: Options :: =-force-confold --assume-yes update
sudo apt-get install pep8 pylint python-pip screen unzip wget psmisc git-core lsof vim-nox curl python-mysqldb
cd / home / swift / openstack /
sudo pip install -r ./swift/tools/ pip-requires #install swift related dependencies, here may take some time
#Install swift
cd / home / swift / openstack / swift
sudo python setup.py install --record file.txt #If you want to delete the installed things need to be deleted by the root user, delete method:
sudo cat file.txt | xargs rm -rf
2. Installation on the Proxy node
sudo apt-get --option Dpkg :: Options :: =-force-confold --assume-yes update
sudo apt-get install pep8 pylint python-pip screen unzip wget psmisc git-core lsof vim-nox curl python-mysqldb
cd / home / swift / openstack /
sudo pip install -r ./swift/tools/ pip-requires
cd / home / swift / openstack / swift
sudo python setup.py install --record file.txt
cd / home / swift / openstack / keystone
sudo pip install -r ./tools/pip-requires
sudo python setup.py install --record file.txt
3. Installation of Auth (Keystone) node
sudo apt-get --option Dpkg :: Options :: =-force-confold --assume-yes update
sudo apt-get install pep8 pylint python-pip screen unzip wget psmisc git-core lsof vim-nox curl python-mysqldb mysql-server mysql-client
cd / home / swift / openstack /
sudo pip install -r ./keystone/tools/pip-requires
sudo pip install -r ./ python-keystoneclient / tools / pip-requires
cd / home / swift / openstack / python-keystoneclient /
sudo python setup.py install --record file.txt
cd / home / swift / openstack / keystone
sudo python setup.py install --record file.txt
5. Proxy node settings (192.168.112.129)
1.sudo apt-get install memcached #install cache server
Modify the /etc/memcached.conf file and change -l 127.0.0.1 to -l 192.168.112.129 (here I set it according to my own situation, the specific reason is shown in the figure in the first point)
sudo service memcached restart
sudo mkdir / etc / swift
cd / etc / swift
sudo chown -R swift: swift / etc / swift
cp /home/swift/openstack/swift/etc/proxy-server.conf / etc / swift /
cp /home/swift/openstack/swift/etc/swift.conf / etc / swift /
2. Modify the /etc/swift/proxy-server.conf file, the specific content is as follows, items that are not in the original file need to be added by themselves
[DEFAULT]
bind_port = 8080
user = swift
swift_dir = / etc / swift
workers = 1
[pipeline: main]
pipeline = healthcheck cache swift3 authtoken keystone proxy-server
[app: proxy-server]
use = egg: swift # proxy
allow_account_management = true
account_autocreate = true
[filter: keystone]
paste.filter_factory = keystone.middleware.swift_auth: filter_factory
operator_roles = Member, admin
[filter: authtoken]
paste.filter_factory = keystone.middleware.auth_token: filter_factory
auth_host = 192.168.112.133
auth_port = 35357
auth_protocol = http
auth_uri = http://192.168.112.133:5000/
admin_tenant_name = service
admin_user = swift
admin_password = admin
[filter: swift3]
use = egg: swift # swift3
[filter: healthcheck]
use = egg: swift # healthcheck
[filter: cache]
use = egg: swift # memcache
The 192.168.112.133 part is the IP of the Auth (Keystone) node
3. Modify /etc/swift/swift.conf, the ‘cynric’ part is changed at will, you can change it according to your needs
[swift-hash]
swift_hash_path_suffix = cynric
4. Generate related ring and builder files, use the following command to generate, the bold part is changed according to the specific situation, the specific reason see the figure in the summary description. Each machine uses one domain (z1, z2, z3 ... increment in sequence)
sudo chown -R swift: swift / etc / swift / *
cd / etc / swift
swift-ring-builder object.builder create 18 3 1
swift-ring-builder container.builder create 18 3 1
swift-ring-builder account.builder create 18 3 1
export HOST_IP = 192.168.112.130
swift-ring-builder object.builder add z1-$ {HOST_IP}: 6010 / sdb1 100
A table below, you can log in to view
+ ------------------------ +
| Tables_in_keystone |
+ ------------------------ +
| ec2_credential |
| endpoint |
| metadata |
| migrate_version |
| role |
| service |
| tenant |
| token |
| user |
| user_tenant_membership |
+ ------------------------ +
4. Create the corresponding keystone user and keystone service endpoint
#! / usr / bin / env bash
ADMIN_PASSWORD = admin
ENABLE_SWIFT = 1
ENABLE_ENDPOINTS = 1
KEYSTONE_CONF = $ {KEYSTONE_CONF:-/ etc / keystone / keystone.conf}
SERVICE_PASSWORD = $ {SERVICE_PASSWORD:-$ ADMIN_PASSWORD}
# Extract some info from Keystone's configuration file
if [[-r "$ KEYSTONE_CONF"]]; then
CONFIG_SERVICE_TOKEN = $ (sed 's / [[: space:]] // g' $ KEYSTONE_CONF | grep ^ admin_token = | cut -d '=' -f2)
CONFIG_ADMIN_PORT = $ (sed 's / [[: space:]] // g' $ KEYSTONE_CONF | grep ^ admin_port = | cut -d '=' -f2)
fi
export SERVICE_TOKEN = $ {SERVICE_TOKEN:-$ CONFIG_SERVICE_TOKEN}
if [[-z "$ SERVICE_TOKEN"]]; then
echo "No service token found."
echo "Set SERVICE_TOKEN manually from keystone.conf admin_token."
exit 1
fi
export SERVICE_ENDPOINT = $ {SERVICE_ENDPOINT: -http: //127.0.0.1: $ {CONFIG_ADMIN_PORT: -35357} /v2.0}
function get_id () {
echo `" $ @ "| grep 'id' | awk '{print $ 4}'`
}
# Tenants
ADMIN_TENANT = $ (get_id keystone tenant-create --name = admin)
SERVICE_TENANT = $ (get_id keystone tenant-create --name = service)
DEMO_TENANT = $ (get_id keystone tenant-create --name = demo)
# Users
ADMIN_USER = $ (get_id keystone user-create --name = admin \
--pass = "$ ADMIN_PASSWORD" \
--email=admin@example.com)
DEMO_USER = $ (get_id keystone user-create --name = demo \
--pass = "$ ADMIN_PASSWORD" \
--email=admin@example.com)
# Roles
ADMIN_ROLE = $ (get_id keystone role-create --name = admin)
MEMBER_ROLE = $ (get_id keystone role-create --name = Member)
KEYSTONEADMIN_ROLE = $ (get_id keystone role-create --name = KeystoneAdmin)
KEYSTONESERVICE_ROLE = $ (get_id keystone role-create --name = KeystoneServiceAdmin)
SYSADMIN_ROLE = $ (get_id keystone role-create --name = sysadmin)
# Add Roles to Users in Tenants
keystone user-role-add --user $ ADMIN_USER --role $ ADMIN_ROLE --tenant_id $ ADMIN_TENANT
keystone user-role-add --user $ DEMO_USER --role $ MEMBER_ROLE --tenant_id $ DEMO_TENANT
keystone user-role-add --user $ DEMO_USER --role $ SYSADMIN_ROLE --tenant_id $ DEMO_TENANT
keystone user-role-add --user $ ADMIN_USER --role $ ADMIN_ROLE --tenant_id $ DEMO_TENANT
# TODO (termie): these two might be dubious
keystone user-role-add --user $ ADMIN_USER --role $ KEYSTONEADMIN_ROLE --tenant_id $ ADMIN_TENANT
keystone user-role-add --user $ ADMIN_USER --role $ KEYSTONESERVICE_ROLE --tenant_id $ ADMIN_TENANT
# Services
KEYSTONE_SERVICE = $ (get_id \
keystone service-create --name = keystone \
--type = identity \
--description = "Keystone Identity Service")
if [[-n "$ ENABLE_ENDPOINTS"]]; then
keystone endpoint-create --region RegionOne --service_id $ KEYSTONE_SERVICE \
--publicurl 'http: // localhost: $ [public_port) s / v2.0' \
--adminurl 'http: // localhost: $ [admin_port) s / v2.0' \
--internalurl 'http: // localhost: $ [admin_port) s / v2.0'
fi
if [[-n "$ ENABLE_SWIFT"]]; then
SWIFT_SERVICE = $ (get_id keystone service-create --name = swift \
--type = "object-store" \
--description = "Swift Service")
SWIFT_USER = $ (get_id keystone user-create --name = swift \
--pass = "$ SERVICE_PASSWORD" \
--tenant_id $ SERVICE_TENANT \
--email=swift@example.com)
keystone user-role-add --tenant_id $ SERVICE_TENANT \
--user $ SWIFT_USER \
--role $ ADMIN_ROLE
keystone endpoint-create --region RegionOne --service_id $ SWIFT_SERVICE \
--publicurl 'http://192.168.112.129:8080/v1/AUTH_$(tenant_id)s' \
--adminurl 'http://192.168.112.129:8080/' \
--internalurl 'http://192.168.112.129:8080/v1/AUTH_$(tenant_id)s'
fi
Copy the above shell code to a file and execute it (in the Auth (Keystone) host).
It creates data for the following main relationships:
Tenant User Roles password
-------------------------------------------------- ---------
admin admin admin admin
service swift admin admin
demo admin admin admin
demo demo Member, sysadmin admin
Note: When creating a swift endpoint, each URL must point to a Proxy node, such as the above IP address (192.168.112.129). If there are multiple Proxy nodes, multiple endpoints need to be added.
8. Start the service of each node (operation under swift user)
Proxy node: swift-init proxy start
Storage nodes: swift-init all start
Auth (Keystone) node:
sudo screen -S keystone #Create a temporary terminal named keystone so that it can be hidden
Hide extra print information
su swift #Switch to swift user
keystone-all #A lot of information will be output here, which can be used during debugging
Quickly press the Ctrl + a Ctrl + d key, at this time will return a message similar to this [detached from
4334.key], remember the number of the red part, you can use the command to restore the original keystone temporary terminal: sudo screen -r 4334
9. Verification and use
a. Verify that the entire storage architecture is successful (operate on the Proxy node or the node where swift is installed)
swift -A http://192.168.112.133:5000/v2.0 -U admin -K admin stat -V 2
Successful execution will return information similar to the following:
Account: AUTH_308722b8cc8747a5afdd9b7b1f6155e8
Containers: 0
Objects: 0
Bytes: 0
Accept-Ranges: bytes
b. Test with curl
curl -d '{"auth": {"tenantName": "admin", "passwordCredentials": {"username": "admin", "password": "admin"}}}' -H "Content-type: application / json "http://192.168.112.133:35357/v2.0/tokens | python -mjson.tool