上一篇:构建基于openEuler2209的OpenStack云平台(九)
10 安装和配置swift服务(选配)
OpenStack对象存储是一个多租户对象存储系统。它具有高度的可扩展性,可以通过RESTful HTTP API以低成本管理大量非结构化数据。
该服务根据需要自行选配。
10.1 先决条件
该节操作在控制节上完成
10.1.1 获取admin凭证
[root@xgk-ctl ~]# source /etc/keystone/admin-openrc
10.1.2 创建身份服务凭证
1、创建swift用户
[root@xgk-ctl ~]# openstack user create --domain default --password-prompt swift
User Password: #此处输入swift用户密码,比如SWIFT_PASS
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | fc8ad09c08fe49b7a0c911fa433948fd |
| name | swift |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
2、为swift用户添加管理员角色
[root@xgk-ctl ~]# openstack role add --project service --user swift admin
3、创建swift服务实体
[root@xgk-ctl ~]# openstack service create --name swift --description "OpenStack Object Storage" object-store
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Object Storage |
| enabled | True |
| id | ffac23f6d6fd4ad69e259c9ed936c6cc |
| name | swift |
| type | object-store |
+-------------+----------------------------------+
10.1.3 创建Swift API端点
1、创建public端点
[root@xgk-ctl ~]# openstack endpoint create --region RegionOne object-store public http://xgk-ctl:8080/v1/AUTH_%\(project_id\)s
+--------------+--------------------------------------------+
| Field | Value |
+--------------+--------------------------------------------+
| enabled | True |
| id | 9ab82c2d971f47b2aa0afbfe31de5ba2 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | ffac23f6d6fd4ad69e259c9ed936c6cc |
| service_name | swift |
| service_type | object-store |
| url | http://xgk-ctl:8080/v1/AUTH_%(project_id)s |
+--------------+--------------------------------------------+
2、创建internal端点
[root@xgk-ctl ~]# openstack endpoint create --region RegionOne object-store internal http://xgk-ctl:8080/v1/AUTH_%\(project_id\)s
+--------------+--------------------------------------------+
| Field | Value |
+--------------+--------------------------------------------+
| enabled | True |
| id | 84715caf3c424a62ad7ca9c35b4df6ca |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | ffac23f6d6fd4ad69e259c9ed936c6cc |
| service_name | swift |
| service_type | object-store |
| url | http://xgk-ctl:8080/v1/AUTH_%(project_id)s |
+--------------+--------------------------------------------+
3、创建admin端点
[root@xgk-ctl ~]# openstack endpoint create --region RegionOne object-store admin http://xgk-ctl:8080/v1/AUTH_%\(project_id\)s
+--------------+--------------------------------------------+
| Field | Value |
+--------------+--------------------------------------------+
| enabled | True |
| id | 205567cbe3df437fba52a3e910541ef3 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | ffac23f6d6fd4ad69e259c9ed936c6cc |
| service_name | swift |
| service_type | object-store |
| url | http://xgk-ctl:8080/v1/AUTH_%(project_id)s |
+--------------+--------------------------------------------+
10.2 安装和配置组件
10.2.1 安装软件包
[root@xgk-ctl ~]# dnf -y install openstack-swift-proxy python3-swiftclient python3-keystoneclient python3-keystonemiddleware
10.2.2 配置代理服务器
编辑/etc/swift/proxy-server.conf,在[filter:authtoken]节,将其中的controller更换成自己的控制节点的主机名,将swift用户密码更改成自己对应的密码。
[root@xgk-ctl ~]# vim /etc/swift/proxy-server.conf
……此处省略文件原有内容……
[filter:cache]
use = egg:swift#memcache
memcache_servers = xgk-ctl:11211
……此处省略文件原有内容……
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
www_authenticate_uri = http://xgk-ctl:5000
auth_url = http://xgk-ctl:5000
memcached_servers = xgk-ctl:11211
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = swift
password = SWIFT_PASS
delay_auth_decision = True
……此处省略文件原有内容……
10.3 安装和配置存储节点
本小节操作在两台对象存储节点上同步完成,以下只展示对象存储节点1的操作及其主要输出情况。
10.3.1 先决条件
1、安装软件包
[root@xgk-blkn1 ~]# dnf -y install xfsprogs rsync
2、 将/dev/vdb和/dev/vdc设备格式化为XFS
[root@xgk-blkn1 ~]# mkfs.xfs /dev/vdb
[root@xgk-blkn1 ~]# mkfs.xfs /dev/vdc
3、创建装载点目录结构
[root@xgk-blkn1 ~]# mkdir -p /srv/node/vdb
[root@xgk-blkn1 ~]# mkdir -p /srv/node/vdc
4、查找新磁盘的UUID
[root@xgk-blkn1 ~]# blkid /dev/vdb
/dev/vdb: UUID="ee3cd5e7-e349-420d-9136-507fd3e0a930" BLOCK_SIZE="512" TYPE="xfs"
[root@xgk-blkn1 ~]# blkid /dev/vdc
/dev/vdc: UUID="e56cf267-1132-4856-97d2-8c65f93b4e25" BLOCK_SIZE="512" TYPE="xfs"
5、用UUID永久挂载磁盘
[root@xgk-blkn1 ~]# vim /etc/fstab
……此处省略文件原有内容,在末尾添加以下内容……
UUID="此处用/dev/vdb的UUID代替" /srv/node/vdb xfs noatime 0 2
UUID="此处用/dev/vdc的UUID代替" /srv/node/vdc xfs noatime 0 2
6、挂载磁盘设备
[root@xgk-blkn1 ~]# mount -a
7、创建或编辑/etc/rsyncd.conf文件以包含以下内容:
[root@xgk-blkn1 ~]# vim /etc/rsyncd.conf
[DEFAULT]
uid = swift
gid = swift
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
address = 192.168.18.203 //xgk-blkn2的IP地址为192.168.18.204
[account]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/account.lock
[container]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/container.lock
[object]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/object.lock
8、启动rsyncd服务,并将其配置为开机自启动
[root@xgk-blkn1 ~]# systemctl enable rsyncd.service && systemctl start rsyncd.service
10.3.2 安装和配置组件
本小节内容要求在两台对象存储节点上同步完成,以下只展示对象节点1上的操作情况。
1、安装软件包
[root@xgk-blkn1 ~]# dnf -y install openstack-swift-account openstack-swift-container openstack-swift-object
2、编辑/etc/swift/account-server.conf,将bind_ip替换为对应对象存储节点的管理网络ip地址。
[root@xgk-blkn1 ~]# vim /etc/swift/account-server.conf
[DEFAULT]
bind_ip = 192.168.18.203
bind_port = 6202
……此处省略文件原有内容……
3、编辑container-server.conf,将bind_ip替换为对应对象存储节点的管理网络ip地址。
[root@xgk-blkn1 ~]# vim /etc/swift/container-server.conf
[DEFAULT]
bind_ip = 192.168.18.203
bind_port = 6201
……此处省略文件原有内容……
4、编辑object-server.conf,将bind_ip替换为对应对象存储节点的管理网络ip地址。
[root@xgk-blkn1 ~]# vim /etc/swift/object-server.conf
[DEFAULT]
bind_ip = 192.168.18.203
bind_port = 6200
……此处省略文件原有内容……
5、更改挂载点目录的归属权限
[root@xgk-blkn1 ~]# chown -R swift:swift /srv/node
6、创建reco目录,并更改该目录的属组与权限
[root@xgk-blkn1 ~]# mkdir -p /var/cache/swift
[root@xgk-blkn1 ~]# chown -R root:swift /var/cache/swift
[root@xgk-blkn1 ~]# chmod -R 775 /var/cache/swift
10.4 创建和分发初始环
本小节内容在控制节点上完成
10.4.1 创建账户环
1、切换到/etc/swift目录,然后创建account.builder文件
[root@xgk-ctl ~]# cd /etc/swift
[root@xgk-ctl swift]# swift-ring-builder account.builder create 10 3 1
2、将每个对象存储节点添加到环
[root@xgk-ctl swift]# swift-ring-builder account.builder add --region 1 --zone 1 --ip 192.168.18.203 --port 6202 --device vdb --weight 100
Device d0r1z1-192.168.18.203:6202R192.168.18.203:6202/vdb_"" with 100.0 weight got id 0
[root@xgk-ctl swift]# swift-ring-builder account.builder add --region 1 --zone 1 --ip 192.168.18.203 --port 6202 --device vdc --weight 100
Device d1r1z1-192.168.18.203:6202R192.168.18.203:6202/vdc_"" with 100.0 weight got id 1
[root@xgk-ctl swift]# swift-ring-builder account.builder add --region 1 --zone 2 --ip 192.168.18.204 --port 6202 --device vdb --weight 100
Device d2r1z2-192.168.18.204:6202R192.168.18.204:6202/vdb_"" with 100.0 weight got id 2
[root@xgk-ctl swift]# swift-ring-builder account.builder add --region 1 --zone 2 --ip 192.168.18.204 --port 6202 --device vdc --weight 100
Device d3r1z2-192.168.18.204:6202R192.168.18.204:6202/vdc_"" with 100.0 weight got id 3
3、验证环内容
[root@xgk-ctl swift]# swift-ring-builder account.builder
account.builder, build version 4, id 8fd029a0e1f5412a84cf6ed34f54999c
1024 partitions, 3.000000 replicas, 1 regions, 2 zones, 4 devices, 100.00 balance, 0.00 dispersion
The minimum number of hours before a partition can be reassigned is 1 (0:00:00 remaining)
The overload factor is 0.00% (0.000000)
Ring file account.ring.gz not found, probably it hasn't been written yet
Devices: id region zone ip address:port replication ip:port name weight partitions balance flags meta
0 1 1 192.168.18.203:6202 192.168.18.203:6202 vdb 100.00 0 -100.00
1 1 1 192.168.18.203:6202 192.168.18.203:6202 vdc 100.00 0 -100.00
2 1 2 192.168.18.204:6202 192.168.18.204:6202 vdb 100.00 0 -100.00
3 1 2 192.168.18.204:6202 192.168.18.204:6202 vdc 100.00 0 -100.00
4、重新平衡环
[root@xgk-ctl swift]# swift-ring-builder account.builder rebalance
Reassigned 3072 (300.00%) partitions. Balance is now 0.00. Dispersion is now 0.00
10.4.2 创建容器环
本小节内容在控制节点上完成
1、切换到/etc/swift目录,然后创建基本container.builder文件
[root@xgk-ctl swift]# swift-ring-builder container.builder create 10 3 1
2、将每个存储节点添加到环
[root@xgk-ctl swift]# swift-ring-builder container.builder add --region 1 --zone 1 --ip 192.168.18.203 --port 6201 --device vdb --weight 100
Device d0r1z1-192.168.18.203:6201R192.168.18.203:6201/vdb_"" with 100.0 weight got id 0
[root@xgk-ctl swift]# swift-ring-builder container.builder add --region 1 --zone 1 --ip 192.168.18.203 --port 6201 --device vdc --weight 100
Device d1r1z1-192.168.18.203:6201R192.168.18.203:6201/vdc_"" with 100.0 weight got id 1
[root@xgk-ctl swift]# swift-ring-builder container.builder add --region 1 --zone 2 --ip 192.168.18.204 --port 6201 --device vdb --weight 100
Device d2r1z2-192.168.18.204:6201R192.168.18.204:6201/vdb_"" with 100.0 weight got id 2
[root@xgk-ctl swift]# swift-ring-builder container.builder add --region 1 --zone 2 --ip 192.168.18.204 --port 6201 --device vdc --weight 100
Device d3r1z2-192.168.18.204:6201R192.168.18.204:6201/vdc_"" with 100.0 weight got id 3
3、验证环内容
[root@xgk-ctl swift]# swift-ring-builder container.builder
container.builder, build version 4, id d7fc0f4e975c48a0aa202e4e82b4974c
1024 partitions, 3.000000 replicas, 1 regions, 2 zones, 4 devices, 100.00 balance, 0.00 dispersion
The minimum number of hours before a partition can be reassigned is 1 (0:00:00 remaining)
The overload factor is 0.00% (0.000000)
Ring file container.ring.gz is obsolete
Devices: id region zone ip address:port replication ip:port name weight partitions balance flags meta
0 1 1 192.168.18.203:6201 192.168.18.203:6201 vdb 100.00 0 -100.00
1 1 1 192.168.18.203:6201 192.168.18.203:6201 vdc 100.00 0 -100.00
2 1 2 192.168.18.204:6201 192.168.18.204:6201 vdb 100.00 0 -100.00
3 1 2 192.168.18.204:6201 192.168.18.204:6201 vdc 100.00 0 -100.00
4、重新平衡环
[root@xgk-ctl swift]# swift-ring-builder container.builder rebalance
Reassigned 3072 (300.00%) partitions. Balance is now 0.00. Dispersion is now 0.00
10.4.3 创建对象环
本小节内容在控制节点上完成
1、切换到/etc/swift目录,然后创建基本object.builder文件
[root@xgk-ctl swift]# swift-ring-builder object.builder create 10 3 1
2、将每个存储节点添加到环
[root@xgk-ctl swift]# swift-ring-builder object.builder add --region 1 --zone 1 --ip 192.168.18.203 --port 6200 --device vdb --weight 100
Device d0r1z1-192.168.18.203:6200R192.168.18.203:6200/vdb_"" with 100.0 weight got id 0
[root@xgk-ctl swift]# swift-ring-builder object.builder add --region 1 --zone 1 --ip 192.168.18.203 --port 6200 --device vdc --weight 100
Device d1r1z1-192.168.18.203:6200R192.168.18.203:6200/vdc_"" with 100.0 weight got id 1
[root@xgk-ctl swift]# swift-ring-builder object.builder add --region 1 --zone 2 --ip 192.168.18.204 --port 6200 --device vdb --weight 100
Device d2r1z2-192.168.18.204:6200R192.168.18.204:6200/vdb_"" with 100.0 weight got id 2
[root@xgk-ctl swift]# swift-ring-builder object.builder add --region 1 --zone 2 --ip 192.168.18.204 --port 6200 --device vdc --weight 100
Device d3r1z2-192.168.18.204:6200R192.168.18.204:6200/vdc_"" with 100.0 weight got id 3
3、验证环内容
[root@xgk-ctl swift]# swift-ring-builder object.builder
object.builder, build version 4, id bde7e51745a546339c0d76996b070e7d
1024 partitions, 3.000000 replicas, 1 regions, 2 zones, 4 devices, 100.00 balance, 0.00 dispersion
The minimum number of hours before a partition can be reassigned is 1 (0:00:00 remaining)
The overload factor is 0.00% (0.000000)
Ring file object.ring.gz is obsolete
Devices: id region zone ip address:port replication ip:port name weight partitions balance flags meta
0 1 1 192.168.18.203:6200 192.168.18.203:6200 vdb 100.00 0 -100.00
1 1 1 192.168.18.203:6200 192.168.18.203:6200 vdc 100.00 0 -100.00
2 1 2 192.168.18.204:6200 192.168.18.204:6200 vdb 100.00 0 -100.00
3 1 2 192.168.18.204:6200 192.168.18.204:6200 vdc 100.00 0 -100.00
4、重新平衡环
[root@xgk-ctl swift]# swift-ring-builder object.builder rebalance
Reassigned 3072 (300.00%) partitions. Balance is now 0.00. Dispersion is now 0.00
5、分发环配置文件
将account.ring.gz、container.ring.gz和object.ring.gz复制到每个对象存储节点和运行代理服务的任何其他节点上的/etc/swift目录中
[root@xgk-ctl swift]# scp account.ring.gz container.ring.gz object.ring.gz root@xgk-blkn1:/etc/swift
[root@xgk-ctl swift]# scp account.ring.gz container.ring.gz object.ring.gz root@xgk-blkn2:/etc/swift
10.5 完成安装
本小节操作会涉及控制节点和对象存储节点,请注意操作环境。
1、编辑/etc/swift/swift.conf文件(控制节点操作)
[root@xgk-ctl swift]# vim /etc/swift/swift.conf
[swift-hash]
swift_hash_path_suffix = ptuxgk //这里两行的值写得相同即可
swift_hash_path_prefix = ptuxgk
……此处省略文件原有内容……
swift_hash_path_suffix和swift_hash_path_prefix的值要设置为相同字符串,且要保管好,不要改变或丢失它们。
2、将swift.conf文件复制到每个对象存储节点和运行代理服务的任何其他节点上的/etc/swift目录中。(控制节点操作)
[root@xgk-ctl swift]# scp swift.conf root@xgk-blkn1:/etc/swift
[root@xgk-ctl swift]# scp swift.conf root@xgk-blkn2:/etc/swift
3、更改/etc/swift目录的归属权限(控制节点和对象存储节点均要求操作)
[root@xgk-ctl swift]# chown -R root:swift /etc/swift
4、在控制器节点,启动openstack-swift-proxy服务,并将其配置为在系统启动时启动。
[root@xgk-ctl swift]# systemctl enable openstack-swift-proxy.service
Created symlink /etc/systemd/system/multi-user.target.wants/openstack-swift-proxy.service → /usr/lib/systemd/system/openstack-swift-proxy.service.
[root@xgk-ctl swift]# systemctl start openstack-swift-proxy.service
5、在对象存储节点上,启动对象存储服务,并将其配置为在系统启动时启动。
systemctl enable openstack-swift-account.service openstack-swift-account-auditor.service openstack-swift-account-reaper.service openstack-swift-account-replicator.service
systemctl start openstack-swift-account.service openstack-swift-account-auditor.service openstack-swift-account-reaper.service openstack-swift-account-replicator.service
systemctl enable openstack-swift-container.service openstack-swift-container-auditor.service openstack-swift-container-replicator.service openstack-swift-container-updater.service
systemctl start openstack-swift-container.service openstack-swift-container-auditor.service openstack-swift-container-replicator.service openstack-swift-container-updater.service
systemctl enable openstack-swift-object.service openstack-swift-object-auditor.service openstack-swift-object-replicator.service openstack-swift-object-updater.service
systemctl start openstack-swift-object.service openstack-swift-object-auditor.service openstack-swift-object-replicator.service openstack-swift-object-updater.service
6、查看8080端口状态(控制节点)
[root@controller swift]# netstat -antlp | grep 8080
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 582428/python3
10.6 验证操作
本小节内容在控制节点上完成
1、获取admin凭据
[root@xgk-ctl ~]# source /etc/keystone/admin-openrc
2、显示服务状态
[root@xgk-ctl ~]# swift stat
Account: AUTH_83c34dc70d18476097211c384d2e435c
Containers: 0
Objects: 0
Bytes: 0
Content-Type: text/plain; charset=utf-8
X-Timestamp: 1671696872.75210
X-Put-Timestamp: 1671696872.75210
Vary: Accept
X-Trans-Id: tx83f5701f928446c3af430-0063a411e8
X-Openstack-Request-Id: tx83f5701f928446c3af430-0063a411e8
3、创建container1容器
[root@xgk-ctl ~]# openstack container create container1
+---------------------------------------+------------+------------------------------------+
| account | container | x-trans-id |
+---------------------------------------+------------+------------------------------------+
| AUTH_83c34dc70d18476097211c384d2e435c | container1 | tx4ded69d6eb4f4d819be7a-0063a4122a |
+---------------------------------------+------------+------------------------------------+
4、将测试文件上载到container1容器
首先任意创建一个文件,然后将该文件上传
[root@xgk-ctl ~]# echo "swift test" > swift-test
[root@xgk-ctl ~]# openstack object create container1 swift-test
+------------+------------+----------------------------------+
| object | container | etag |
+------------+------------+----------------------------------+
| swift-test | container1 | 5721274b3232b86f6c71fce4a8c6f307 |
+------------+------------+----------------------------------+
5、列出container1容器中的文件
[root@xgk-ctl ~]# openstack object list container1
+------------+
| Name |
+------------+
| swift-test |
+------------+
6、从container1容器下载测试文件
为便于测试,切换到任意其它目录,然后下载测试和查看文件。
[root@xgk-ctl ~]# cd /opt
[root@xgk-ctl opt]# openstack object save container1 swift-test
[root@xgk-ctl opt]# cat swift-test
swift test