We are building a swift environment on our own these days. After reading some documents and combining my own practices, I wrote it down:
1. Physical Environment Description:
Linux: Ubuntu server 12.04 Proxy Server IP: 10.214.0.181storage server one: 10.214.0.179storage server two: 10.214.0.180storage server three: 10.214.0.182
2. important components:
Node: runs one or more object storage services.
Proxy node: Run proxy services
Auth node: Run auth Service
Storage: Run account, container, and object services.
Ring: A opening set from openstack object storage to physical devices.
Preparations on all nodes:
Install services
apt-get install swift openssh-server rsync memcached python-netifaces python-xattr python-memcache
Configuration path
mkdir -p /etc/swiftchown -R swift:swift /etc/swift/
Create a file Vim/etc/SWIFT. conf
[swift-hash]# random unique string that can never change (DO NOT LOSE)swift_hash_path_suffix = fLIbertYgibbitZ
3. install and configure storage nodes
Installation: storage node packages. All storage operations are required.
aptitude install swift-account swift-container swift-object xfsprogs
Create an XFS system partition. Of course, (this requires an empty partition). If the partition on the hard disk is used and the data is no longer needed, delete the partition and perform the following operations. Otherwise, adding a new hard disk is the most convenient choice. All storage operations are required.
fdisk /dev/sdb Command (m for help): nPartition type: p primary (0 primary, 0 extended, 4 free) e extendedSelect (default p): pPartition number (1-4, default 1): 1First sector (2048-488281249, default 2048): Using default value 2048Last sector, +sectors or +size{K,M,G} (2048-488281249, default 488281249): Using default value 488281249Command (m for help): pDisk /dev/sdb: 250.0 GB, 250000000000 bytes255 heads, 63 sectors/track, 30394 cylinders, total 488281250 sectorsUnits = sectors of 1 * 512 = 512 bytesSector size (logical/physical): 512 bytes / 512 bytesI/O size (minimum/optimal): 512 bytes / 512 bytesDisk identifier: 0x00000081 Device Boot Start End Blocks Id System/dev/sdb1 2048 488281249 244139601 83 LinuxCommand (m for help): wThe partition table has been altered!
Identify and mount a new partition:
Partprobe # If not, restart it.
mkdir -p /srv/node/sdb1
mkfs.xfs -i size=1024 /dev/sdb1 -fecho "/dev/sdb1 /srv/node/sdb1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstabmount /srv/node/sdb1
chown -R swift:swift /srv/node
Create and configure Vim/etc/rsyncd. conf
uid = swiftgid = swiftlog file = /var/log/rsyncd.logpid file = /var/run/rsyncd.pidaddress = 10.214.0.179[account]max connections = 2path = /srv/node/read only = falselock file = /var/lock/account.lock[container]max connections = 2path =/srv/node/read only = falselock file = /var/lock/container.lock[object]max connections = 2path = /srv/node/read only = falselock file = /var/lock/object.lock
Note: The Path writes the location of your actual (just created) partition. Change address to the address of the current storage.
Edit Vim/etc/default/rsync (set to start at startup)
RSYNC_ENABLE = true
Restart/start the service
service rsync restart
Create or check Vim/etc/SWIFT/account-server.conf
[DEFAULT]devices = /sdb1mount_check = false bind_port = 6002 user = swiftbind_ip = 0.0.0.0workers = 2[pipeline:main]pipeline = account-server[app:account-server]use = egg:swift#account[account-replicator][account-auditor][account-reaper]
Create or check Vim/etc/SWIFT/container-server.conf
[DEFAULT]devices = /sdb1mount_check = falsebind_ip = 0.0.0.0bind_port = 6001workers = 2[pipeline:main]pipeline = container-server[app:container-server]use = egg:swift#container[container-replicator][container-updater][container-auditor]
[container-sync]
Note: [container-Sync] is added. Do not forget it.
Create or check Vim/etc/SWIFT/object-server.conf
[DEFAULT]devices = /sdb1mount_check = falsebind_ip = 0.0.0.0bind_port = 6000workers = 2[pipeline:main]pipeline = object-server[app:object-server]use = egg:swift#object[object-replicator][object-updater][object-auditor]
Note: Object-expirer
Start storage service:
swift-init object-server restartswift-init object-replicator restartswift-init object-updater restartswift-init object-auditor restartswift-init container-server restartswift-init container-replicator restartswift-init container-updater restartswift-init container-auditor restartswift-init account-server restartswift-init account-replicator restartswift-init account-auditor restart
You can also use commands
swift-init all restart
4. install and configure proxy Node
apt-get install swift-proxy swift-doc memcached
Memcached is a high-performance distributed memory object Cache System for dynamic web applications to reduce database load. It caches data and objects in the memory to reduce the number of times the database is read, so as to provide dynamic, database-driven website speed. Memcached is based on a hashmap that stores key/value pairs. Its daemon is written in C, but the client can write it in any language and communicate with the daemon through memcached protocol.
Create a signature certificate for SSL
cd /etc/swiftopenssl req -new -x509 -nodes -out cert.crt -keyout cert.key
Modify/etc/memcched. conf
-L 127.0.0.1 # change to the IP address of the proxy node-l 10.214.0.181
Restart the memcached service.
service memcached restart
Create Vim/etc/SWIFT/proxy-server.conf
[DEFAULT]bind_port = 8080
bind_ip = 10.214.0.181user = swift
[pipeline:main]pipeline = catch_errors healthcheck cache authtoken keystone proxy-server[app:proxy-server]use = egg:swift#proxyaccount_autocreate = true[filter:keystone]paste.filter_factory = keystone.middleware.swift_auth:filter_factoryoperator_roles = admin, swiftoperator[filter:authtoken]paste.filter_factory = keystone.middleware.auth_token:filter_factory# Delaying the auth decision is required to support token-less# usage for anonymous referrers ('.r:*').delay_auth_decision = trueservice_port = 5000service_host = 10.214.0.179auth_port = 35357auth_host = 10.214.0.179auth_token =123456admin_token =123456auth_protocol = httpauth_uri = http://10.214.0.179:5000/admin_tenant_name = adminadmin_user = adminadmin_password = 123456[filter:cache]use = egg:swift#memcache
memcache_servers = 10.214.0.181:11211set log_name = cache[filter:catch_errors]use = egg:swift#catch_errors[filter:healthcheck]use = egg:swift#healthcheck
Note: If you run multiple memcache instances, add multiple IP addresses and ports to [filter: cache]. For example:
memcache_servers =10.1.2.3:11211,10.1.2.4:11211
If you do not want to use Keystone, you can replace it with the following Configuration:
[DEFAULT]bind_port =8080bind_ip = 10.214.0.181user = swift[pipeline:main]pipeline = healthcheck cache tempauth proxy-server[app:proxy-server]use = egg:swift#proxyallow_account_management = trueaccount_autocreate = true[filter:tempauth]use = egg:swift#tempauthuser_admin_admin = admin .admin .reseller_adminuser_test_tester = testing .adminuser_test2_tester2 = testing2 .adminuser_test_tester3 = testing3[filter:healthcheck]use = egg:swift#healthcheck[filter:cache]use = egg:swift#memcachememcache_servers = 10.214.0.181:11211
Create a ring, create an account, container, object ring, parameter 18 represents the "ring" is 2 ^ 18 (http://blog.csdn.net/zoushidexing/article/details/7852014), parameter 3 represents that each storage object has three copies, of course, if there are at least three storages and all services are on one node, write 1. Parameter 1 indicates that the partition can be moved once an hour (that is, the delay time ).
cd /etc/swiftswift-ring-builder account.builder create 18 3 1swift-ring-builder container.builder create 18 3 1swift-ring-builder object.builder create 18 3 1
Add a ring node. For example, a storage node created in zone 1 has an IP address of 10.214.0.182 and a partition of/sdb1. The path is in the path of the rsyncd. conf file. 100 indicates the weight of the device. You can set the corresponding value based on the disk capacity, for example, 100 of 2 TB, then 50 of 1 TB. The port must correspond to the port in the configuration file.
swift-ring-builder account.builder add z1-10.214.0.179:6002/sdb1 93swift-ring-builder container.builder add z1-10.214.0.179:6001/sdb1 93swift-ring-builder object.builder add z1-10.214.0.179:6000/sdb1 93
Note: Assume that there are several zones, and each zones has a node. The zone should start with 1 and increase with 1. Example: Swift-ring-builder account. Builder add z2-10.214.0.180: 6002/sdb1 28
(For the convenience of re-establishing the environment in the future, you can write them in VIM set_devices.sh: (a copy is also annoying .)
swift-ring-builder account.builder add z1-10.214.0.179:6002/sdb1 93swift-ring-builder container.builder add z1-10.214.0.179:6001/sdb1 93swift-ring-builder object.builder add z1-10.214.0.179:6010/sdb1 93swift-ring-builder account.builder add z2-10.214.0.180:6002/sdb1 28swift-ring-builder container.builder add z2-10.214.0.180:6001/sdb1 28swift-ring-builder object.builder add z2-10.214.0.180:6010/sdb1 28swift-ring-builder account.builder add z3-10.214.0.182:6002/sdb1 23swift-ring-builder container.builder add z3-10.214.0.182:6001/sdb1 23swift-ring-builder object.builder add z3-10.214.0.182:6000/sdb1 23swift-ring-builder account.builderswift-ring-builder container.builderswift-ring-builder object.builder
Run the script.
Sh set_devices.sh)
If you add an error and modify it, You can delete the account under/etc/SWIFT. builder, container. builder, object. after builder is created, the swift-ring-builder account is re-executed. builder create 18 3 1.
Verify the ring content
swift-ring-builder account.builder
swift-ring-builder container.builderswift-ring-builder object.builder
Balance rings
swift-ring-builder account.builder rebalanceswift-ring-builder container.builder rebalanceswift-ring-builder object.builder rebalance
The account.ring.gz file is generated in the current directory, and the account.ring.gz, container.ring.gz, and object.ring.gz files under/etc/SWIFT/are copied to each proxy node and storage node.
Determine the permissions of all configuration files:
chown -R swift:swift /etc/swift
Start proxy service
swift-init proxy restart
5. Restart the service
swift-init main restartswift-init rest restart
swift-init all restart
Proxy node: Swift-init proxy start
Storage nodes: Swift-init all start
6. (optional) add an additional Proxy Server
To improve reliability, you can add additional proxy servers. The installation process is similar to the preceding process of installing proxy node. However, some configuration is required.
Once you have multiple proxies, you may need to use Server Load balancer. There are a variety of Load Balancing Methods to choose from, such as: Round Robin, add a Load balancer before the proxy, specify a specific storage.
Some configuration is required to add a proxy. Of course, these configurations must be performed simultaneously on the proxy.
Update the/etc/SWIFT/proxy-server.conf file. If multiple memcache servers are used, add IP addresses as follows.
[filter:cache]use = egg:swift#memcachememcache_servers = 10.214.0.179:11211,10.214.0.182:11211
Change the default default_cluster_url to the URL of the Server Load balancer to replace the one that was first created in/etc/SWIFT/proxy-server.conf configuration.
[app:auth-server]use = egg:swift#authdefault_cluster_url = https://10.214.0.180/v1# Highly recommended to change this key to something else!super_admin_key = devauth
When you change the default_cluster_url setting, you need to delete the auth database and recreate the users of the openstack Object Storage. Alternatively, you can manually update the correct URL for each account in the auth database.
Next, copy the ring information to all the points, including the new proxy node. Make sure that the ring can reach all storage nodes.
After synchronizing all nodes, make sure that admin has a key in/etc/swift and has full permissions on the ring file.
7. Verify the settings.
Use the correct Service Identity Service URL to import the settings for adminpass through export adminpass = secretword. (Users and passwords can be viewed through the proxy-server.conf)
swift -V 2 -A http://10.214.0.179:5000/v2.0 -U service:swift -K 123456 stat
Obtain an X-storage-URL and X-auth-Token.
curl -k -v -H 'X-Storage-User: adminUser:admin' -H 'X-Storage-Pass: $ADMINPASS' http://<AUTH_HOSTNAME>:5000/auth/v1.0
For example:
curl -v -H 'X-Storage-User: test:tester' -H 'X-Storage-Pass: testing' http://10.214.0.181:8080/auth/v1.0
Check your de account
curl -k -v -H 'X-Auth-Token: <token-from-x-auth-token-above>' <url-from-xstorage-url-above>
For example:
Use swift to delete some small files and name them 'bigfile [1-2]. tgz' to give a iner named 'myfiles ':
$ swift -A http://<AUTH_HOSTNAME>:5000/v2.0 -U adminUser:admin -K $ADMINPASSupload myfiles bigfile1.tgz$ swift -A http://<AUTH_HOSTNAME>:5000/v2.0 -U adminUser:admin -K $ADMINPASSupload myfiles bigfile2.tgz
Use swift to download all files from 'myfiles' iner
$ swift -A http://<AUTH_HOSTNAME>:5000/v2.0 -U adminUser:admin -K $ADMINPASSdownload myfiles
8. Error resolution prompt
If any problem occurs, you can view the log file var/log/syslog.
At the same time, there will also be error logs in/var/log/Kern. log.
Pay attention to port usage. During the installation, port 8080 is occupied, which makes a lot of strange situations.
The command to view the port is:
netstat -anp | grep 8080
If your service cannot be started and the port is still occupied, kill the idnumber of the process you can see with the view PORT command.
Link:
Keystone user-role-add -- User 83cd80b4244811848265cd012dffb7 -- tenant_id %4546967574be38aaa08faca23c32d -- Role %
Endpoint configuration reminder again, the above service ID needs to be replaced with the ID of the service you created, the authxxxx in publicurl and internalurl, here, xxxx needs to be replaced with your admintenant ID. For the format here, refer to the format defined in swift \ _ Auth. There is a reseller_prefix setting. Here we set it to auth.
Keystone endpoint-create -- region regionone \
-- Service_id c7a8827347ef4364af3b6809a174c6bb \
-- Publicurl http: // 10.214.0.181: 8080/V1/auth_3804546967574be38aaa08faca23c32d \
-- Adminurl http: // 10.214.0.181: 8080 \
-- Internalurl http: // 10.214.0.181: 8080/V1/auth_3804546967574be38aaa08faca23c32d
9. Common commands
View File statistics
Create a folder
swift -V 2 -A http://10.214.0.179:5000/v2.0 -U service:swift -K 123456 post myfiles
Myfiles is the name of the folder.
Upload files
swift -V 2 -A http://10.214.0.179:5000/v2.0 -U service:swift -K 123456 upload myfiles set_devices.sh
Set_devices.sh is the file name.
Download files
swift -V 2 -A http://10.214.0.179:5000/v2.0 -U service:swift -K 123456 download myfiles set_devices.sh
References:
Official documents: http://docs.openstack.org/essex/openstack-compute/install/apt/openstack-install-guide-essex.pdf
[Openstack] swift installation and configuration process (all in one): http://bbs.linuxtone.org/thread-16276-1-1.html for atkisc
Install swift1.4.8: http://www.cnblogs.com/free--coder/archive/2012/05/28/2521135.html on Ubuntu 12.04 lts of free_coder
Cywosp using swauth multi-node installation swift: http://blog.csdn.net/cywosp/article/details/7428769 and http://blog.csdn.net/cywosp/article/details/7439440
Quyun's swift deployment and Dynamic Scaling: http://blog.lightcloud.cn /? Sec-4.1 = 68 #
Openstack hands on lab 2: swift installation and use keystone for authentication: http://liangbo.me/index.php/2012/03/29/openstack-hands-on-lab-2-swift-installation-with-keystone/