====== Install and configure ceph-rgw ======
On the machine where ceph radosgw will be installed:
yum clean all
yum update
useradd ceph-deploy
passwd ceph-deploy
echo "ceph-deploy ALL = (root) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/ceph-deploy
cepl-deploy@ceph-adm key on the node where radosgw will be installed:
[ceph-deploy@ceph-adm ~]$ ssh-copy-id ceph-deploy@ceph-rgw-02
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/ceph-deploy/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
ceph-deploy@ceph-rgw-02's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'ceph-deploy@ceph-rgw-02'"
and check to make sure that only the key(s) you wanted were added.
[ceph-deploy@ceph-adm ~]$ ssh ceph-rgw-02 hostname
ceph-rgw-02.cloud.pd.infn.it
[ceph-deploy@ceph-adm ~]$
Disable SELinux
Modify ceph.conf on all ceph cluster nodes and all openstack nodes adding:
[global]
#
...
...
# Default quota for object storage
rgw user default quota max size = 200G
[client.rgw.ceph-rgw-01] \
#
# SSL
#rgw_frontends="civetweb port=7480s ssl_certificate=/etc/cert.pem" \
#
# Plain
rgw_frontends="civetweb port=7480"
#
# Realm, zonegroup and zone
rgw_zone=cloudprod
rgw_zonegroup=cloudprod
rgw_realm=cloudprod
# Debug level
debug rgw = 2
#
# OpenStack cloud
rgw keystone url = https://cloud-areapd.pd.infn.it:35357
rgw keystone accepted roles = project_manager, _member_, user, admin, Member
rgw keystone api version = 3
rgw keystone admin token = CHANGEHERE
rgw keystone token cache size = 0
##rgw keystone revocation interval = 100
rgw keystone implicit tenants = false
rgw s3 auth use keystone = true
nss_db_path = /var/ceph/nss
Dall'admin node (come ceph-deploy):
[ceph-deploy@ceph-adm ~]$ ssh-copy-id ceph-deploy@ceph-rgw-01
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/ceph-deploy/.ssh/id_rsa.pub"
The authenticity of host 'ceph-rgw-01 (192.168.60.251)' can't be established.
ECDSA key fingerprint is SHA256:La1NjlBmg1+WmDNuSMH/BBcYIDA0u7qzfeumbnqLJtM.
ECDSA key fingerprint is MD5:5d:22:c8:2a:b6:b5:f0:26:03:fb:1c:0b:c2:11:44:a6.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
ceph-deploy@ceph-rgw-01's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'ceph-deploy@ceph-rgw-01'"
and check to make sure that only the key(s) you wanted were added.
Verifica:
[ceph-deploy@ceph-adm ~]$ ssh ceph-rgw-01 hostname
ceph-rgw-01.cloud.pd.infn.it
Get file di conf di ceph da un monitor node:
[ceph-deploy@ceph-adm ~]$ cd CephProdCluster
[ceph-deploy@ceph-adm CephProdCluster]$ ceph-deploy config pull ceph-mon-01
Da un monitor:
Creazione realm cloudprod (come default realm):
[root@ceph-mon-01 ceph]# radosgw-admin realm list --rgw-realm=cloudprod
Verifica:
[root@ceph-mon-01 ceph]# radosgw-admin realm list
{
"default_info": "9f39c557-f55c-457d-afc7-f5abd3a3d1d9",
"realms": [
"cloudtest",
"cloudprod"
]
}
[root@ceph-mon-01 ceph]# radosgw-admin realm get --rgw-realm=cloudprod
{
"id": "9f39c557-f55c-457d-afc7-f5abd3a3d1d9",
"name": "cloudprod",
"current_period": "0571b076-51b1-4162-b143-3f365979c83a",
"epoch": 2
}
Creazione zonegroup e zone 'cloudprod':
[root@ceph-mon-01 ceph]# radosgw-admin zonegroup create --rgw-zonegroup=cloudprod --endpoints=http://ceph-rgw-01.cloud.pd.infn.it:7480 --rgw-realm=cloudprod --master --default
{
"id": "9519a1b3-ada1-4c0c-bfd9-61d1845f79dc",
"name": "cloudprod",
"api_name": "cloudprod",
"is_master": "true",
"endpoints": [
"http://ceph-rgw-01.cloud.pd.infn.it:7480"
],
"hostnames": [],
"hostnames_s3website": [],
"master_zone": "",
"zones": [],
"placement_targets": [],
"default_placement": "",
"realm_id": "9f39c557-f55c-457d-afc7-f5abd3a3d1d9"
}
[root@ceph-mon-01 ceph]# radosgw-admin zone create --rgw-zonegroup=cloudprod --rgw-zone=cloudprod --endpoints=http://ceph-rgw-01.cloud.pd.infn.it:7480 --rgw-realm=cloudprod --master --default
{
"id": "c7fbd8b2-ef44-4154-973b-0071b30ec1bc",
"name": "cloudprod",
"domain_root": "cloudprod.rgw.meta:root",
"control_pool": "cloudprod.rgw.control",
"gc_pool": "cloudprod.rgw.log:gc",
"lc_pool": "cloudprod.rgw.log:lc",
"log_pool": "cloudprod.rgw.log",
"intent_log_pool": "cloudprod.rgw.log:intent",
"usage_log_pool": "cloudprod.rgw.log:usage",
"reshard_pool": "cloudprod.rgw.log:reshard",
"user_keys_pool": "cloudprod.rgw.meta:users.keys",
"user_email_pool": "cloudprod.rgw.meta:users.email",
"user_swift_pool": "cloudprod.rgw.meta:users.swift",
"user_uid_pool": "cloudprod.rgw.meta:users.uid",
"system_key": {
"access_key": "",
"secret_key": ""
},
"placement_pools": [
{
"key": "default-placement",
"val": {
"index_pool": "cloudprod.rgw.buckets.index",
"data_pool": "cloudprod.rgw.buckets.data",
"data_extra_pool": "cloudprod.rgw.buckets.non-ec",
"index_type": 0,
"compression": ""
}
}
],
"metadata_heap": "",
"tier_config": [],
"realm_id": "9f39c557-f55c-457d-afc7-f5abd3a3d1d9"
}
[root@ceph-mon-01 ceph]#
Cancellazione default zonegroup e zone:
# radosgw-admin zonegroup remove --rgw-zonegroup=default --rgw-zone=default
# radosgw-admin period update --commit
# radosgw-admin zone delete --rgw-zone=default
# radosgw-admin period update --commit
# radosgw-admin zonegroup delete --rgw-zonegroup=default
# radosgw-admin period update --commit