Ceph Swift RESTful
首先在Controller或Swift Node上安裝 Ceph:
$ ceph-deploy install <node>
ceph-deploy可以用pip install ceph-deploy安裝。:
手動安裝 radosgw
首先安裝 Ceph radosgw 與 apache2 相關套件:
$ wget -q -O- https://raw.github.com/ceph/ceph/master/keys/autobuild.asc | sudo apt-key add -
$ echo deb http://gitbuilder.ceph.com/libapache-mod-fastcgi-deb-$(lsb_release -sc)-x86_64-basic/ref/master $(lsb_release -sc) main | sudo tee /etc/apt/sources.list.d/ceph-fastcgi.list
$ sudo apt-get install apache2 libapache2-mod-fastcgi radosgw -y
建立一個 radosgw 認證金鑰:
$ HOSTNAME=$(hostname)
$ sudo ceph-authtool --create-keyring /etc/ceph/ceph.client.radosgw.${HOSTNAME}.keyring
設定該認證的權限:
$ sudo chmod +r /etc/ceph/ceph.client.radosgw.${HOSTNAME}.keyring
$ sudo ceph-authtool /etc/ceph/ceph.client.radosgw.${HOSTNAME}.keyring -n client.radosgw.${HOSTNAME} --gen-key
$ sudo ceph-authtool -n client.radosgw.${HOSTNAME} --cap osd 'allow rwx' --cap mon 'allow rwx' /etc/ceph/ceph.client.radosgw.${HOSTNAME}.keyring
$ sudo ceph -k /etc/ceph/ceph.client.admin.keyring auth add client.radosgw.${HOSTNAME} -i /etc/ceph/ceph.client.radosgw.${HOSTNAME}.keyring
新增以下內容到/etc/ceph/ceph.conf檔案:
$ echo -n "
[client.radosgw.${HOSTNAME}]
host = ${HOSTNAME}
keyring = /etc/ceph/ceph.client.radosgw.${HOSTNAME}.keyring
rgw socket path = /tmp/radosgw.sock
log file = /var/log/ceph/radosgw.${HOSTNAME}.log
rgw dns name = ${HOSTNAME}
" | sudo tee -a /etc/ceph/ceph.conf
建立 fcgi 檔案,並設定檔案權限:
$ echo -n "#!/bin/sh
exec /usr/bin/radosgw -c /etc/ceph/ceph.conf -n client.radosgw.${HOSTNAME}" \
| sudo tee -a /var/www/s3gw.fcgi
$ sudo chmod +x /var/www/s3gw.fcgi
建立一個 apache2 檔案,/etc/apache2/sites-available/rgw.conf,並加入以下內容:
$ echo -n "FastCgiExternalServer /var/www/s3gw.fcgi -socket /tmp/radosgw.sock
<VirtualHost *:8080>
ServerName ${HOSTNAME}
DocumentRoot /var/www
RewriteEngine On
RewriteRule ^/(.*) /s3gw.fcgi?%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
<IfModule mod_fastcgi.c>
<Directory /var/www>
Options +ExecCGI
AllowOverride All
SetHandler fastcgi-script
Order allow,deny
Allow from all
AuthBasicAuthoritative Off
</Directory>
</IfModule>
AllowEncodedSlashes On
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
ServerSignature Off
</VirtualHost>
" | sudo tee /etc/apache2/sites-available/rgw.conf
使用 apache2 模組:
$ sudo a2enmod rewrite
$ sudo a2enmod fastcgi
使用 rgw 虛擬主機設定檔:
$ sudo a2ensite rgw.conf
$ sudo a2dissite default
重新啟動相關服務:
$ sudo service ceph restart
$ sudo service apache2 restart
$ sudo /etc/init.d/radosgw start
設定 Boot 時啟動:
$ sudo update-rc.d radosgw defaults
Keystone 整合可參考 Keystone 安裝。
建立 pool
$ ceph osd pool create {pool-name} {pg-num} [{pgp-num}] [replicated] \
[crush-ruleset-name] [expected-num-objects]
- .rgw.root
- .rgw.control
- .rgw
- .rgw.gc
- .users.uid
- .users
- .users.email
- .users.swift
- .rgw.buckets.index
- .rgw.buckets
可以參考 PG Calc 的 PG Number,並產生指令。
使用 cph-deploy 建立 radosgw 與 pool
$ ceph-deploy install <host>
$ ceph-deploy rgw create <host>:rgw1
基本指令使用
建立使用者(如果有出現特殊字元就刪除再重建使用者,刪除指令參考下一項)
$ radosgw-admin user create \
--uid=test.s3 \
--display-name="test.s3" \
[email protected]
刪除使用者的指令:
$ radosgw-admin user rm --uid=test.s3
建立subuser,建完請確認要有紅字的內容,沒有subuser,swift client無法連線
$ radosgw-admin subuser create --uid=test.s3 \
--subuser=test.s3:swift --access=full
產生secret-key(如果有secret有特殊字元就重複執行產生key的指令)
$ radosgw-admin key create --gen-secret \
--subuser=test.s3:swift --key-type=swift
Status
$ swift -v -A http://10.0.0.11:8080/auth/v1.0 \
-U test.s3:swift \
--key='yZsnzDEQtxwVrjSnabuaSEX8xqvfXn8ZVEZ6oQZs' \
stat
Create bucket
$ swift -V 1.0 -A http://10.0.0.11:7480/auth \
-U test.s3:swift \
-K yZsnzDEQtxwVrjSnabuaSEX8xqvfXn8ZVEZ6oQZs \
post melon-buc
List Containers
$ swift -V 1.0 -A http://10.0.0.11:7480/auth \
-U test.s3:swift -K yZsnzDEQtxwVrjSnabuaSEX8xqvfXn8ZVEZ6oQZs \
list
Upload file
$ swift -V 1.0 -A http://10.0.0.11:7480/auth \
-U test.s3:swift -K yZsnzDEQtxwVrjSnabuaSEX8xqvfXn8ZVEZ6oQZs \
upload melon-buc cirr.img
List bucket files
$ swift -V 1.0 -A http://10.0.0.11:7480/auth \
-U test.s3:swift -K yZsnzDEQtxwVrjSnabuaSEX8xqvfXn8ZVEZ6oQZs \
list melon-buc
Delete files
$ swift -V 1.0 -A http://10.0.0.11:7480/auth \
-U test.s3:swift -K yZsnzDEQtxwVrjSnabuaSEX8xqvfXn8ZVEZ6oQZs \
delete melen-buc cirr.img