OpenStack Swift是一个分布式对象存储系统,它可以为大规模的数据存储提供高可用性、可扩展性和数据安全性。Swift是OpenStack的一个核心组件,它允许用户将大量的数据存储在云上,并且可以随时访问、检索和管理这些数据。
Swift的设计目标是为了处理海量数据和大规模数据的高并发访问,它采用了一些独特的技术和架构,如分布式存储、数据冗余、负载均衡、数据分片、对象容器等。
在先前的教程中,介绍了安装openstack及其相关组件的具体过程,本文介绍如何安装swift。
在按照本教程操作之前,请确保完成以下配置:
【Openstack Train安装】一、虚拟机创建
【Openstack Train安装】二、NTP安装
【Openstack Train安装】三、openstack安装
【Openstack Train安装】四、MariaDB/RabbitMQ 安装
【Openstack Train安装】五、Memcached/Etcd安装
【Openstack Train安装】六、Keystone安装
【Openstack Train安装】七、glance安装
【Openstack Train安装】八、placement安装
【Openstack Train安装】九、Nova安装
【Openstack Train安装】十、Neutron安装
【Openstack Train安装】十一、Dashboard 安装
【Openstack Train安装】十二、Cinder安装
安装环境如下
| VMware Workstation | V17.0 |
| 本机系统 | win11 |
| 虚拟机系统 | CentOS 7.5 |
一、控制节点
以下操作在控制节点运行
登录admin:
. admin-openrc创建swift用户:
openstack user create --domain default --password-prompt swift如下图:
openstack service create --name swift --description "OpenStack Object Storage" object-store
添加admin权限:
openstack role add --project service --user swift admin创建服务入口:
openstack service create --name swift --description "OpenStack Object Storage" object-store如下图:
创建API端点:
openstack endpoint create --region RegionOne object-store public http://controller:8080/v1/AUTH_%\(project_id\)s
openstack endpoint create --region RegionOne object-store internal http://controller:8080/v1/AUTH_%\(project_id\)s
openstack endpoint create --region RegionOne object-store admin http://controller:8080/v1
如下图:
安装swift:
yum install openstack-swift-proxy python-swiftclient python-keystoneclient python-keystonemiddleware memcached -y获取代理服务配置:
curl -o /etc/swift/proxy-server.conf https://opendev.org/openstack/swift/raw/branch/master/etc/proxy-server.conf-sample如下图:
备份并删除配置文件的注释:
mv /etc/swift/proxy-server.conf /etc/swift/proxy-server.conf.source
cat /etc/swift/proxy-server.conf.source | grep -Ev "^#|^$" > /etc/swift/proxy-server.conf编辑/etc/swift/proxy-server.conf,删除[pipeline:main] 的 tempurl 和tempauth ,完成以下内容:
[DEFAULT]
bind_port = 8080
user = swift
swift_dir = /etc/swift
[pipeline:main]
pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk ratelimit authtoken keystoneauth container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server
[app:proxy-server]
use = egg:swift#proxy
account_autocreate = True
[filter:keystoneauth]
use = egg:swift
operator_roles = admin,user
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = swift
password = 123456
delay_auth_decision = True
[filter:cache]
use = egg:swift
memcache_servers = controller:11211
二、计算节点
本教程只包含控制节点和计算节点,计算节点也做存储节点用,以下操作在计算节点运行。
安装相关库:
yum install xfsprogs rsync -y添加4个20GB的硬盘,添加的教程可以参考【Openstack Train安装】十二、Cinder安装,一共6块硬盘(cinder添加一个,本文添加4个):
使用以下命令扫描硬盘:
for i in /sys/class/scsi_host/host*/scan;do echo "- - -" >$i;done查看硬盘列表:
fdisk -l如下图:
转换/dev/sdc为XFS格式(因为我的前两块硬盘被用了,所以这里使用第三个硬盘,请根据自己的情况调整):
mkfs.xfs /dev/sdc
mkfs.xfs /dev/sdd
mkfs.xfs /dev/sde
mkfs.xfs /dev/sdf如下图:
创建挂载的目录:
mkdir -p /srv/node/sdc
mkdir -p /srv/node/sdd
mkdir -p /srv/node/sde
mkdir -p /srv/node/sdf编辑 /etc/fstab,添加以下内容:
/dev/sdc /srv/node/sdc xfs noatime,nodiratime,logbufs=8 0 2
/dev/sdd /srv/node/sdd xfs noatime,nodiratime,logbufs=8 0 2
/dev/sde /srv/node/sde xfs noatime,nodiratime,logbufs=8 0 2
/dev/sdf /srv/node/sdf xfs noatime,nodiratime,logbufs=8 0 2如下图:
挂载硬盘:
mount /srv/node/sdc
mount /srv/node/sdd
mount /srv/node/sde
mount /srv/node/sdf创建文件或者编辑/etc/rsyncd.conf ,并添加以下内容:
uid = swift
gid = swift
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
address = 10.0.0.31
[account]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/account.lock
[container]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/container.lock
[object]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/object.lock设置开机自启,并启动该服务:
systemctl enable rsyncd.service
systemctl start rsyncd.service安装包:
yum install openstack-swift-account openstack-swift-container openstack-swift-object -y获取相关信息:
curl -o /etc/swift/account-server.conf https://opendev.org/openstack/swift/raw/branch/master/etc/account-server.conf-sample
curl -o /etc/swift/container-server.conf https://opendev.org/openstack/swift/raw/branch/master/etc/container-server.conf-sample
curl -o /etc/swift/object-server.conf https://opendev.org/openstack/swift/raw/branch/master/etc/object-server.conf-sample保存并备份/etc/swift/account-server.conf:
mv /etc/swift/account-server.conf /etc/swift/account-server.conf.source
cat /etc/swift/account-server.conf.source | grep -Ev "^#|^$" > /etc/swift/account-server.conf编辑/etc/swift/account-server.conf,并设置以下信息:
[DEFAULT]
bind_ip = 10.0.0.31
bind_port = 6202
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = True
[pipeline:main]
pipeline = healthcheck recon account-server
[filter:recon]
use = egg:swift#recon
recon_cache_path = /var/cache/swift
备份并删除/etc/swift/container-server.conf的注释:
mv /etc/swift/container-server.conf /etc/swift/container-server.conf.source
cat /etc/swift/container-server.conf.source | grep -Ev "^#|^$" > /etc/swift/container-server.conf编辑/etc/swift/container-server.conf,做出如下改动:
[DEFAULT]
bind_ip = 10.0.0.31
bind_port = 6201
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = True
[pipeline:main]
pipeline = healthcheck recon container-server
[filter:recon]
use = egg:swift#recon
recon_cache_path = /var/cache/swift备份/etc/swift/object-server.conf:
mv /etc/swift/object-server.conf /etc/swift/object-server.conf.source
cat /etc/swift/object-server.conf.source | grep -Ev "^#|^$" > /etc/swift/object-server.conf编辑/etc/swift/object-server.conf,添加以下内容:
[DEFAULT]
bind_ip = 10.0.0.31
bind_port = 6200
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = True
[pipeline:main]
pipeline = healthcheck recon object-server
[filter:recon]
use = egg:swift#recon
recon_cache_path = /var/cache/swift
recon_lock_path = /var/lock修改文件权限:
chown -R swift:swift /srv/node创建相关目录并授予权限:
mkdir -p /var/cache/swift
chown -R root:swift /var/cache/swift
chmod -R 775 /var/cache/swift三、完成安装
在控制节点运行以下命令。
进入/etc/swift 目录:
创建账户account.builder:
swift-ring-builder account.builder create 10 3 1将存储节点添加到ring:
swift-ring-builder account.builder add --region 1 --zone 1 --ip 10.0.0.31 --port 6202 --device sdc --weight 100
swift-ring-builder account.builder add --region 1 --zone 1 --ip 10.0.0.31 --port 6202 --device sdd --weight 100
swift-ring-builder account.builder add --region 1 --zone 1 --ip 10.0.0.31 --port 6202 --device sde --weight 100
swift-ring-builder account.builder add --region 1 --zone 1 --ip 10.0.0.31 --port 6202 --device sdf --weight 100查看ring:
swift-ring-builder account.builder如下图:
rebalance ring:
swift-ring-builder account.builder rebalance如下图:
创建容器ring:
swift-ring-builder container.builder create 10 3 1添加到ring:
swift-ring-builder container.builder add --region 1 --zone 1 --ip 10.0.0.31 --port 6201 --device sdc --weight 100
swift-ring-builder container.builder add --region 1 --zone 1 --ip 10.0.0.31 --port 6201 --device sdd --weight 100
swift-ring-builder container.builder add --region 1 --zone 1 --ip 10.0.0.31 --port 6201 --device sde --weight 100
swift-ring-builder container.builder add --region 1 --zone 1 --ip 10.0.0.31 --port 6201 --device sdf --weight 100查看ring:
swift-ring-builder container.builder如下图:
rebalance ring:
swift-ring-builder container.builder rebalance如下图:
创建对象ring:
swift-ring-builder object.builder create 10 3 1添加到ring:
swift-ring-builder object.builder add --region 1 --zone 1 --ip 10.0.0.31 --port 6200 --device sdc --weight 100
swift-ring-builder object.builder add --region 1 --zone 1 --ip 10.0.0.31 --port 6200 --device sdd --weight 100
swift-ring-builder object.builder add --region 1 --zone 1 --ip 10.0.0.31 --port 6200 --device sde --weight 100
swift-ring-builder object.builder add --region 1 --zone 1 --ip 10.0.0.31 --port 6200 --device sdf --weight 100查看ring:
swift-ring-builder object.builder如下:
rebalance ring:
swift-ring-builder object.builder rebalance如下图:
将account.ring.gz, container.ring.gz和object.ring.gz三个文件拷贝到其他节点的/etc/swift目录,使用下面的命令(Ip地址要换成自己的,本教程计算节点是10.0.0.31):
scp /etc/swift/*.ring.gz root@10.0.0.31:/etc/swift/如下图,复制成功:
在控制节点运行以下命令:
curl -o /etc/swift/swift.conf https://opendev.org/openstack/swift/raw/branch/master/etc/swift.conf-sample备份/etc/swift/swift.conf,并删除注释:
mv /etc/swift/swift.conf /etc/swift/swift.conf.source
cat /etc/swift/swift.conf.source | grep -Ev "^#|^$" > /etc/swift/swift.conf编辑/etc/swift/swift.conf,完成以下配置(该文件默认已经配置好了):
[swift-hash]
...
swift_hash_path_suffix = changeme
swift_hash_path_prefix = changeme
[storage-policy:0]
...
name = Policy-0
default = yes将swift.conf 复制到其他存储节点的 /etc/swift 目录下,本教程只需要复制到计算节点,运行以下命令:
scp /etc/swift/swift.conf root@10.0.0.31:/etc/swift/在所有节点,修改文件权限:
chown -R root:swift /etc/swift控制节点运行:
systemctl enable openstack-swift-proxy.service memcached.service
systemctl start openstack-swift-proxy.service memcached.service计算节点修改权限:
chown -R swift:swift /srv/node计算节点运行:
systemctl enable openstack-swift-account.service openstack-swift-account-auditor.service openstack-swift-account-reaper.service openstack-swift-account-replicator.service
systemctl start openstack-swift-account.service openstack-swift-account-auditor.service openstack-swift-account-reaper.service openstack-swift-account-replicator.service
systemctl enable openstack-swift-container.service openstack-swift-container-auditor.service openstack-swift-container-replicator.service openstack-swift-container-updater.service
systemctl start openstack-swift-container.service openstack-swift-container-auditor.service openstack-swift-container-replicator.service openstack-swift-container-updater.service
systemctl enable openstack-swift-object.service openstack-swift-object-auditor.service openstack-swift-object-replicator.service openstack-swift-object-updater.service
systemctl start openstack-swift-object.service openstack-swift-object-auditor.service openstack-swift-object-replicator.service openstack-swift-object-updater.service四、验证
登录demo用户:
. demo-openrc查看swift状态(如果权限有问题就登录admin账户):
swift stat如下图:
创建container1 容器:
openstack container create container1如下图:
上传文件到container1容器(我传的cirros):
openstack object create container1 cirros-0.4.0-x86_64-disk.img如下图:
查看容器中的文件:
openstack object list container1如下图:
下载容器中的文件(cirros镜像):
openstack object save container1 cirros-0.4.0-x86_64-disk.img如下图:
