Install the swift component of openstack on Ubuntu-installing openstack Object Storage

We are building a swift environment on our own these days. After reading some documents and combining my own practices, I wrote it down:

1. Physical Environment Description:

Linux: Ubuntu server 12.04 Proxy Server IP: 10.214.0.181storage server one: 10.214.0.179storage server two: 10.214.0.180storage server three: 10.214.0.182

2. important components:

Node: runs one or more object storage services.

Proxy node: Run proxy services

Auth node: Run auth Service

Storage: Run account, container, and object services.

Ring: A opening set from openstack object storage to physical devices.

Preparations on all nodes:

Install services

apt-get install swift openssh-server rsync memcached python-netifaces python-xattr python-memcache

Configuration path

mkdir -p /etc/swiftchown -R swift:swift /etc/swift/

Create a file Vim/etc/SWIFT. conf

[swift-hash]# random unique string that can never change (DO NOT LOSE)swift_hash_path_suffix = fLIbertYgibbitZ

3. install and configure storage nodes

Installation: storage node packages. All storage operations are required.

aptitude install swift-account swift-container swift-object xfsprogs

Create an XFS system partition. Of course, (this requires an empty partition). If the partition on the hard disk is used and the data is no longer needed, delete the partition and perform the following operations. Otherwise, adding a new hard disk is the most convenient choice. All storage operations are required.

fdisk /dev/sdb Command (m for help): nPartition type:   p   primary (0 primary, 0 extended, 4 free)   e   extendedSelect (default p): pPartition number (1-4, default 1): 1First sector (2048-488281249, default 2048): Using default value 2048Last sector, +sectors or +size{K,M,G} (2048-488281249, default 488281249): Using default value 488281249Command (m for help): pDisk /dev/sdb: 250.0 GB, 250000000000 bytes255 heads, 63 sectors/track, 30394 cylinders, total 488281250 sectorsUnits = sectors of 1 * 512 = 512 bytesSector size (logical/physical): 512 bytes / 512 bytesI/O size (minimum/optimal): 512 bytes / 512 bytesDisk identifier: 0x00000081   Device Boot      Start         End      Blocks   Id  System/dev/sdb1            2048   488281249   244139601   83  LinuxCommand (m for help): wThe partition table has been altered!

Identify and mount a new partition:

Partprobe # If not, restart it.

mkdir -p /srv/node/sdb1

mkfs.xfs -i size=1024 /dev/sdb1 -fecho "/dev/sdb1 /srv/node/sdb1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstabmount /srv/node/sdb1

chown -R swift:swift /srv/node

Create and configure Vim/etc/rsyncd. conf

uid = swiftgid = swiftlog file = /var/log/rsyncd.logpid file = /var/run/rsyncd.pidaddress = 10.214.0.179[account]max connections = 2path = /srv/node/read only = falselock file = /var/lock/account.lock[container]max connections = 2path =/srv/node/read only = falselock file = /var/lock/container.lock[object]max connections = 2path = /srv/node/read only = falselock file = /var/lock/object.lock

Note: The Path writes the location of your actual (just created) partition. Change address to the address of the current storage.

Edit Vim/etc/default/rsync (set to start at startup)

RSYNC_ENABLE = true

Restart/start the service

service rsync restart

Create or check Vim/etc/SWIFT/account-server.conf

[DEFAULT]devices = /sdb1mount_check = false  bind_port = 6002  user = swiftbind_ip = 0.0.0.0workers = 2[pipeline:main]pipeline = account-server[app:account-server]use = egg:swift#account[account-replicator][account-auditor][account-reaper]

Create or check Vim/etc/SWIFT/container-server.conf

[DEFAULT]devices = /sdb1mount_check = falsebind_ip = 0.0.0.0bind_port = 6001workers = 2[pipeline:main]pipeline = container-server[app:container-server]use = egg:swift#container[container-replicator][container-updater][container-auditor]

[container-sync]

Note: [container-Sync] is added. Do not forget it.

Create or check Vim/etc/SWIFT/object-server.conf

[DEFAULT]devices = /sdb1mount_check = falsebind_ip = 0.0.0.0bind_port = 6000workers = 2[pipeline:main]pipeline = object-server[app:object-server]use = egg:swift#object[object-replicator][object-updater][object-auditor]

Note: Object-expirer

Start storage service:

swift-init object-server restartswift-init object-replicator restartswift-init object-updater restartswift-init object-auditor restartswift-init container-server restartswift-init container-replicator restartswift-init container-updater restartswift-init container-auditor restartswift-init account-server restartswift-init account-replicator restartswift-init account-auditor restart

You can also use commands

swift-init all restart

4. install and configure proxy Node

apt-get install swift-proxy swift-doc memcached

Memcached is a high-performance distributed memory object Cache System for dynamic web applications to reduce database load. It caches data and objects in the memory to reduce the number of times the database is read, so as to provide dynamic, database-driven website speed. Memcached is based on a hashmap that stores key/value pairs. Its daemon is written in C, but the client can write it in any language and communicate with the daemon through memcached protocol.

Create a signature certificate for SSL

cd /etc/swiftopenssl req -new -x509 -nodes -out cert.crt -keyout cert.key

Modify/etc/memcched. conf

-L 127.0.0.1 # change to the IP address of the proxy node-l 10.214.0.181

Restart the memcached service.

service memcached restart

Create Vim/etc/SWIFT/proxy-server.conf

[DEFAULT]bind_port = 8080

bind_ip = 10.214.0.181user = swift

[pipeline:main]pipeline = catch_errors healthcheck cache authtoken keystone proxy-server[app:proxy-server]use = egg:swift#proxyaccount_autocreate = true[filter:keystone]paste.filter_factory = keystone.middleware.swift_auth:filter_factoryoperator_roles = admin, swiftoperator[filter:authtoken]paste.filter_factory = keystone.middleware.auth_token:filter_factory# Delaying the auth decision is required to support token-less# usage for anonymous referrers ('.r:*').delay_auth_decision = trueservice_port = 5000service_host = 10.214.0.179auth_port = 35357auth_host = 10.214.0.179auth_token =123456admin_token =123456auth_protocol = httpauth_uri = http://10.214.0.179:5000/admin_tenant_name = adminadmin_user = adminadmin_password = 123456[filter:cache]use = egg:swift#memcache

memcache_servers = 10.214.0.181:11211set log_name = cache[filter:catch_errors]use = egg:swift#catch_errors[filter:healthcheck]use = egg:swift#healthcheck

Note: If you run multiple memcache instances, add multiple IP addresses and ports to [filter: cache]. For example:

memcache_servers =10.1.2.3:11211,10.1.2.4:11211

If you do not want to use Keystone, you can replace it with the following Configuration:

[DEFAULT]bind_port =8080bind_ip = 10.214.0.181user = swift[pipeline:main]pipeline = healthcheck cache tempauth proxy-server[app:proxy-server]use = egg:swift#proxyallow_account_management = trueaccount_autocreate = true[filter:tempauth]use = egg:swift#tempauthuser_admin_admin = admin .admin .reseller_adminuser_test_tester = testing .adminuser_test2_tester2 = testing2 .adminuser_test_tester3 = testing3[filter:healthcheck]use = egg:swift#healthcheck[filter:cache]use = egg:swift#memcachememcache_servers = 10.214.0.181:11211

Create a ring, create an account, container, object ring, parameter 18 represents the "ring" is 2 ^ 18 (http://blog.csdn.net/zoushidexing/article/details/7852014), parameter 3 represents that each storage object has three copies, of course, if there are at least three storages and all services are on one node, write 1. Parameter 1 indicates that the partition can be moved once an hour (that is, the delay time ).

cd /etc/swiftswift-ring-builder account.builder create 18 3 1swift-ring-builder container.builder create 18 3 1swift-ring-builder object.builder create 18 3 1

Add a ring node. For example, a storage node created in zone 1 has an IP address of 10.214.0.182 and a partition of/sdb1. The path is in the path of the rsyncd. conf file. 100 indicates the weight of the device. You can set the corresponding value based on the disk capacity, for example, 100 of 2 TB, then 50 of 1 TB. The port must correspond to the port in the configuration file.

swift-ring-builder account.builder add z1-10.214.0.179:6002/sdb1 93swift-ring-builder container.builder add z1-10.214.0.179:6001/sdb1 93swift-ring-builder object.builder add z1-10.214.0.179:6000/sdb1 93

Note: Assume that there are several zones, and each zones has a node. The zone should start with 1 and increase with 1. Example: Swift-ring-builder account. Builder add z2-10.214.0.180: 6002/sdb1 28

(For the convenience of re-establishing the environment in the future, you can write them in VIM set_devices.sh: (a copy is also annoying .)

swift-ring-builder account.builder add z1-10.214.0.179:6002/sdb1 93swift-ring-builder container.builder add z1-10.214.0.179:6001/sdb1 93swift-ring-builder object.builder add z1-10.214.0.179:6010/sdb1 93swift-ring-builder account.builder add z2-10.214.0.180:6002/sdb1 28swift-ring-builder container.builder add z2-10.214.0.180:6001/sdb1 28swift-ring-builder object.builder add z2-10.214.0.180:6010/sdb1 28swift-ring-builder account.builder add z3-10.214.0.182:6002/sdb1 23swift-ring-builder container.builder add z3-10.214.0.182:6001/sdb1 23swift-ring-builder object.builder add z3-10.214.0.182:6000/sdb1 23swift-ring-builder account.builderswift-ring-builder container.builderswift-ring-builder object.builder

Run the script.

Sh set_devices.sh)

If you add an error and modify it, You can delete the account under/etc/SWIFT. builder, container. builder, object. after builder is created, the swift-ring-builder account is re-executed. builder create 18 3 1.

Verify the ring content

swift-ring-builder account.builder

swift-ring-builder container.builderswift-ring-builder object.builder

Balance rings

swift-ring-builder account.builder rebalanceswift-ring-builder container.builder rebalanceswift-ring-builder object.builder rebalance

The account.ring.gz file is generated in the current directory, and the account.ring.gz, container.ring.gz, and object.ring.gz files under/etc/SWIFT/are copied to each proxy node and storage node.

Determine the permissions of all configuration files:

chown -R swift:swift /etc/swift

Start proxy service

swift-init proxy restart

5. Restart the service

swift-init main restartswift-init rest restart

swift-init all restart

Proxy node: Swift-init proxy start

Storage nodes: Swift-init all start

6. (optional) add an additional Proxy Server

To improve reliability, you can add additional proxy servers. The installation process is similar to the preceding process of installing proxy node. However, some configuration is required.

Once you have multiple proxies, you may need to use Server Load balancer. There are a variety of Load Balancing Methods to choose from, such as: Round Robin, add a Load balancer before the proxy, specify a specific storage.

Some configuration is required to add a proxy. Of course, these configurations must be performed simultaneously on the proxy.

Update the/etc/SWIFT/proxy-server.conf file. If multiple memcache servers are used, add IP addresses as follows.

[filter:cache]use = egg:swift#memcachememcache_servers = 10.214.0.179:11211,10.214.0.182:11211

Change the default default_cluster_url to the URL of the Server Load balancer to replace the one that was first created in/etc/SWIFT/proxy-server.conf configuration.

[app:auth-server]use = egg:swift#authdefault_cluster_url = https://10.214.0.180/v1# Highly recommended to change this key to something else!super_admin_key = devauth

When you change the default_cluster_url setting, you need to delete the auth database and recreate the users of the openstack Object Storage. Alternatively, you can manually update the correct URL for each account in the auth database.

Next, copy the ring information to all the points, including the new proxy node. Make sure that the ring can reach all storage nodes.

After synchronizing all nodes, make sure that admin has a key in/etc/swift and has full permissions on the ring file.

7. Verify the settings.

Use the correct Service Identity Service URL to import the settings for adminpass through export adminpass = secretword. (Users and passwords can be viewed through the proxy-server.conf)

swift -V 2 -A http://10.214.0.179:5000/v2.0 -U service:swift -K 123456 stat

Obtain an X-storage-URL and X-auth-Token.

curl -k -v -H 'X-Storage-User: adminUser:admin' -H 'X-Storage-Pass: $ADMINPASS' http://<AUTH_HOSTNAME>:5000/auth/v1.0

For example:

curl -v -H 'X-Storage-User: test:tester' -H 'X-Storage-Pass: testing' http://10.214.0.181:8080/auth/v1.0

Check your de account

curl -k -v -H 'X-Auth-Token: <token-from-x-auth-token-above>' <url-from-xstorage-url-above>

For example:

Use swift to delete some small files and name them 'bigfile [1-2]. tgz' to give a iner named 'myfiles ':

$ swift -A http://<AUTH_HOSTNAME>:5000/v2.0 -U adminUser:admin -K $ADMINPASSupload myfiles bigfile1.tgz$ swift -A http://<AUTH_HOSTNAME>:5000/v2.0 -U adminUser:admin -K $ADMINPASSupload myfiles bigfile2.tgz

Use swift to download all files from 'myfiles' iner

$ swift -A http://<AUTH_HOSTNAME>:5000/v2.0 -U adminUser:admin -K $ADMINPASSdownload myfiles

8. Error resolution prompt

If any problem occurs, you can view the log file var/log/syslog.

At the same time, there will also be error logs in/var/log/Kern. log.

Pay attention to port usage. During the installation, port 8080 is occupied, which makes a lot of strange situations.

The command to view the port is:

netstat -anp | grep 8080

If your service cannot be started and the port is still occupied, kill the idnumber of the process you can see with the view PORT command.

Link:

Keystone user-role-add -- User 83cd80b4244811848265cd012dffb7 -- tenant_id %4546967574be38aaa08faca23c32d -- Role %

Endpoint configuration reminder again, the above service ID needs to be replaced with the ID of the service you created, the authxxxx in publicurl and internalurl, here, xxxx needs to be replaced with your admintenant ID. For the format here, refer to the format defined in swift \ _ Auth. There is a reseller_prefix setting. Here we set it to auth.

Keystone endpoint-create -- region regionone \
-- Service_id c7a8827347ef4364af3b6809a174c6bb \
-- Publicurl http: // 10.214.0.181: 8080/V1/auth_3804546967574be38aaa08faca23c32d \
-- Adminurl http: // 10.214.0.181: 8080 \
-- Internalurl http: // 10.214.0.181: 8080/V1/auth_3804546967574be38aaa08faca23c32d

9. Common commands

View File statistics

Create a folder

swift -V 2 -A http://10.214.0.179:5000/v2.0 -U service:swift -K 123456 post myfiles

Myfiles is the name of the folder.

Upload files

 swift -V 2 -A http://10.214.0.179:5000/v2.0 -U service:swift -K 123456 upload myfiles set_devices.sh

Set_devices.sh is the file name.

Download files

swift -V 2 -A http://10.214.0.179:5000/v2.0 -U service:swift -K 123456 download  myfiles set_devices.sh 

References:

Official documents: http://docs.openstack.org/essex/openstack-compute/install/apt/openstack-install-guide-essex.pdf

[Openstack] swift installation and configuration process (all in one): http://bbs.linuxtone.org/thread-16276-1-1.html for atkisc

Install swift1.4.8: http://www.cnblogs.com/free--coder/archive/2012/05/28/2521135.html on Ubuntu 12.04 lts of free_coder

Cywosp using swauth multi-node installation swift: http://blog.csdn.net/cywosp/article/details/7428769 and http://blog.csdn.net/cywosp/article/details/7439440

Quyun's swift deployment and Dynamic Scaling: http://blog.lightcloud.cn /? Sec-4.1 = 68 #

Openstack hands on lab 2: swift installation and use keystone for authentication: http://liangbo.me/index.php/2012/03/29/openstack-hands-on-lab-2-swift-installation-with-keystone/