Server1 1.Update sudo apt-get update sudo apt-get upgrade 2. sudo apt-get install bridge-utils 3.IP 3.1 sudo vi /etc/network/interfaces ---------------------------------------------- auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.75.110 netmask 255.255.255.0 broadcast 192.168.75.255 gateway 192.168.75.2 dns-nameservers 192.168.75.2 auto eth1 iface eth1 inet static address 192.168.4.1 netmask 255.255.255.0 network 192.168.4.0 broadcast 192.168.4.255 3.2 sudo /etc/init.d/networking restart 4.NTP Server 4.1 sudo apt-get install ntp 4.2 sudo vi /etc/ntp.conf -------------------------------- server ntp.ubuntu.com server 127.127.1.0 fudge 127.127.1.0 stratum 10 4.3 sudo service ntp restart 5.database 5.1 sudo apt-get install mysql-server python-mysqldb 设置密码:gis 5.2 sudo vi /etc/mysql/my.cnf ------------------------------------- bind-address = 0.0.0.0 5.3 sudo restart mysql sudo mysql -u root -p use mysql select host, user, password from user; delete from user where user='root' and host='localhost'; delete from user where user='root' and host='::1'; delete from user where user='root' and host='127.0.0.1'; delete from user where user=''; update user set host='%' where user='root'; commit; sudo restart mysql 5.4 sudo mysql -u root -p -e 'CREATE DATABASE keystone;' 5.5 sudo mysql -u root -p -e 'CREATE USER keystone;' 5.6 sudo mysql -u root -p -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%';" sudo mysql -u root -p -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost'" 5.7 sudo mysql -u root -p -e "SET PASSWORD FOR 'keystone'@'%' = PASSWORD('gis');" 6. sudo apt-get install keystone 6.1 sudo rm /var/lib/keystone/keystone.db 6.2 sudo vi /etc/keystone/keystone.conf bind_host = 0.0.0.0 public_port = 5000 admin_port = 35357 admin_token = 012345SECRET99TOKEN012345 compute_port = 8774 verbose = True debug = True log_config = /etc/keystone/logging.conf use_syslog = False connection = mysql://keystone:gis@192.168.75.110/keystone 6.3 sudo keystone-manage pki_setup sudo chown -R keystone:keystone /etc/keystone/ sudo chmod g+rx,o+rx -R /etc/keystone/ sudo chmod -R g+rwx,o+rwx /var/log/keystone/ 6.4 sudo service keystone restart 6.5 sudo keystone-manage db_sync 7 identity 7.1 export OS_SERVICE_TOKEN=012345SECRET99TOKEN012345 export OS_SERVICE_ENDPOINT=http://192.168.75.110:35357/v2.0 keystone tenant-create --name demo --description "Default Tenant" +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Default Tenant | | enabled | True | | id | 3b440084158a42c0917603e066261aaf | | name | demo | +-------------+----------------------------------+ keystone user-create --tenant-id 3b440084158a42c0917603e066261aaf --name admin --pass secrete +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | email | | | enabled | True | | id | d99081655e834ded8abea8e6f6e111bb | | name | admin | | tenantId | 3b440084158a42c0917603e066261aaf | +----------+----------------------------------+ keystone role-create --name admin +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | id | c55516c9bcae400bad38b96e98e35279 | | name | admin | +----------+----------------------------------+ keystone user-role-add --user-id d99081655e834ded8abea8e6f6e111bb --tenant-id 3b440084158a42c0917603e066261aaf --role-id c55516c9bcae400bad38b96e98e35279 7.2 keystone tenant-create --name service --description "Service Tenant" +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Service Tenant | | enabled | True | | id | d5f00c8160b94fc5acdf2f2a79d790dc | | name | service | +-------------+----------------------------------+ keystone user-create --tenant-id d5f00c8160b94fc5acdf2f2a79d790dc --name glance --pass glance +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | email | | | enabled | True | | id | 2d16d19937fd4f3eba46a48d0a5d1c90 | | name | glance | | tenantId | d5f00c8160b94fc5acdf2f2a79d790dc | +----------+----------------------------------+ keystone user-role-add --user-id 2d16d19937fd4f3eba46a48d0a5d1c90 --tenant-id d5f00c8160b94fc5acdf2f2a79d790dc --role-id c55516c9bcae400bad38b96e98e35279 keystone user-create --tenant-id d5f00c8160b94fc5acdf2f2a79d790dc --name ec2 --pass ec2 +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | email | | | enabled | True | | id | 2782536bd49a4802a575301ccdb44324 | | name | ec2 | | tenantId | d5f00c8160b94fc5acdf2f2a79d790dc | +----------+----------------------------------+ keystone user-role-add --user-id 2782536bd49a4802a575301ccdb44324 --tenant-id d5f00c8160b94fc5acdf2f2a79d790dc --role-id c55516c9bcae400bad38b96e98e35279 keystone user-create --tenant-id d5f00c8160b94fc5acdf2f2a79d790dc --name swift --pass swiftpass +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | email | | | enabled | True | | id | cdee582c005745808f064ceea1e20953 | | name | swift | | tenantId | d5f00c8160b94fc5acdf2f2a79d790dc | +----------+----------------------------------+ keystone user-role-add --user-id cdee582c005745808f064ceea1e20953 --tenant-id d5f00c8160b94fc5acdf2f2a79d790dc --role-id c55516c9bcae400bad38b96e98e35279 7.3 keystone service-create --name=keystone --type=identity --description="Identity Service" +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Identity Service | | id | c697cfd78fa14b8eaf296af2569b711c | | name | keystone | | type | identity | +-------------+----------------------------------+ keystone endpoint-create --region RegionOne --service-id=c697cfd78fa14b8eaf296af2569b711c --publicurl=http://192.168.75.110:5000/v2.0 --internalurl=http://192.168.75.110:5000/v2.0 --adminurl=http://192.168.75.110:35357/v2.0 +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | adminurl | http://192.168.75.110:35357/v2.0 | | id | 6a32df6c6c714e30a9830cfe39e8d64f | | internalurl | http://192.168.75.110:5000/v2.0 | | publicurl | http://192.168.75.110:5000/v2.0 | | region | RegionOne | | service_id | c697cfd78fa14b8eaf296af2569b711c | +-------------+----------------------------------+ keystone service-create --name=ec2 --type=ec2 --description="EC2 Compatibility Layer" +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | EC2 Compatibility Layer | | id | 528b19e43cec466192c770c26d3a73a3 | | name | ec2 | | type | ec2 | +-------------+----------------------------------+ keystone --token 012345SECRET99TOKEN012345 --endpoint http://192.168.75.110:35357/v2.0/ endpoint-create --region RegionOne --service-id=528b19e43cec466192c770c26d3a73a3 --publicurl=http://192.168.75.110:8773/services/Cloud --internalurl=http://192.168.75.110:8773/services/Cloud --adminurl=http://192.168.75.110:8773/services/Admin +-------------+-------------------------------------------+ | Property | Value | +-------------+-------------------------------------------+ | adminurl | http://192.168.75.110:8773/services/Admin | | id | 64007630d09c450a8418985c98dbcd07 | | internalurl | http://192.168.75.110:8773/services/Cloud | | publicurl | http://192.168.75.110:8773/services/Cloud | | region | RegionOne | | service_id | 528b19e43cec466192c770c26d3a73a3 | +-------------+-------------------------------------------+ keystone service-create --name=swift --type=object-store --description="Object Storage Service" +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Object Storage Service | | id | b162fbd8a371465bba07b9c0ea3f9c32 | | name | swift | | type | object-store | +-------------+----------------------------------+ keystone endpoint-create --region RegionOne --service-id=b162fbd8a371465bba07b9c0ea3f9c32 --publicurl 'http://192.168.75.110:8888/v1/AUTH_%(tenant_id)s' --adminurl 'http://192.168.75.110:8888/v1' --internalurl 'http://192.168.75.110:8888/v1/AUTH_%(tenant_id)s' +-------------+--------------------------------------------------+ | Property | Value | +-------------+--------------------------------------------------+ | adminurl | http://192.168.75.110:8888/v1 | | id | 5eb5295ee08d4967838f2b8f3fd44939 | | internalurl | http://192.168.75.110:8888/v1/AUTH_%(tenant_id)s | | publicurl | http://192.168.75.110:8888/v1/AUTH_%(tenant_id)s | | region | RegionOne | | service_id | b162fbd8a371465bba07b9c0ea3f9c32 | +-------------+--------------------------------------------------+ 8. unset OS_SERVICE_TOKEN unset OS_SERVICE_ENDPOINT 9. keystone --os-auth-url=http://192.168.75.110:35357/v2.0 token-get keystone --os-username=admin --os-password=secrete --os-auth-url=http://192.168.75.110:35357/v2.0 token-get keystone --os-username=admin --os-password=secrete --os-tenant-name=demo --os-auth-url=http://192.168.75.110:35357/v2.0 token-get keystone --os-username=admin --os-password=secrete --os-auth-url=http://192.168.75.110:35357/v2.0 token-get keystone --os-username=admin --os-password=secrete --os-tenant-name=service --os-auth-url=http://192.168.75.110:35357/v2.0 token-get 11. vi keystonerc export OS_USERNAME=swift export OS_PASSWORD=swiftpass export OS_TENANT_NAME=service export OS_AUTH_URL=http://192.168.75.110:35357/v2.0 export OS_REGION_NAME=RegionOne export OS_SERVICE_TOKEN=012345SECRET99TOKEN012345 export OS_SERVICE_ENDPOINT=http://192.168.75.110:35357/v2.0 export OS_USERNAME=admin export OS_PASSWORD=secrete export OS_TENANT_NAME=demo export OS_AUTH_URL=http://192.168.75.110:35357/v2.0 source keystonerc 12. keystone user-list keystone role-list -------------------------------------Server1, Server2, Server3, Server4---------------------------------------------------- 1.安装SSH和Swift的核心包 sudo apt-get install swift openssh-server rsync memcached python-netifaces python-xattr python-memcache 2.在所有节点上创创建配置文件目录 sudo mkdir -p /etc/swift sudo chown -R swift:swift /etc/swift/ 3. 在所有节点上创创建swift配置文件(/etc/swift/swift.conf) sudo vi /etc/swift/swift.conf [swift-hash] # random unique string that can never change (DO NOT LOSE) swift_hash_path_suffix = fLIbertYgibbitZ sudo chown -R swift:swift /etc/swift/ ------------------------------------Server 2, Server 3, Server 4----------------------------------------------------------- 1.在所有存贮节点上安装Swift包 sudo apt-get install swift-account swift-container swift-object xfsprogs 2. 建立XFS文件系统存贮 sudo fdisk /dev/sdb //#然后一次选择 n, p, 1, 默认, 默认, w sudo mkfs.xfs -f -i size=1024 /dev/sdb1 ( 命令格式: sudo mkfs -t ext3 /dev/sdb1 ) sudo mkdir -p /srv/node/sdb1 sudo echo "/dev/sdb1 /srv/node/sdb1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab sudo mount /srv/node/sdb1 sudo chown -R swift:swift /srv/node 3. 创建数据同步配置文件(/etc/rsyncd.conf) sudo vi /etc/rsyncd.conf uid = swift gid = swift log file = /var/log/rsyncd.log pid file = /var/run/rsyncd.pid address = 192.168.4.2 或 192.168.4.3 或 192.168.4.4 [account] max connections = 2 path = /srv/node/ read only = false lock file = /var/lock/account.lock [container] max connections = 2 path = /srv/node/ read only = false lock file = /var/lock/container.lock [object] max connections = 2 path = /srv/node/ read only = false lock file = /var/lock/object.lock 4.启用系统同步 sudo vi /etc/default/rsync RSYNC_ENABLE = true sudo service rsync start 5.创建目录 sudo mkdir -p /var/swift/recon sudo chown -R swift:swift /var/swift/recon ---------------------------------------------------Server 1---------------------------------------------------------- 1.安装swift-proxy节点包 sudo apt-get install swift-proxy memcached python-keystoneclient python-swiftclient python-webob 2.生成SSL认证文件 cd /etc/swift sudo openssl req -new -x509 -nodes -out cert.crt -keyout cert.key 3.修改缓存配置文件 sudo vi /etc/memcached.conf 将 -l 127.0.0.1 改为 -l 192.168.4.1 4.重启缓存服务 sudo service memcached restart 5.修改swift-proxy缓存配置文件 sudo vi /etc/swift/proxy-server.conf [DEFAULT] cert_file = /etc/swift/cert.crt key_file = /etc/swift/cert.key bind_port = 8888 user = swift [pipeline:main] pipeline = healthcheck cache authtoken keystoneauth proxy-server [app:proxy-server] use = egg:swift#proxy allow_account_management = true account_autocreate = true [filter:keystoneauth] use = egg:swift#keystoneauth operator_roles = Member,admin,swiftoperator [filter:authtoken] paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory # Delaying the auth decision is required to support token-less # usage for anonymous referrers ('.r:*'). delay_auth_decision = true # cache directory for signing certificate signing_dir = /home/swift/keystone-signing # auth_* settings refer to the Keystone server auth_protocol = http auth_host = 192.168.75.110 auth_port = 35357 # the same admin_token as provided in keystone.conf admin_token = 012345SECRET99TOKEN012345 # the service tenant and swift userid and password created in Keystone admin_tenant_name = service admin_user = swift admin_password = swiftpass [filter:cache] use = egg:swift#memcache memcache_servers = 192.168.75.110:11211 [filter:catch_errors] use = egg:swift#catch_errors [filter:healthcheck] use = egg:swift#healthcheck 6. 创建swift的认证目录 sudo mkdir -p /home/swift/keystone-signing sudo chown -R swift:swift /home/swift/keystone-signing 7.创建account, container, object的ring cd /etc/swift sudo swift-ring-builder account.builder create 18 3 24 sudo swift-ring-builder container.builder create 18 3 24 sudo swift-ring-builder object.builder create 18 3 24 8. 将存贮实体加入到环中 sudo swift-ring-builder account.builder add z1-192.168.4.2:6002/sdb1 100 sudo swift-ring-builder container.builder add z1-192.168.4.2:6001/sdb1 100 sudo swift-ring-builder object.builder add z1-192.168.4.2:6000/sdb1 100 sudo swift-ring-builder account.builder add z2-192.168.4.3:6002/sdb1 100 sudo swift-ring-builder container.builder add z2-192.168.4.3:6001/sdb1 100 sudo swift-ring-builder object.builder add z2-192.168.4.3:6000/sdb1 100 sudo swift-ring-builder account.builder add z3-192.168.4.4:6002/sdb1 100 sudo swift-ring-builder container.builder add z3-192.168.4.4:6001/sdb1 100 sudo swift-ring-builder object.builder add z3-192.168.4.4:6000/sdb1 100 9. 查看各个环 sudo swift-ring-builder account.builder sudo swift-ring-builder container.builder sudo swift-ring-builder object.builder 10. 平衡各个环 sudo swift-ring-builder account.builder rebalance sudo swift-ring-builder container.builder rebalance sudo swift-ring-builder object.builder rebalance 11. 将生成的环信息复制到Proxy节点与Storage节点的/etc/swift目录下 account.ring.gz container.ring.gz object.ring.gz sudo chown -R swift:swift /etc/swift sudo chmod g+rw,o+rw -R /etc/swift/ sudo scp account.ring.gz zyx@192.168.75.111:/etc/swift sudo scp account.ring.gz zyx@192.168.75.112:/etc/swift sudo scp account.ring.gz zyx@192.168.75.113:/etc/swift sudo scp container.ring.gz zyx@192.168.75.111:/etc/swift sudo scp container.ring.gz zyx@192.168.75.112:/etc/swift sudo scp container.ring.gz zyx@192.168.75.113:/etc/swift sudo scp object.ring.gz zyx@192.168.75.111:/etc/swift sudo scp object.ring.gz zyx@192.168.75.112:/etc/swift sudo scp object.ring.gz zyx@192.168.75.113:/etc/swift 12. 将各个配置文件的用户改为swift sudo chown -R swift:swift /etc/swift 13. 启动代理服务 sudo service proxy-server start sudo swift-init proxy start (有效) ------------------------------------------Server 2, Server 3, Server 4----------------------------------------------------------- 14.启动存贮服务 sudo service swift-object start sudo service swift-object-replicator start sudo service swift-object-updater start sudo service swift-object-auditor start sudo service swift-container start sudo service swift-container-replicator start sudo service swift-container-updater start sudo service swift-container-auditor start sudo service swift-account start sudo service swift-account-replicator start sudo service swift-account-updater start sudo service swift-account-auditor start sudo swift-init all start (有效) 或 sudo swift-init object-server start sudo swift-init object-replicator start sudo swift-init object-updater start sudo swift-init object-auditor start sudo swift-init container-server start sudo swift-init container-replicator start sudo swift-init container-updater start sudo swift-init container-auditor start sudo swift-init account-server start sudo swift-init account-replicator start sudo swift-init account-auditor start ------------------------------------------Verify the Installation------------------------------------------------------------- 15.验证Swift安装 15.1设置变量 export ADMINPASS=swiftpass export SWIFT_PROXY_CONF="/etc/swift/proxy-server.conf" 15.1验证 swift -V 2.0 -A http://192.168.75.110:5000/v2.0 -U service:swift -K swiftpass stat (有效) curl -d '{"auth":{"tenantName": "service","passwordCredentials":{"username": "swift","password": "swiftpass"}}}' -H "Content-type:application/json" http://192.168.75.110:35357/v2.0/tokens (有效) { "access": { "token": { "issued_at": "2013-07-20T02:20:19.836225", "expires": "2013-07-21T02:20:19Z", "id": "MIIHHAYJ.....", "tenant": { "description": "Service Tenant", "enabled": true, "id": "5e3af2dac2d1451ba90c4f151a40a463", "name": "service" } }, "serviceCatalog": [ { "endpoints": [ { "adminURL": "http://192.168.75.110:8888/v1", "region": "RegionOne", "internalURL": "http://192.168.75.110:8888/v1/AUTH_5e3af2dac2d1451ba90c4f151a40a463", "id": "944b056c8ea44f4bb2f85f350fc6d749", "publicURL": "http://192.168.75.110:8888/v1/AUTH_5e3af2dac2d1451ba90c4f151a40a463" } ], "endpoints_links": [], "type": "object-store", "name": "swift" }, { "endpoints": [ { "adminURL": "http://192.168.75.110:8773/services/Admin", "region": "RegionOne", "internalURL": "http://192.168.75.110:8773/services/Cloud", "id": "14c95395690d4d5393ad91c4c9ce0191", "publicURL": "http://192.168.75.110:8773/services/Cloud" } ], "endpoints_links": [], "type": "ec2", "name": "ec2" }, { "endpoints": [ { "adminURL": "http://192.168.75.110:35357/v2.0", "region": "RegionOne", "internalURL": "http://192.168.75.110:5000/v2.0", "id": "2c48f04762304a46ae6ae2bacfa0d91a", "publicURL": "http://192.168.75.110:5000/v2.0" } ], "endpoints_links": [], "type": "identity", "name": "keystone" } ], "user": { "username": "swift", "roles_links": [], "id": "eef77f25cf8b4563bffbcb4d9a6091bc", "roles": [ { "name": "_member_" }, { "name": "admin" } ], "name": "swift" }, "metadata": { "is_admin": 0, "roles": [ "9fe2ff9ee4384b1894a90878d3e92bab", "76f281288ce7401bbb5472f17e7197ec" ] } } } swift -A http://192.168.75.110:5000/v2.0 -U service:swift -K swiftpass upload myfiles bigfile1.tgz 15.3上传文件 swift upload myfiles bigfile1.tgz (有效) swift -V 2.0 -A http://192.168.75.110:5000/v2.0 -U service:swift -K swiftpass stat (有效)
15.4下载文件 swift -A http://192.168.75.110:5000/v2.0 -U service:swift -K swiftpass download myfiles swift download myfiles (有效) http://blog.csdn.net/gjhnorth/article/details/9036869 ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ http://www.openstack.org.cn/ask/?q-24.html ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Swift多节点安装 安装环境: Proxy Node:192.168.5.152 Storage Node1:192.168.5.155 Storage Node1:192.168.5.156 Storage Node1:192.168.5.157 一、 安装配置存储节点(Storage Node) 在192.168.5.155存储节点上进行操作,其他存储节点操作内容相同 1、 安装需要的软件包 apt-get update apt-get install swift swift-account swift-container swift-object swift-doc xfsprogs 2、 创建loopback设备(假设为sdb1)分出一个分区然后格式化 fdisk /dev/sdb mkfs.xfs -i size=1024 /dev/sdb1 上面的方法是官方文档上的方法,也是推荐的方法,我使用的是创建回环设备来存 dd if=/dev/zero of=/srv/swift-node bs=1024 count=0 seek=1000000 mkfs.xfs -i size=1024 /srv/swift-node 3、 更新fstab文件 cat >> /etc/fstab <<EOF /dev/sdb1 /swift/node/sdb1 xfs loop,noatime,nodiratime,nobarrier,logbufs=8 0 0 /dev/sdc1 /swift/node/sdc1 xfs loop,noatime,nodiratime,nobarrier,logbufs=8 0 0 /dev/sdd1 /swift/node/sdd1 xfs loop,noatime,nodiratime,nobarrier,logbufs=8 0 0 /dev/sde1 /swift/node/sde1 xfs loop,noatime,nodiratime,nobarrier,logbufs=8 0 0 EOF 4、 挂载 mkdir -p /swift/node/sdb1 mkdir -p /swift/node/sdc1 mkdir -p /swift/node/sdd1 mkdir -p /swift/node/sde1 mount /swift/node/sdb1 mount /swift/node/sdc1 mount /swift/node/sdd1 mount /swift/node/sde1 chown -R swift:swift /swift 注意 没有赋权限,会导致创建失败 5、 创建swift的配置文件 cat >/etc/swift/swift.conf <<EOF [swift-hash] # random unique string that can never change (DO NOT LOSE) swift_hash_path_suffix = `od -t x8 -N 8 -A n </dev/random` EOF Note: 这个文件所有的存储节点和代理节点共用,可以用scp拷贝到其它节点 6、 安装rsync apt-get install rsync 7、 创建rsync配置文件 cat > /etc/rsyncd.conf << EOF uid = swift gid = swift log file = /var/log/rsyncd.log pid file = /var/run/rsyncd.pid address = 192.168.5.155 [account] max connections = 2 path = /swift/node read only = false lock file = /var/lock/account.lock [container] max connections = 2 path = /swift/node read only = false lock file = /var/lock/container.lock [object] max connections = 2 path = /swift/node read only = false lock file = /var/lock/object.lock EOF 注意:path 写你实际的(刚才新建的)分区的位置。address修改为当前storage的地址。 8、 启用rsync perl -pi -e 's/RSYNC_ENABLE=false/RSYNC_ENABLE=true/' /etc/default/rsync 9、 启动rsync service rsync start 10、 配置account服务 cat > /etc/swift/account-server.conf << EOF [DEFAULT] devices = /swift/node mount_check = false bind_ip = 0.0.0.0 bind_port = 6012 workers = 2 log_facility = LOG_LOCAL3 [pipeline:main] pipeline = account-server [app:account-server] use = egg:swift#account [account-replicator] [account-auditor] [account-reaper] EOF 11、 配置container服务 cat > /etc/swift/container-server.conf << EOF [DEFAULT] devices = /swift/node mount_check = false bind_ip = 0.0.0.0 bind_port = 6011 workers = 2 log_facility = LOG_LOCAL2 [pipeline:main] pipeline = container-server [app:container-server] use = egg:swift#container [container-replicator] [container-updater] [container-auditor] [container-sync] EOF 12、 配置object服务 cat > /etc/swift/object-server.conf << EOF [DEFAULT] devices = /swift/node/ mount_check = false bind_ip = 0.0.0.0 bind_port = 6010 workers = 2 log_facility = LOG_LOCAL1 [pipeline:main] pipeline = object-server [app:object-server] use = egg:swift#object [object-replicator] [object-updater] [object-auditor] [object-expirer] EOF 13、 创建swift日志配置文件 cat > /etc/rsyslog.d/10-swift.conf << EOF local1,local2,local3.* /var/log/swift/all.log local1.* /var/log/swift/object.log local2.* /var/log/swift/container.log local3.* /var/log/swift/account.log EOF 14、 创建日志目录 mkdir -p /var/log/swift chown -R syslog.adm /var/log/swift 15、 重启日志服务进程 service rsyslog restart 二、 安装配置代理节点(Proxy Node) 1、 安装需要的软件包 apt-get update apt-get install swift swift-proxy swift-doc memcached 2、 修改memcached配置文件 perl -pi -e "s/-l 127.0.0.1/-l 192.168.5.152/" /etc/memcached.conf 3、 重启memcached服务 service memcached restart 4、 从存储节点拷贝swift配置文件 mkdir /etc/swift scp root@192.168.5.155:/etc/swift/swift.conf /etc/swift 5、 创建proxy-server配置文件 --------------------------tempauth认证------------------------------------------------ cat > /etc/swift/proxy-server.conf << EOF [DEFAULT] bind_port =8080 bind_ip = 192.168.5.152 user = swift [pipeline:main] pipeline = healthcheck cache tempauth proxy-server [app:proxy-server] use = egg:swift#proxy allow_account_management = true account_autocreate = true [filter:tempauth] use = egg:swift#tempauth user_admin_admin = admin .admin .reseller_admin user_test_tester = testing .admin user_test2_tester2 = testing2 .admin user_test_tester3 = testing3 [filter:healthcheck] use = egg:swift#healthcheck [filter:cache] use = egg:swift#memcache memcache_servers = 192.168.5.152:11211 EOF -----------------------------keystone认证---------------------------------------------------------- cat > /etc/swift/proxy-server.conf << EOF [DEFAULT] bind_port = 8080 bind_ip = 192.168.5.152 user = swift log_level = DEBUG log_facility = LOG_LOCAL1 [pipeline:main] pipeline = healthcheck cache authtoken keystone proxy-server [app:proxy-server] use = egg:swift#proxy allow_account_management = true account_autocreate = true [filter:keystone] paste.filter_factory = keystone.middleware.swift_auth:filter_factory operator_roles = admin, swiftoperator [filter:authtoken] paste.filter_factory = keystone.middleware.auth_token:filter_factory delay_auth_decision = 1 auth_port = 35357 auth_host = 192.168.5.152 auth_protocol = http service_protocol = http service_host = 192.168.5.152 service_port = 5000 admin_tenant_name = service admin_user = swift admin_password = 12345678 [filter:healthcheck] use = egg:swift#healthcheck [filter:cache] use = egg:swift#memcache memcache_servers = 192.168.5.152:11211 EOF 6、 创建swift日志配置文件 cat > /etc/rsyslog.d/10-swift.conf << EOF local1.* /var/log/swift/proxy.log EOF 7、 创建日志目录 mkdir -p /var/log/swift chown -R syslo.adm /var/log/swift 8、 重启日志服务进程 service rsyslog restart 9、 首先创建环 cd /etc/swift swift-ring-builder account.builder create 18 3 1 swift-ring-builder container.builder create 18 3 1 swift-ring-builder object.builder create 18 3 1 Note: 后面的数字第一个为存储分区数,第二个为备份次数,备份次数不能小于ZONE数目,第三个为延迟删除的时间,以小时为单位 10、向环里添加存储设备我前面配置了三台存储节点: |---------+------+-----------+-----------+------+--------| | Storage | Zone | IP | Server | Port | Device | |---------+------+-----------+-----------+------+--------| | 1 | 1 |192.168.5.155| account | 6012 | sdb1 | | | | | container | 6011 | sdb1 | | | | | object | 6010 | sdb1 | |---------+------+-----------+-----------+------+--------| | 2 | 2 |192.168.5.156 | account | 6012 | sdb1 | | | | | container | 6011 | sdb1 | | | | | object | 6010 | sdb1 | |---------+------+-----------+-----------+------+--------| | 3 | 3 |192.168.5.157 | account | 6012 | sdb1 | | | | | container | 6011 | sdb1 | | | | | object | 6010 | sdb1 | |---------+------+-----------+-----------+------+--------| cd /etc/swift swift-ring-builder account.builder add z1-192.168.5.155:6012/sdb1 100 swift-ring-builder container.builder add z1-192.168.5.155:6011/sdb1 100 swift-ring-builder object.builder add z1-192.168.5.155:6010/sdb1 100 swift-ring-builder account.builder add z2-192.168.5.156:6012/sdb1 100 swift-ring-builder container.builder add z2-192.168.5.156:6011/sdb1 100 swift-ring-builder object.builder add z2-192.168.5.156:6010/sdb1 100 swift-ring-builder account.builder add z3-192.168.5.157:6012/sdb1 100 swift-ring-builder container.builder add z3-192.168.5.157:6011/sdb1 100 swift-ring-builder object.builder add z3-192.168.5.157:6010/sdb1 100 Note: IP,端口,设备和前面的配置对应 11、 检验每个环里的条目 cd /etc/swift swift-ring-builder account.builder swift-ring-builder container.builder swift-ring-builder object.builder 应该得到类似这样的输出 account.builder, build version 3 262144 partitions, 3 replicas, 3 zones, 3 devices, 0.00 balance The minimum number of hours before a partition can be reassigned is 1 Devices: id zone ip address port name weight partitions balance meta 0 1 192.168.5.155 6012 sdb1 100.00 262144 0.00 1 2 192.168.5.156 6012 sdb1 100.00 262144 0.00 2 3 192.168.5.157 6012 sdb1 100.00 262144 0.00 14、 平衡环 cd /etc/swift swift-ring-builder account.builder rebalance swift-ring-builder container.builder rebalance swift-ring-builder object.builder rebalance Note: 这个过程可能需要一些时间 Note: 这三条命令会产生以gz结尾的文件,这些文件就是所有节点要用到的环文件,可以用scp拷贝到其它各节点 Note: 如果创建环的时候指定的副本数大于环的数量,平衡环的时候可能会报类似下面的错误 ... in _initial_balance while available_devs[index]['zone'] in other_zones: IndexError: list index out of range 15、 分发新生成的环文件 scp /etc/swift/*.gz root@192.168.5.155:/etc/swift/ scp /etc/swift/*.gz root@192.168.5.156:/etc/swift/ scp /etc/swift/*.gz root@192.168.5.157:/etc/swift/ 16、 启动各节点相关的服务 # 代理节点 swift-init proxy start # 存储节点 swift-init all start 三、测试swift 1、得到an X-Storage-Url 和X-Auth-Token root@node11:/etc/swift# curl -v -H 'X-Storage-User: test:tester' -H 'X-Storage-Pass: testing' http://192.168.5.152:8080/auth/v1.0 * About to connect() to 192.168.5.152 port 8080 (#0) * Trying 192.168.5.152... connected > GET /auth/v1.0 HTTP/1.1 > User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 > Host: 192.168.5.152:8080 > Accept: */* > X-Storage-User: test:tester > X-Storage-Pass: testing > < HTTP/1.1 200 OK < X-Storage-Url: http://192.168.5.152:8080/v1/AUTH_test < X-Storage-Token: AUTH_tk51644b8e782040f6ab788caa23ad6a1b < X-Auth-Token: AUTH_tk51644b8e782040f6ab788caa23ad6a1b < Content-Length: 0 < Date: Thu, 11 Oct 2012 07:47:53 GMT < * Connection #0 to host 192.168.5.152 left intact * Closing connection #0 root@node11:/etc/swift# curl -v -H 'X-Auth-Token: AUTH_tk51644b8e782040f6ab788caa23ad6a1b' http://192.168.5.152:8080/v1/AUTH_test * About to connect() to 192.168.5.152 port 8080 (#0) * Trying 192.168.5.152... connected > GET /v1/AUTH_test HTTP/1.1 > User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 > Host: 192.168.5.152:8080 > Accept: */* > X-Auth-Token: AUTH_tk51644b8e782040f6ab788caa23ad6a1b > < HTTP/1.1 204 No Content < X-Account-Object-Count: 0 < X-Account-Bytes-Used: 0 < X-Account-Container-Count: 0 < Accept-Ranges: bytes < Content-Length: 0 < Date: Thu, 11 Oct 2012 07:48:24 GMT < * Connection #0 to host 192.168.5.152 left intact * Closing connection #0 测试swift目前工作状态 swift -A http://192.168.5.152:8080/auth/v1.0 -U test:tester -K testing stat 将当前目录下test.txt文件上传到myfiles目录 swift -A http://192.168.5.152:8080/auth/v1.0 -U test:tester -K testing upload myfiles test.txt