热门标签
热门文章
- 1计算机专业转教育技术,转现代教育技术试题.doc
- 2Android平台架构和Android Framework的区别
- 3ESXI 7.0 安装 MacOS_esxi装苹果
- 4已知深度图,获得某个像素点的三维坐标_像素坐标 根据深度信息 得到 3维点
- 5CrossOver 22中文版本更新上线功能介绍_crossover arm
- 6c语言中如何将以IEEE754标准显示的int型变量转换float型变量_flutter int32 转ieee754
- 7push发出去php,unipush 服务端PHP不能离线发送
- 8鸿蒙系统基于安卓是什么意思,华为鸿蒙系统基于安卓还是Linux呢?
- 9PyQt5 实战记录1 如何进行资源打包_pyqt5 打包 图片
- 10mips汇编基础与解析_汇编jarl
当前位置: article > 正文
OpenStack组件Swift单机搭建_grsmq
作者:笔触狂放9 | 2024-03-10 05:49:39
赞
踩
grsmq
转载自:https://yq.aliyun.com/articles/65321 我只是记录一下
OpenStack组件Swift单机搭建(基于Keystone)
安装环境:Ubuntu 16.04
需要有两块硬盘(一块为系统盘,一块用于安装SWIFT)
需要有IP地址
环境准备
- 修改hosts文件
- 安装相关服务
修改hosts
编辑 /etc/hosts,添加
IP地址 controller
安装Openstack源并更新和安装
- apt install software-properties-common
- add-apt-repository cloud-archive:newton
- apt update && apt dist-upgrade
安装完成后重启
安装Openstack客户端
apt install python-openstackclient
安装数据库
1、安装数据库服务
apt install mariadb-server python-pymysql
2、创建或修改/etc/mysql/mariadb.conf.d/99-openstack.cnf文件
(若文件存在则修改,不存在则创建,存在的文件中若未提及的选项则保持不变,下同)
- [mysqld]
- bind-address = 你的IP地址
-
- default-storage-engine = innodb
- innodb_file_per_table
- max_connections = 4096
- collation-server = utf8_general_ci
- character-set-server = utf8
3、将/etc/mysql/mariadb.conf.d/下所有的文件中所有utf8mb4改为utf8
4、进入数据库,设置root密码,添加远程登录权限
- # mysql -u root
- mysql> GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' \
- IDENTIFIED BY 'root密码';
- mysql> GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' \
- IDENTIFIED BY 'root密码';
- mysql> flush privileges;
- mysql> exit;
5、重启数据库
service mysql restart
安装消息队列服务(Message Queue)
1、安装服务
apt install rabbitmq-server
2、添加openstack用户并添加权限
- rabbitmqctl add_user openstack 设置一个密码
- rabbitmqctl set_permissions openstack ".*" ".*" ".*"
安装分布式缓存服务(Memcached)
1、安装服务
apt install memcached python-memcache
2、修改配置文件/etc/memcached.conf
-l 你的IP地址
3、重启服务
service memcached restart
安装配置Keystone,并添加域、项目、用户和角色
准备
1、添加Keystone数据库和相关用户
- # mysql -u root -p
- Create the keystone database:
- mysql> CREATE DATABASE keystone;
- mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
- IDENTIFIED BY 'Keystone密码';
- mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
- IDENTIFIED BY 'Keystone密码';
2、安装服务
apt install keystone
配置Keystone
1、编辑/etc/keystone/keystone.conf
- [database]
- connection = mysql+pymysql://keystone:'keystone用户的密码'@controller/keystone
- [token]
- provider = fernet
2、填充keystone数据库
启动mariadb远程访问
sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/mariadb.conf.d/50-server.cnf
su -s /bin/sh -c "keystone-manage db_sync" keystone
3、初始化Fernet key repositories(似乎是个专有名词不知道咋翻译)
- keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
- keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
4、对认证服务进行引导
- keystone-manage bootstrap --bootstrap-password 设置一个admin密码 \
- --bootstrap-admin-url http://controller:35357/v3/ \
- --bootstrap-internal-url http://controller:35357/v3/ \
- --bootstrap-public-url http://controller:5000/v3/ \
- --bootstrap-region-id RegionOne
配置Apache HTTP服务
1、编辑/etc/apache2/apache2.conf
ServerName controller
2、重启apache服务,并且删除SQLite数据库
- service apache2 restart
- rm -f /var/lib/keystone/keystone.db
3、添加一些环境变量(临时的哦)
- export OS_USERNAME=admin
- export OS_PASSWORD=这里写你刚才设置的admin的密码
- export OS_PROJECT_NAME=admin
- export OS_USER_DOMAIN_NAME=default
- export OS_PROJECT_DOMAIN_NAME=default
- export OS_AUTH_URL=http://controller:35357/v3
- export OS_IDENTITY_API_VERSION=3
创建域、项目、用户和角色
1、创建一个service项目
- openstack project create --domain default \
- --description "Service Project" service
2、创建一个demo项目和user
创建demo项目
- openstack project create --domain default \
- --description "Service Project" service
- 创建demo用户
- openstack project create --domain default \
- --description "Demo Project" demo
- openstack user create --domain default \
- --password-prompt demo(输入此句后会需要设置demo的密码)
创建user角色
openstack role create user
添加user角色到demo项目和用户中
openstack role add --project demo --user demo user
验证操作
1、基于安全的考虑在/etc/keystone/keystone-paste.ini中移除
[pipeline:public_api], [pipeline:admin_api],[pipeline:api_v3] 中的admin_token_auth
2、移除掉一些环境变量
unset OS_AUTH_URL OS_PASSWORD
3、以admin用户的身份请求一个认证令牌
- openstack --os-auth-url http://controller:35357/v3 \
- --os-project-domain-name default --os-user-domain-name default \
- --os-project-name admin --os-username admin token issue
- (会要求输入admin的密码)
如果出现类似于以下的信息则表示成功
- +------------+-----------------------------------------------------------------+
- | Field | Value |
- +------------+-----------------------------------------------------------------+
- | expires | 2016-02-12T20:14:07.056119Z |
- | id | gAAAAABWvi7_B8kKQD9wdXac8MoZiQldmjEO643d-e_j-XXq9AmIegIbA7UHGPv |
- | | atnN21qtOMjCFWX7BReJEQnVOAj3nclRQgAYRsfSU_MrsuWb4EDtnjU7HEpoBb4 |
- | | o6ozsA_NmFWEpLeKy0uNn_WeKbAhYygrsmQGA49dclHVnz-OMVLiyM9ws |
- | project_id | 343d245e850143a096806dfaefa9afdc |
- | user_id | ac3377633149401296f6c0d92d79dc16 |
- +------------+-----------------------------------------------------------------+
3、以demo用户的身份请求一个认证令牌
- openstack --os-auth-url http://controller:5000/v3 \
- --os-project-domain-name default --os-user-domain-name default \
- --os-project-name demo --os-username demo token issue
- (会要求输入demo的密码)
如果出现类似于以下的信息则表示成功
- +------------+-----------------------------------------------------------------+
- | Field | Value |
- +------------+-----------------------------------------------------------------+
- | expires | 2016-02-12T20:14:07.056119Z |
- | id | gAAAAABWvi7_B8kKQD9wdXac8MoZiQldmjEO643d-e_j-XXq9AmIegIbA7UHGPv |
- | | atnN21qtOMjCFWX7BReJEQnVOAj3nclRQgAYRsfSU_MrsuWb4EDtnjU7HEpoBb4 |
- | | o6ozsA_NmFWEpLeKy0uNn_WeKbAhYygrsmQGA49dclHVnz-OMVLiyM9ws |
- | project_id | 343d245e850143a096806dfaefa9afdc |
- | user_id | ac3377633149401296f6c0d92d79dc16 |
- +------------+-----------------------------------------------------------------+
写脚本
由于环境变量会失效(除非你设置在bashrc里面去了,不过这不利于更换用户身份)为了方便,可以创建一些脚本
1、创建admin-openrc文件
2、创建demo-openrc文件
3、验证一下
如果出现类似于以下的信息则表示成功
安装并配置Swift服务
环境准备
1、运行脚本
source admin-openrc
2、向Keystone添加swift相关信息
添加swift用户
openstack user create --domain default --password-prompt swift(此处要设置密码)
将admin角色加入到swift用户中
openstack role add --project service --user swift admin
添加swift服务实体
- openstack service create --name swift \
- --description "OpenStack Object Storage" object-store
添加对象存储服务API的端点(endpoints)
- openstack endpoint create --region RegionOne \
- object-store public http://controller:8080/v1/AUTH_%\(tenant_id\)s
-
-
- openstack endpoint create --region RegionOne \
- object-store internal http://controller:8080/v1/AUTH_%\(tenant_id\)s
-
-
- openstack endpoint create --region RegionOne \
- object-store admin http://controller:8080/v1
3、安装相关服务
- apt install swift swift-proxy python-swiftclient \
- python-keystoneclient python-keystonemiddleware \
- memcached \
- swift swift-account swift-container swift-object
配置proxy服务
1、创建并进入/etc/swift文件夹
2、下载proxy-server.conf
curl -o /etc/swift/proxy-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/proxy-server.conf-sample?h=stable/newton
3、编辑proxy-server.conf
- [DEFAULT]
- bind_port = 8080
- user = swift
- swift_dir = /etc/swift
-
- [pipeline:main]
- pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk ratelimit authtoken keystoneauth container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server
- [app:proxy-server]
- use = egg:swift#proxy
- account_autocreate = True
-
- [filter:keystoneauth]
- use = egg:swift#keystoneauth
- operator_roles = admin,user
-
- [filter:authtoken]
- paste.filter_factory = keystonemiddleware.auth_token:filter_factory
- auth_uri = http://controller:5000
- auth_url = http://controller:35357
- memcached_servers = controller:11211
- auth_type = password
- project_domain_name = default
- user_domain_name = default
- project_name = service
- username = swift
- password = 你设置的swift密码
- delay_auth_decision = True
-
- [filter:cache]
- use = egg:swift#memcache
- memcache_servers = controller:11211
配置存储相关服务
1、安装服务
apt install xfsprogs rsync
2、格式化硬盘为XFS格式
(如果不知道硬盘名,可使用fdisk -l查看)
mkfs.xfs /dev/硬盘
3、创建挂载节点的文件目录
mkdir -p /srv/node/硬盘
4、在/etc/fstab中添加
/dev/硬盘 /srv/node/硬盘 xfs noatime,nodiratime,nobarrier,logbufs=8 0 2
5、挂载硬盘
mount /srv/node/硬盘
6、创建并编辑文件 /etc/rsyncd.conf
- mkdir /etc/rsyncd.conf
- uid = swift
- gid = swift
- log file = /var/log/rsyncd.log
- pid file = /var/run/rsyncd.pid
- address = 你的IP
-
- [account]
- max connections = 2
- path = /srv/node/
- read only = False
- lock file = /var/lock/account.lock
-
- [container]
- max connections = 2
- path = /srv/node/
- read only = False
- lock file = /var/lock/container.lock
-
- [object]
- max connections = 2
- path = /srv/node/
- read only = False
- lock file = /var/lock/object.lock
7、编辑/etc/default/rsync
RSYNC_ENABLE=true
8、启动rsync服务
service rsync start
9、下载配置文件
- curl -o /etc/swift/account-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/account-server.conf-sample?h=stable/newton
- curl -o /etc/swift/container-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/container-server.conf-sample?h=stable/newton
- curl -o /etc/swift/object-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/object-server.conf-sample?h=stable/newton
10、编辑/etc/swift/account-server.conf
- [DEFAULT]
- bind_ip = 你的IP
- bind_port = 6002
- user = swift
- swift_dir = /etc/swift
- devices = /srv/node
- mount_check = True
- [pipeline:main]
- pipeline = healthcheck recon account-server
- [filter:recon]
- use = egg:swift#recon
- recon_cache_path = /var/cache/swift
11、编辑/etc/swift/container-server.conf
- [DEFAULT]
- bind_ip = 你的IP
- bind_port = 6001(2.conf为6011)
- user = swift
- swift_dir = /etc/swift
- devices = /srv/node
- mount_check = True
- [pipeline:main]
- pipeline = healthcheck recon container-server
- [filter:recon]
- use = egg:swift#recon
- recon_cache_path = /var/cache/swift
12、编辑/etc/swift/object-server.conf
- [DEFAULT]
- bind_ip = 你的IP
- bind_port = 6000
- user = swift
- swift_dir = /etc/swift
- devices = /srv/node
- mount_check = True
- [pipeline:main]
- pipeline = healthcheck recon object-server
- [filter:recon]
- use = egg:swift#recon
- recon_cache_path = /var/cache/swift
- recon_lock_path = /var/lock
13、修改权限
- chown -R swift:swift /srv/node/*
- mkdir -p /var/cache/swift/1 /var/cache/swift/2
- chown -R root:swift /var/cache/swift/*
- chmod -R 775 /var/cache/swift/*
创建并分配初始化环
1、在/etc/swift中执行以下命令
- swift-ring-builder account.builder create 10 1 1
-
- swift-ring-builder account.builder add \
- --region 1 --zone 1 --ip 你的IP地址 --port 6002 --device 你的硬盘 --weight 100
-
- swift-ring-builder account.builder rebalance
-
- swift-ring-builder container.builder create 10 1 1
-
- swift-ring-builder container.builder add \
- --region 1 --zone 1 --ip 你的IP地址 --port 6001 --device 你的硬盘 --weight 100
-
- swift-ring-builder container.builder rebalance
-
- swift-ring-builder object.builder create 10 1 1
-
- swift-ring-builder object.builder add \
- --region 1 --zone 1 --ip 你的IP地址 --port 6000 --device 你的硬盘 --weight 100
-
- swift-ring-builder object.builder rebalance
2、在/etc/swift下下载文件
- curl -o /etc/swift/swift.conf \
- https://git.openstack.org/cgit/openstack/swift/plain/etc/swift.conf-sample?h=stable/newton
3、执行以下命令两次获得两个字符串
openssl rand -hex 10
4、编辑/etc/swift/swift.conf
- [swift-hash]
- swift_hash_path_suffix = 第一个字符串
- swift_hash_path_prefix = 第二个字符串
- [storage-policy:0]
- name = Policy-0
- default = yes
5、修改权限
chown -R root:swift /etc/swift/*
6、重启服务
- service memcached restart
- service swift-proxy restart
7、启动对象存储服务
swift-init all start
验证swift
1、运行脚本
source demo-openrc
2、获得服务状态
swift stat
显示类似以下信息即成功
- Account: AUTH_ed0b60bf607743088218b0a533d5943f
- Containers: 0
- Objects: 0
- Bytes: 0
- Containers in policy "policy-0": 0
- Objects in policy "policy-0": 0
- Bytes in policy "policy-0": 0
- X-Account-Project-Domain-Id: default
- X-Timestamp: 1444143887.71539
- X-Trans-Id: tx1396aeaf17254e94beb34-0056143bde
- Content-Type: text/plain; charset=utf-8
- Accept-Ranges: bytes
3、创建一个容器
openstack container create 容器名
4、上传一个对象
openstack object create 容器名 对象名
5、获得对象列表
openstack object list 容器名字
6、下载对象
openstack object save 容器名 对象名
也可以用curl或postman验证
声明:本文内容由网友自发贡献,转载请注明出处:【wpsshop博客】
推荐阅读
相关标签
