User Tools

Site Tools


Sidebar

cn:ccr:cloud:cloudstorage:installazione_swift

Installazione Swift

  • Autore originale: Giacinto Donvito
  • Formattazione: Matteo Panella

Installazione pacchetti

# apt-get install swift openssh-server rsync memcached python-netifaces python-xattr python-memcache
# apt-get install swift-account swift-container swift-object xfsprogs
# apt-get install swift-proxy memcached python-keystoneclient python-swiftclient python-webob

Configurazione dello storage locale

# mkfs.xfs /dev/vdb1
# echo "/dev/vdb1 /srv/node/vdb1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
# mkdir -p /srv/node/vdb1
# mount /srv/node/vdb1
# chown -R swift:swift /srv/node

Creare il file /etc/rsyncd.conf con il seguente contenuto:

uid = swift
gid = swift
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
address = <STORAGE_LOCAL_NET_IP>

[account]
max connections = 2
path = /srv/node/
read only = false
lock file = /var/lock/account.lock

[container]
max connections = 2
path = /srv/node/
read only = false
lock file = /var/lock/container.lock

[object]
max connections = 2
path = /srv/node/
read only = false
lock file = /var/lock/object.lock

Modificare il file /etc/default/rsync:

RSYNC_ENABLE = true

Generazione dei certificati (self-signed) per SSL:

# cd /etc/swift
# openssl req -new -x509 -nodes -out cert.crt -keyout cert.key

Modificare il file /etc/memcached.conf apportando il seguente cambiamento:

-l 127.0.0.1
to
-l <PROXY_LOCAL_NET_IP>

Riavviare memcached:

# service memcached restart

Creare il file di configurazione /etc/swift/proxy-server.conf come dettagliato sotto.

Creare la signing_dir:

# mkdir -p /home/swift/keystone-signing
# chown -R swift:swift /home/swift/keystone-signing

Configurazione dei servizi di storage

Creazione dei ring

# swift-ring-builder account.builder add z1-$SWIFT_NODE_IP:6002/vdb1 100
# swift-ring-builder container.builder add z1-$SWIFT_NODE_IP:6001/vdb1 100
# swift-ring-builder object.builder add z1-$SWIFT_NODE_IP:6000/vdb1 100

Files di configurazione dei servizi

/etc/swift/object-server.conf:

[DEFAULT]
bind_ip = 0.0.0.0
workers = 2

[pipeline:main]
pipeline = object-server

[app:object-server]
use = egg:swift#object

[object-replicator]

[object-updater]

[object-auditor]

/etc/swift/account-server.conf:

[DEFAULT]
bind_ip = 0.0.0.0
workers = 2

[pipeline:main]
pipeline = account-server

[app:account-server]
use = egg:swift#account

[account-replicator]

[account-auditor]

[account-reaper]

/etc/swift/container-server.conf:

[DEFAULT]
bind_ip = 0.0.0.0
workers = 2

[pipeline:main]
pipeline = container-server

[app:container-server]
use = egg:swift#container

[container-replicator]

[container-updater]

[container-auditor]

/etc/swift/proxy-server.conf:

[DEFAULT]
bind_port = 8080
user = swift

[pipeline:main]
pipeline = healthcheck cache authtoken keystoneauth proxy-server

[app:proxy-server]
use = egg:swift#proxy
allow_account_management = true
account_autocreate = true

[filter:keystoneauth]
use = egg:swift#keystoneauth
operator_roles = Member,admin,swiftoperator

[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
# Delaying the auth decision is required to support token-less
# usage for anonymous referrers ('.r:*').
delay_auth_decision = true
# cache directory for signing certificate
signing_dir = /home/swift/keystone-signing
# auth_* settings refer to the Keystone server
auth_protocol = http
auth_host = $CONTROLLER_NODE_PUBLIC_IP
auth_port = 35357
# the same admin_token as provided in keystone.conf
admin_token = openstack
# the service tenant and swift userid and password created in Keystone
admin_tenant_name = service
admin_user = swift
admin_password = $SWIFT_USER_PASSWORD

[filter:cache]
use = egg:swift#memcache

[filter:catch_errors]
use = egg:swift#catch_errors

[filter:healthcheck]
use = egg:swift#healthcheck

Lista dei files in /etc/swift/:

root@swift:/etc/swift# ls -ltr
total 6216
-rw-r--r-- 1 swift swift     183 Apr  9 09:02 object-server.conf
-rw-r--r-- 1 swift swift     201 Apr  9 09:02 container-server.conf
-rw-r--r-- 1 swift swift     188 Apr  9 09:02 account-server.conf
-rw-r--r-- 1 swift swift     113 Jun 12 13:52 swift.conf
-rw-r--r-- 1 root  root      916 Jun 12 14:00 cert.key
-rw-r--r-- 1 root  root     1131 Jun 12 14:00 cert.crt
lrwxrwxrwx 1 root  root       28 Jun 12 14:53 swift-proxy.conf -> /etc/swift/proxy-server.conf
-rw-r--r-- 1 root  root     1150 Jun 12 15:32 proxy-server.conf
-rw-r--r-- 1 root  root     1724 Jun 13 14:05 account.ring.gz
-rw-r--r-- 1 root  root  2099711 Jun 13 14:05 account.builder
-rw-r--r-- 1 root  root     1725 Jun 13 14:05 container.ring.gz
-rw-r--r-- 1 root  root  2099709 Jun 13 14:05 container.builder
-rw-r--r-- 1 root  root     1722 Jun 13 14:06 object.ring.gz
-rw-r--r-- 1 root  root  2099709 Jun 13 14:06 object.builder
drwxr-xr-x 2 root  root     4096 Jun 13 14:06 backups
-rw-r--r-- 1 root  root      222 Jun 13 14:58 novarc

Test della configurazione

Configurazione variabili di autenticazione

# export OS_TENANT_NAME=admin
# export OS_USERNAME=admin
# export OS_PASSWORD=$SWIFT_USER_PASSWORD
# export OS_AUTH_URL="http://$CONTROLLER_NODE_PUBLIC_IP:5000/v2.0/"

Test lato client

root@swift:/etc/swift# swift stat giacinto prova_big_file
       Account: AUTH_d9e5b6880a444d2986c691652e53674f
     Container: giacinto
        Object: prova_big_file
  Content Type: application/octet-stream
Content Length: 480247808
 Last Modified: Fri, 14 Jun 2013 07:46:13 GMT
          ETag: 19882d2dce6140c6033c514e91e49e37
Meta Orig-Filename: proxmox-ve_3.0-f8f25665-10.iso
 Accept-Ranges: bytes
   X-Timestamp: 1371195973.28637
cn/ccr/cloud/cloudstorage/installazione_swift.txt · Last modified: 2014/11/18 17:37 by stalio@infn.it