15.OpenStack-Ocata 对象存储Object Storage

对象存储是一个多租户对象存储系统,具有高度的扩展性。

本次使用的为CentOS操作系统。

在每个存储节点上执行。

配置网络

查看此文章:OpenStack-Ocata 服务器网络配置

时间同步

查看此文章:OpenStack-Ocata 网络时间协议(NTP) 同步时间

安装软件包

查看此文章:OpenStack-Ocata 安装OpenStack包

安装和配置控制器节点

代理服务依赖于身份验证和授权机制,例如身份服务。与其他服务不同的是,它还提供了一种内部机制,允许它在没有任何其他 OpenStack 服务的情况下运行。在配置对象存储服务之前,必须创建服务凭证和 API 端点。

对象存储服务不使用控制器节点上的数据库。因为,它在每个存储节点上使用分布式数据库。

使用admin-openrc脚本获取管理员权限

. admin-openrc

创建swift用户

openstack user create --domain default --password SWIFT_PASS swift

密码为SWIFT_PASS

图片[1]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

admin角色添加到swift用户:

openstack role add --project service --user swift admin

此命令不提供任何输出。

创建swift服务实体:

openstack service create --name swift --description "OpenStack Object Storage" object-store

图片[2]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

创建对象存储服务 API 端点:

openstack endpoint create --region RegionOne \
  object-store public http://controller:8080/v1/AUTH_%\(project_id\)s

图片[3]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

openstack endpoint create --region RegionOne \
  object-store internal http://controller:8080/v1/AUTH_%\(project_id\)s

图片[4]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

openstack endpoint create --region RegionOne \
  object-store admin http://controller:8080/v1

图片[5]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

非必要选项:

我有多添加endpoint,如果和我一样请查看 swiftendpoint 是否多余

openstack endpoint list | grep swift

图片[6]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

请使用openstack endpoint delete删除它

openstack endpoint delete ID

图片[7]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

安装和配置组件

yum install -y openstack-swift-proxy python-swiftclient python-keystoneclient python-keystonemiddleware

完整的 OpenStack 环境已经包含其中的一些包。

从opendev源存储库中获取代理服务配置文件:

opendev地址:

curl -o /etc/swift/proxy-server.conf https://opendev.org/openstack/swift/raw/branch/master/etc/proxy-server.conf-sample

图片[8]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

编辑/etc/swift/proxy-server.conf文件

vim /etc/swift/proxy-server.conf

[DEFAULT]中,绑定端口、用户和配置目录:

[DEFAULT]
bind_port = 8080
swift_dir = /etc/swift
user = swift

图片[9]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

[pipeline:main]中,删除tempurltempauth模块并添加authtokenkeystoneauth 模块:

[pipeline:main]
pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk ratelimit authtoken keystoneauth container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server

图片[10]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

不要更改模块的顺序。

[app:proxy-server]中,启用自动帐户创建:

[app:proxy-server]
use = egg:swift#proxy
account_autocreate = True

图片[11]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

[filter:keystoneauth]中,配置操作员角色:

[filter:keystoneauth]
use = egg:swift#keystoneauth
operator_roles = admin,user

图片[12]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

[filter:authtoken]中,配置身份服务访问:

[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = swift
password = SWIFT_PASS
delay_auth_decision = True

图片[13]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

替换为您在身份服务中SWIFT_PASS为用户选择的密码。

[filter:cache]中,配置memcached位置:

[filter:cache]
use = egg:swift#memcache
memcache_servers = controller:11211

图片[14]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

安装和配置存储节点

在存储节点上安装和配置对象存储服务之前,必须准备好2台存储设备,并且加上2块硬盘。

挂载后在节点上扫描一下挂载的硬盘

echo "- - -" > /sys/class/scsi_host/host0/scan

图片[15]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

输入lsblk后如果没有扫描到新硬盘,请扫描/sys/class/scsi_host/下的所以文件夹

img

我们会在host文件夹下发现host0/host1/ host2/ 我们一个一个扫描,直到lsblk命令出现新的硬盘。

echo "- - -" > /sys/class/scsi_host/host1/scan
echo "- - -" > /sys/class/scsi_host/host2/scan

在每个存储节点上执行。

安装支持的实用程序包:

yum install -y xfsprogs rsync

/dev/sdb将和设备格式化/dev/sdc为 XFS:

mkfs.xfs /dev/sdb
mkfs.xfs /dev/sdc

创建挂载点目录结构:

mkdir -p /srv/node/sdb
mkdir -p /srv/node/sdc

图片[17]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

编辑/etc/fstab文件并将以下内容添加到其中:

vim /etc/fstab
/dev/sdb /srv/node/sdb xfs noatime,nodiratime,nobarrier,logbufs=8 0 2
/dev/sdc /srv/node/sdc xfs noatime,nodiratime,nobarrier,logbufs=8 0 2

图片[18]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

挂载目录:

mount /srv/node/sdb
mount /srv/node/sdc

图片[19]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

创建或编辑/etc/rsyncd.conf文件以包含以下内容:

vim /etc/rsyncd.conf
uid = swift
gid = swift
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
address = 存储节点IP地址

[account]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/account.lock

[container]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/container.lock

[object]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/object.lock

图片[20]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

启动rsyncd服务并将其配置为在系统启动时启动:

systemctl enable rsyncd.service;systemctl start rsyncd.service

安装和配置组件

安装软件包:

yum install -y openstack-swift-account openstack-swift-container openstack-swift-object

从对象存储源存储库中获取记帐、容器和对象服务配置文件:

curl -o /etc/swift/account-server.conf https://opendev.org/openstack/swift/raw/branch/master/etc/account-server.conf-sample
curl -o /etc/swift/container-server.conf https://opendev.org/openstack/swift/raw/branch/master/etc/container-server.conf-sample
curl -o /etc/swift/object-server.conf https://opendev.org/openstack/swift/raw/branch/master/etc/object-server.conf-sample

图片[21]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

编辑/etc/swift/account-server.conf文件并完成以下操作:

vim /etc/swift/account-server.conf

配置[DEFAULT]绑定IP地址、绑定端口、用户、配置目录、挂载点目录:

[DEFAULT]
...
bind_ip = 存储节点的IP地址
bind_port = 6202
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = True

图片[22]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

在该[pipeline:main]部分中,启用相应的模块:

[pipeline:main]
pipeline = healthcheck recon account-server

图片[23]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

在该[filter:recon]部分中,配置缓存目录:

[filter:recon]
use = egg:swift#recon
...
recon_cache_path = /var/cache/swift

图片[24]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

编辑/etc/swift/container-server.conf文件并完成以下操作:

vim /etc/swift/container-server.conf

配置[DEFAULT]绑定IP地址、绑定端口、用户、配置目录、挂载点目录:

[DEFAULT]
...
bind_ip = 存储节点的IP地址
bind_port = 6201
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = True

图片[25]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

在该[pipeline:main]部分中,启用相应的模块:

[pipeline:main]
pipeline = healthcheck recon container-server

图片[26]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

在该[filter:recon]部分中,配置缓存目录:

[filter:recon]
use = egg:swift#recon
...
recon_cache_path = /var/cache/swift

图片[27]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

编辑/etc/swift/object-server.conf文件并完成以下操作:

vim /etc/swift/object-server.conf

配置[DEFAULT]绑定IP地址、绑定端口、用户、配置目录、挂载点目录:

[DEFAULT]
...
bind_ip = 存储节点的IP地址
bind_port = 6200
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = True

图片[28]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

在该[pipeline:main]部分中,启用相应的模块:

[pipeline:main]
pipeline = healthcheck recon object-server

图片[29]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

在该[filter:recon]部分中,配置缓存和锁定目录:

[filter:recon]
use = egg:swift#recon
...
recon_cache_path = /var/cache/swift
recon_lock_path = /var/lock

图片[30]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

确保正确拥有挂载点目录结构:

chown -R swift:swift /srv/node

创建recon目录并确保它的正确所有权:

mkdir -p /var/cache/swift
chown -R root:swift /var/cache/swift
chmod -R 775 /var/cache/swift

创建初始帐户、容器和对象

创建账户圈

控制节点使用帐户圈来维护容器列表。

切换到/etc/swift目录。

cd /etc/swift

创建基础account.builder文件:

swift-ring-builder account.builder create 10 3 1

将每个存储节点添加到圈中:

swift-ring-builder account.builder \
  add --region 1 --zone 1 --ip 储节点IP地址 --port 6202 \
  --device 存储设备名称 --weight 权重

例如我的:

swift-ring-builder account.builder add --region 1 --zone 1 --ip 192.168.145.136 --port 6202 --device sdb --weight 100
swift-ring-builder account.builder add --region 1 --zone 1 --ip 192.168.145.136 --port 6202 --device sdc --weight 100
swift-ring-builder account.builder add --region 1 --zone 2 --ip 192.168.145.137 --port 6202 --device sdc --weight 100
swift-ring-builder account.builder add --region 1 --zone 2 --ip 192.168.145.137 --port 6202 --device sdb --weight 100

图片[31]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

验证圈内容:

swift-ring-builder account.builder

图片[32]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

重新平衡圈:

swift-ring-builder account.builder rebalance

图片[33]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

创建容器圈

切换到/etc/swift目录。

cd /etc/swift

创建基础container.builder文件:

swift-ring-builder container.builder create 10 3 1

将每个存储节点添加到圈中:

swift-ring-builder container.builder \
  add --region 1 --zone 1 --ip 存储节点IP地址 --port 6201 \
  --device 设备名称 --weight 权重

例如我的:

swift-ring-builder container.builder add \
  --region 1 --zone 1 --ip 192.168.145.136 --port 6201 --device sdb --weight 100
swift-ring-builder container.builder add \
  --region 1 --zone 1 --ip 192.168.145.136 --port 6201 --device sdc --weight 100
swift-ring-builder container.builder add \
  --region 1 --zone 2 --ip 192.168.145.137 --port 6201 --device sdb --weight 100
swift-ring-builder container.builder add \
  --region 1 --zone 2 --ip 192.168.145.137 --port 6201 --device sdc --weight 100

图片[34]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

验证内容:

swift-ring-builder container.builder

图片[35]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

重新平衡:

swift-ring-builder container.builder rebalance

创建对象圈

切换到/etc/swift目录。

cd /etc/swift

创建基础object.builder文件:

swift-ring-builder object.builder create 10 3 1

将每个存储节点添加到圈中:

swift-ring-builder object.builder \
  add --region 1 --zone 1 --ip 储节点IP地址 --port 6200 \
  --device 存储设备名称 --weight 权重

例如我的:

swift-ring-builder object.builder add \
  --region 1 --zone 1 --ip 192.168.145.136 --port 6200 --device sdb --weight 100
swift-ring-builder object.builder add \
  --region 1 --zone 1 --ip 192.168.145.136 --port 6200 --device sdc --weight 100
swift-ring-builder object.builder add \
  --region 1 --zone 2 --ip 192.168.145.137 --port 6200 --device sdb --weight 100
swift-ring-builder object.builder add \
  --region 1 --zone 2 --ip 192.168.145.137 --port 6200 --device sdc --weight 100

图片[36]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

验证圈内容:

swift-ring-builder object.builder

图片[37]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

重新平衡圈:

swift-ring-builder object.builder rebalance

account.ring.gzcontainer.ring.gzobject.ring.gz文件复制到每个存储节点的/etc/swift目录中。

scp *.gz 192.168.145.136:/etc/swift/
scp *.gz 192.168.145.137:/etc/swift/

完成安装

在控制节点下载配置文件至/etc/swift/目录并命名为swift.conf

curl -o /etc/swift/swift.conf \
  https://cdn.thtown.cn/OpenStack/swift/swift.conf-sample

编辑/etc/swift/swift.conf文件:

vim /etc/swift/swift.conf

[swift-hash]中,为环境配置哈希路径前缀和后缀。

[swift-hash]
...
swift_hash_path_suffix = HASH_PATH_SUFFIX
swift_hash_path_prefix = HASH_PATH_SUFFIX

对这些价值观保密,不要更改或丢失它们。

[storage-policy:0]中,配置默认存储策略:

[storage-policy:0]
...
name = Policy-0
default = yes

图片[38]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

swift.conf文件复制到存储节点/etc/swift目录。

scp /etc/swift/swift.conf 192.168.145.136:/etc/swift/
scp /etc/swift/swift.conf 192.168.145.137:/etc/swift/

在控制器节点和运行代理服务的任何其他节点上,启动对象存储代理服务及其依赖项,并将它们配置为在系统启动时启动:

systemctl enable openstack-swift-proxy.service memcached.service;systemctl start openstack-swift-proxy.service memcached.service

在存储节点上,启动对象存储服务并将它们配置为在系统启动时启动:

systemctl enable openstack-swift-account.service openstack-swift-account-auditor.service \
  openstack-swift-account-reaper.service openstack-swift-account-replicator.service
systemctl start openstack-swift-account.service openstack-swift-account-auditor.service openstack-swift-account-reaper.service openstack-swift-account-replicator.service
systemctl enable openstack-swift-container.service \
  openstack-swift-container-auditor.service openstack-swift-container-replicator.service \
  openstack-swift-container-updater.service
systemctl start openstack-swift-container.service openstack-swift-container-auditor.service openstack-swift-container-replicator.service openstack-swift-container-updater.service
systemctl enable openstack-swift-object.service openstack-swift-object-auditor.service \
  openstack-swift-object-replicator.service openstack-swift-object-updater.service
systemctl start openstack-swift-object.service openstack-swift-object-auditor.service openstack-swift-object-replicator.service openstack-swift-object-updater.service

验证操作

在控制器节点上执行这些步骤。

. admin-openrc
swift stat

图片[39]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

如果你的验证出现如下错误:

[root@controller swift]# swift stat
HTTPConnectionPool(host='controller', port=8080): Max retries exceeded with url: /v1/AUTH_ce0e09a6236a49cd83b0818f89399885 (Caused by NewConnectionError('<requests.packages.urllib3.connection.HTTPConnection object at 0x7f3a009c4290>: Failed to establish a new connection: [Errno 111] Connection refused',))

查看状态:

systemctl status openstack-swift-proxy.service

图片[40]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

出现次错误请查看 proxy-server.conf 文件 vim /etc/swift/proxy-server.conf 和此文章:proxy-server.conf 对比

输入 cat 文件 | grep -v '^#' | grep -v '^$' > 文件.bak 删除注释行和空行

创建container1容器:

openstack container create container1

图片[41]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

将测试文件上传到container1容器:

touch 1.txt
openstack object create container1 1.txt

image-20220525190906081

替换FILE为要上传到 container1容器的本地文件的名称。

列出container1容器中的文件:

openstack object list container1

container1容器下载测试文件:

openstack object save container1 1.txt

替换FILE为上传到 container1容器的文件的名称。

图片[43]-15.OpenStack-Ocata 对象存储Object Storage-剧毒之触博客

© 版权声明
THE END
喜欢就支持一下吧
点赞7 分享
评论 抢沙发

请登录后发表评论