INFN wiki

User Tools

Site Tools

Trace: ftecp SPMDaq.C
cn:ccr:cloud:cloudstorage:installazione_swift

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
cn:ccr:cloud:cloudstorage:installazione_swift [2014/11/18 16:36] – removed stalio@infn.itcn:ccr:cloud:cloudstorage:installazione_swift [2014/11/18 16:37] (current) – created stalio@infn.it
Line 1: Line 1:
 +====== Installazione Swift ======
  
 +  * Autore originale: **Giacinto Donvito**
 +  * Formattazione: **Matteo Panella**
 +
 +===== Installazione pacchetti =====
 +
 +<code>
 +# apt-get install swift openssh-server rsync memcached python-netifaces python-xattr python-memcache
 +# apt-get install swift-account swift-container swift-object xfsprogs
 +# apt-get install swift-proxy memcached python-keystoneclient python-swiftclient python-webob
 +</code>
 +
 +===== Configurazione dello storage locale =====
 +
 +<code>
 +# mkfs.xfs /dev/vdb1
 +# echo "/dev/vdb1 /srv/node/vdb1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
 +# mkdir -p /srv/node/vdb1
 +# mount /srv/node/vdb1
 +# chown -R swift:swift /srv/node
 +</code>
 +
 +Creare il file ''/etc/rsyncd.conf'' con il seguente contenuto:
 +
 +<file>
 +uid = swift
 +gid = swift
 +log file = /var/log/rsyncd.log
 +pid file = /var/run/rsyncd.pid
 +address = <STORAGE_LOCAL_NET_IP>
 +
 +[account]
 +max connections = 2
 +path = /srv/node/
 +read only = false
 +lock file = /var/lock/account.lock
 +
 +[container]
 +max connections = 2
 +path = /srv/node/
 +read only = false
 +lock file = /var/lock/container.lock
 +
 +[object]
 +max connections = 2
 +path = /srv/node/
 +read only = false
 +lock file = /var/lock/object.lock
 +</file>
 +
 +Modificare il file /etc/default/rsync:
 +<file>
 +RSYNC_ENABLE = true
 +</file>
 +
 +Generazione dei certificati (self-signed) per SSL:
 +
 +<code>
 +# cd /etc/swift
 +# openssl req -new -x509 -nodes -out cert.crt -keyout cert.key
 +</code>
 +
 +Modificare il file ''/etc/memcached.conf'' apportando il seguente cambiamento:
 +
 +<file>
 +-l 127.0.0.1
 +to
 +-l <PROXY_LOCAL_NET_IP>
 +</file>
 +
 +Riavviare memcached:
 +
 +<code>
 +# service memcached restart
 +</code>
 +
 +Creare il file di configurazione ''/etc/swift/proxy-server.conf'' come dettagliato sotto.
 +
 +Creare la signing_dir:
 +<code>
 +# mkdir -p /home/swift/keystone-signing
 +# chown -R swift:swift /home/swift/keystone-signing
 +</code>
 +
 +
 +===== Configurazione dei servizi di storage =====
 +
 +==== Creazione dei ring ====
 +
 +<code>
 +# swift-ring-builder account.builder add z1-$SWIFT_NODE_IP:6002/vdb1 100
 +# swift-ring-builder container.builder add z1-$SWIFT_NODE_IP:6001/vdb1 100
 +# swift-ring-builder object.builder add z1-$SWIFT_NODE_IP:6000/vdb1 100
 +</code>
 +
 +==== Files di configurazione dei servizi ====
 +
 +''/etc/swift/object-server.conf'':
 +<file>
 +[DEFAULT]
 +bind_ip = 0.0.0.0
 +workers = 2
 +
 +[pipeline:main]
 +pipeline = object-server
 +
 +[app:object-server]
 +use = egg:swift#object
 +
 +[object-replicator]
 +
 +[object-updater]
 +
 +[object-auditor]
 +
 +</file> 
 +
 +''/etc/swift/account-server.conf'':
 +<file>
 +[DEFAULT]
 +bind_ip = 0.0.0.0
 +workers = 2
 +
 +[pipeline:main]
 +pipeline = account-server
 +
 +[app:account-server]
 +use = egg:swift#account
 +
 +[account-replicator]
 +
 +[account-auditor]
 +
 +[account-reaper]
 +</file>
 +
 +''/etc/swift/container-server.conf'':
 +<file>
 +[DEFAULT]
 +bind_ip = 0.0.0.0
 +workers = 2
 +
 +[pipeline:main]
 +pipeline = container-server
 +
 +[app:container-server]
 +use = egg:swift#container
 +
 +[container-replicator]
 +
 +[container-updater]
 +
 +[container-auditor]
 +
 +</file>
 +
 +''/etc/swift/proxy-server.conf'':
 +<file>
 +[DEFAULT]
 +bind_port = 8080
 +user = swift
 +
 +[pipeline:main]
 +pipeline = healthcheck cache authtoken keystoneauth proxy-server
 +
 +[app:proxy-server]
 +use = egg:swift#proxy
 +allow_account_management = true
 +account_autocreate = true
 +
 +[filter:keystoneauth]
 +use = egg:swift#keystoneauth
 +operator_roles = Member,admin,swiftoperator
 +
 +[filter:authtoken]
 +paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
 +# Delaying the auth decision is required to support token-less
 +# usage for anonymous referrers ('.r:*').
 +delay_auth_decision = true
 +# cache directory for signing certificate
 +signing_dir = /home/swift/keystone-signing
 +# auth_* settings refer to the Keystone server
 +auth_protocol = http
 +auth_host = $CONTROLLER_NODE_PUBLIC_IP
 +auth_port = 35357
 +# the same admin_token as provided in keystone.conf
 +admin_token = openstack
 +# the service tenant and swift userid and password created in Keystone
 +admin_tenant_name = service
 +admin_user = swift
 +admin_password = $SWIFT_USER_PASSWORD
 +
 +[filter:cache]
 +use = egg:swift#memcache
 +
 +[filter:catch_errors]
 +use = egg:swift#catch_errors
 +
 +[filter:healthcheck]
 +use = egg:swift#healthcheck
 +</file>
 +
 +
 +Lista dei files in ''/etc/swift/'':
 +<code>
 +root@swift:/etc/swift# ls -ltr
 +total 6216
 +-rw-r--r-- 1 swift swift     183 Apr  9 09:02 object-server.conf
 +-rw-r--r-- 1 swift swift     201 Apr  9 09:02 container-server.conf
 +-rw-r--r-- 1 swift swift     188 Apr  9 09:02 account-server.conf
 +-rw-r--r-- 1 swift swift     113 Jun 12 13:52 swift.conf
 +-rw-r--r-- 1 root  root      916 Jun 12 14:00 cert.key
 +-rw-r--r-- 1 root  root     1131 Jun 12 14:00 cert.crt
 +lrwxrwxrwx 1 root  root       28 Jun 12 14:53 swift-proxy.conf -> /etc/swift/proxy-server.conf
 +-rw-r--r-- 1 root  root     1150 Jun 12 15:32 proxy-server.conf
 +-rw-r--r-- 1 root  root     1724 Jun 13 14:05 account.ring.gz
 +-rw-r--r-- 1 root  root  2099711 Jun 13 14:05 account.builder
 +-rw-r--r-- 1 root  root     1725 Jun 13 14:05 container.ring.gz
 +-rw-r--r-- 1 root  root  2099709 Jun 13 14:05 container.builder
 +-rw-r--r-- 1 root  root     1722 Jun 13 14:06 object.ring.gz
 +-rw-r--r-- 1 root  root  2099709 Jun 13 14:06 object.builder
 +drwxr-xr-x 2 root  root     4096 Jun 13 14:06 backups
 +-rw-r--r-- 1 root  root      222 Jun 13 14:58 novarc
 +</code>
 +
 +===== Test della configurazione =====
 +
 +==== Configurazione variabili di autenticazione ====
 +
 +<code>
 +# export OS_TENANT_NAME=admin
 +# export OS_USERNAME=admin
 +# export OS_PASSWORD=$SWIFT_USER_PASSWORD
 +# export OS_AUTH_URL="http://$CONTROLLER_NODE_PUBLIC_IP:5000/v2.0/"
 +</code>
 +
 +==== Test lato client ====
 +
 +<code>
 +root@swift:/etc/swift# swift stat giacinto prova_big_file
 +       Account: AUTH_d9e5b6880a444d2986c691652e53674f
 +     Container: giacinto
 +        Object: prova_big_file
 +  Content Type: application/octet-stream
 +Content Length: 480247808
 + Last Modified: Fri, 14 Jun 2013 07:46:13 GMT
 +          ETag: 19882d2dce6140c6033c514e91e49e37
 +Meta Orig-Filename: proxmox-ve_3.0-f8f25665-10.iso
 + Accept-Ranges: bytes
 +   X-Timestamp: 1371195973.28637
 +</code>
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki