====== Installazione Swift ======

  * Autore originale: **Giacinto Donvito**
  * Formattazione: **Matteo Panella**

===== Installazione pacchetti =====

<code>
# apt-get install swift openssh-server rsync memcached python-netifaces python-xattr python-memcache
# apt-get install swift-account swift-container swift-object xfsprogs
# apt-get install swift-proxy memcached python-keystoneclient python-swiftclient python-webob
</code>

===== Configurazione dello storage locale =====

<code>
# mkfs.xfs /dev/vdb1
# echo "/dev/vdb1 /srv/node/vdb1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
# mkdir -p /srv/node/vdb1
# mount /srv/node/vdb1
# chown -R swift:swift /srv/node
</code>

Creare il file ''/etc/rsyncd.conf'' con il seguente contenuto:

<file>
uid = swift
gid = swift
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
address = <STORAGE_LOCAL_NET_IP>

[account]
max connections = 2
path = /srv/node/
read only = false
lock file = /var/lock/account.lock

[container]
max connections = 2
path = /srv/node/
read only = false
lock file = /var/lock/container.lock

[object]
max connections = 2
path = /srv/node/
read only = false
lock file = /var/lock/object.lock
</file>

Modificare il file /etc/default/rsync:
<file>
RSYNC_ENABLE = true
</file>

Generazione dei certificati (self-signed) per SSL:

<code>
# cd /etc/swift
# openssl req -new -x509 -nodes -out cert.crt -keyout cert.key
</code>

Modificare il file ''/etc/memcached.conf'' apportando il seguente cambiamento:

<file>
-l 127.0.0.1
to
-l <PROXY_LOCAL_NET_IP>
</file>

Riavviare memcached:

<code>
# service memcached restart
</code>

Creare il file di configurazione ''/etc/swift/proxy-server.conf'' come dettagliato sotto.

Creare la signing_dir:
<code>
# mkdir -p /home/swift/keystone-signing
# chown -R swift:swift /home/swift/keystone-signing
</code>


===== Configurazione dei servizi di storage =====

==== Creazione dei ring ====

<code>
# swift-ring-builder account.builder add z1-$SWIFT_NODE_IP:6002/vdb1 100
# swift-ring-builder container.builder add z1-$SWIFT_NODE_IP:6001/vdb1 100
# swift-ring-builder object.builder add z1-$SWIFT_NODE_IP:6000/vdb1 100
</code>

==== Files di configurazione dei servizi ====

''/etc/swift/object-server.conf'':
<file>
[DEFAULT]
bind_ip = 0.0.0.0
workers = 2

[pipeline:main]
pipeline = object-server

[app:object-server]
use = egg:swift#object

[object-replicator]

[object-updater]

[object-auditor]

</file> 

''/etc/swift/account-server.conf'':
<file>
[DEFAULT]
bind_ip = 0.0.0.0
workers = 2

[pipeline:main]
pipeline = account-server

[app:account-server]
use = egg:swift#account

[account-replicator]

[account-auditor]

[account-reaper]
</file>

''/etc/swift/container-server.conf'':
<file>
[DEFAULT]
bind_ip = 0.0.0.0
workers = 2

[pipeline:main]
pipeline = container-server

[app:container-server]
use = egg:swift#container

[container-replicator]

[container-updater]

[container-auditor]

</file>

''/etc/swift/proxy-server.conf'':
<file>
[DEFAULT]
bind_port = 8080
user = swift

[pipeline:main]
pipeline = healthcheck cache authtoken keystoneauth proxy-server

[app:proxy-server]
use = egg:swift#proxy
allow_account_management = true
account_autocreate = true

[filter:keystoneauth]
use = egg:swift#keystoneauth
operator_roles = Member,admin,swiftoperator

[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
# Delaying the auth decision is required to support token-less
# usage for anonymous referrers ('.r:*').
delay_auth_decision = true
# cache directory for signing certificate
signing_dir = /home/swift/keystone-signing
# auth_* settings refer to the Keystone server
auth_protocol = http
auth_host = $CONTROLLER_NODE_PUBLIC_IP
auth_port = 35357
# the same admin_token as provided in keystone.conf
admin_token = openstack
# the service tenant and swift userid and password created in Keystone
admin_tenant_name = service
admin_user = swift
admin_password = $SWIFT_USER_PASSWORD

[filter:cache]
use = egg:swift#memcache

[filter:catch_errors]
use = egg:swift#catch_errors

[filter:healthcheck]
use = egg:swift#healthcheck
</file>


Lista dei files in ''/etc/swift/'':
<code>
root@swift:/etc/swift# ls -ltr
total 6216
-rw-r--r-- 1 swift swift     183 Apr  9 09:02 object-server.conf
-rw-r--r-- 1 swift swift     201 Apr  9 09:02 container-server.conf
-rw-r--r-- 1 swift swift     188 Apr  9 09:02 account-server.conf
-rw-r--r-- 1 swift swift     113 Jun 12 13:52 swift.conf
-rw-r--r-- 1 root  root      916 Jun 12 14:00 cert.key
-rw-r--r-- 1 root  root     1131 Jun 12 14:00 cert.crt
lrwxrwxrwx 1 root  root       28 Jun 12 14:53 swift-proxy.conf -> /etc/swift/proxy-server.conf
-rw-r--r-- 1 root  root     1150 Jun 12 15:32 proxy-server.conf
-rw-r--r-- 1 root  root     1724 Jun 13 14:05 account.ring.gz
-rw-r--r-- 1 root  root  2099711 Jun 13 14:05 account.builder
-rw-r--r-- 1 root  root     1725 Jun 13 14:05 container.ring.gz
-rw-r--r-- 1 root  root  2099709 Jun 13 14:05 container.builder
-rw-r--r-- 1 root  root     1722 Jun 13 14:06 object.ring.gz
-rw-r--r-- 1 root  root  2099709 Jun 13 14:06 object.builder
drwxr-xr-x 2 root  root     4096 Jun 13 14:06 backups
-rw-r--r-- 1 root  root      222 Jun 13 14:58 novarc
</code>

===== Test della configurazione =====

==== Configurazione variabili di autenticazione ====

<code>
# export OS_TENANT_NAME=admin
# export OS_USERNAME=admin
# export OS_PASSWORD=$SWIFT_USER_PASSWORD
# export OS_AUTH_URL="http://$CONTROLLER_NODE_PUBLIC_IP:5000/v2.0/"
</code>

==== Test lato client ====

<code>
root@swift:/etc/swift# swift stat giacinto prova_big_file
       Account: AUTH_d9e5b6880a444d2986c691652e53674f
     Container: giacinto
        Object: prova_big_file
  Content Type: application/octet-stream
Content Length: 480247808
 Last Modified: Fri, 14 Jun 2013 07:46:13 GMT
          ETag: 19882d2dce6140c6033c514e91e49e37
Meta Orig-Filename: proxmox-ve_3.0-f8f25665-10.iso
 Accept-Ranges: bytes
   X-Timestamp: 1371195973.28637
</code>