(八)OpenStack管理面板
執行下列命令安裝管理面板:
sudo apt-get install openstack-dashboard
重啓Apache:
sudo service apache2 restart
好消息,現在打開瀏覽器輸入server1的IP地址,就可以看到OpenStack的管理面板登陸界面了。默認用戶名和密碼都是“admin”。在管理面板中,可以進行創建密匙對,創建、編輯安全羣組,新建實例,添加捲等操作。具體內容詳見後文“OpenStack Dashboard”章節。
(九)Swift
安裝Swift
最重要的部分是swift的代理、賬戶、容器及對象服務器:
sudo apt-get install swift swift-proxy swift-account swift-container swift-object
隨後安裝一些支持組件,xfsprogs(支持XFS文件系統)、python.pastedeploy(訪問keystone)和curl(測試swift):
sudo apt-get install xfsprogs curl python-pastedeploy
Swift存儲端
有兩種方法來創建或製備存儲端,一種是採用現有的分區或卷作爲存儲設備,另一種是創建環迴文件(Loopback file)並將當做存儲設備。安裝時,兩種方式自選。
1. 分區作爲存儲設備
如果在安裝OS時爲Swift預留了一個分區,你就可以直接使用它。如果該分區沒有使用過或仍是空閒空間(比如 /dev/sdb3),就應該把它格式化爲xfs文件系統,接着編輯 /etc/fstab中該分區的掛載點(注意:請根據實際情況選擇你自定的設備,本教程假定手頭未使用也沒分區的空閒空間在 /dev/sdb上):
sudo fdisk /dev/sdb
Type n for new partition
Type e for extended partion
Choose appropriate partition number ( or go with the default )
Choose first and last sectors to set the hard disk size (or go with defaults)
Note that 83 is the partition type number for Linux
Type w to write changes to the disk
上述命令將創建一個譬如 /dev/sdb3的分區,接着我們便將其格式化爲XFS。記得格式化前要先使用命令“sudo fdisk -l”查看當前分區表,確定系統列出的分區含有你即將格式化的目標分區。最後,如果剛纔xfsprogs成功安裝的話,我們才能夠使用以下命令:
sudo mkfs.xfs -i size=1024 /dev/sdb3
sudo tune2fs -l /dev/sdb3 |grep -i inode
創建一個該分區的掛載點,並命名爲“swift_backend”:
sudo mkdir /mnt/swift_backend
緊接着編輯 /etc/fstab文件寫入如下內容以便系統啓動時自動加載這個分區:
/dev/sdb3 /mnt/swift_backend xfs noatime,nodiratime,nobarrier,logbufs=8 0 0
2. 環迴文件作爲存儲設備
創建一個空文件作爲Swift存儲的環回設備,在這裏我們使用disk copy命令創建它並命名爲swift-disk,還將爲其分配1G的磁盤空間。如果空間不夠,可以通過改變seek值來增加空間。隨後格式化爲XFS:
sudo dd if=/dev/zero of=/srv/swift-disk bs=1024 count=0 seek=1000000
sudo mkfs.xfs -i size=1024 /srv/swift-disk
file /srv/swift-disk
swift-disk1: SGI XFS filesystem data (blksz 4096, inosz 1024, v2 dirs)
創建掛載點:
sudo mkdir /mnt/swift_backend
寫入 /etc/fstab:
/srv/swift-disk /mnt/swift_backend xfs loop,noatime,nodiratime,nobarrier,logbufs=8 0 0
3. 使用存儲
掛載存儲分區前,需要創建一些設備節點並設置其屬主和主羣爲“Swift”:
sudo mount /mnt/swift_backend
pushd /mnt/swift_backend
sudo mkdir node1 node2 node3 node4
popd
sudo chown swift.swift /mnt/swift_backend/*
for i in {1..4}; do sudo ln -s /mnt/swift_backend/node$i /srv/node$i; done;
sudo mkdir -p /etc/swift/account-server /etc/swift/container-server /etc/
swift/object-server /srv/node1/device /srv/node2/device /srv/node3/device /srv/node4/device
sudo mkdir /run/swift
sudo chown -L -R swift.swift /etc/swift /srv/node[1-4]/ /run/swift
爲了在系統啓動時啓動Swift服務,需要把如下兩行命令寫入 /etc/rc.local裏,位置在“exit 0;”之前:
sudo mkdir /run/swift
sudo chown swift.swift /run/swift
配置遠程備份
Rsync用來維護對象副本,許多swift服務都使用它保持對象一致性及進行更新操作。所有存儲節點都將享用此配置:
首先編輯 /etc/default/rsync文件:
Set RSYNC_ENABLE=true
然後編輯 /etc/rsyncd.conf配置文件,如下所示:
# General stuff
uid = swift
gid = swift
log file = /var/log/rsyncd.log
pid file = /run/rsyncd.pid
address = 127.0.0.1
# Account Server replication settings
[account6012]
max connections = 25
path = /srv/node1/
read only = false
lock file = /run/lock/account6012.lock
[account6022]
max connections = 25
path = /srv/node2/
read only = false
lock file = /run/lock/account6022.lock
[account6032]
max connections = 25
path = /srv/node3/
read only = false
lock file = /run/lock/account6032.lock
[account6042]
max connections = 25
path = /srv/node4/
read only = false
lock file = /run/lock/account6042.lock
# Container server replication settings
[container6011]
max connections = 25
path = /srv/node1/
read only = false
lock file = /run/lock/container6011.lock
[container6021]
max connections = 25
path = /srv/node2/
read only = false
lock file = /run/lock/container6021.lock
[container6031]
max connections = 25
path = /srv/node3/
read only = false
lock file = /run/lock/container6031.lock
[container6041]
max connections = 25
path = /srv/node4/
read only = false
lock file = /run/lock/container6041.lock
# Object Server replication settings
[object6010]
max connections = 25
path = /srv/node1/
read only = false
lock file = /run/lock/object6010.lock
[object6020]
max connections = 25
path = /srv/node2/
read only = false
lock file = /run/lock/object6020.lock
[object6030]
max connections = 25
path = /srv/node3/
read only = false
lock file = /run/lock/object6030.lock
[object6040]
max connections = 25
path = /srv/node4/
read only = false
lock file = /run/lock/object6040.lock
最後重新啓動服務完成rsync配置:
sudo service rsync restart
配置Swift組件
詳細的配置選項參見http://swift.openstack.org/deployment_guide.html。如果安裝了swift-doc包的話,則可以在/usr/share/doc/swift-doc/html目錄下直接查看。Python使用paste.deploy管理配置。默認配置選項在[DEFAULT]段中,後面配置其它特殊項會覆蓋默認段中的相關內容。格式如下:
THE SYNTAX set option_name = value
以下是一份paste.deploy的配置樣例,僅供參考:
[DEFAULT]
name1 = globalvalue
name2 = globalvalue
name3 = globalvalue
set name4 = globalvalue
[pipeline:main]
pipeline = myapp
[app:myapp]
use = egg:mypkg#myapp
name2 = localvalue
set name3 = localvalue
set name5 = localvalue
name6 = localvalue
創建並編輯 /etc/swift/swift.conf文件,並寫入如下配置:
[swift-hash]
# random unique string that can never change (DO NOT LOSE). I'm using 03c9f48da2229770.
# od -t x8 -N 8 -A n < /dev/random
# The above command can be used to generate random a string.
swift_hash_path_suffix = 03c9f48da2229770
特別的,當建立更多的節點時,你需要記住隨機串。不要照抄本例,請通過以下命令生成自己的隨機字符串:
od -t x8 -N 8 -A n < /dev/random
1. 配置Swift代理服務器
代理服務器是swift的門衛,它的職責是檢測合法性。它將審查:一、請求是否僞造,二、請求使用資源的用戶身份。具體操作由keystone之類的認證服務器來協助完成。
創建並編輯 /etc/swift/proxy-server.conf並增加如下內容:
[DEFAULT]
bind_port = 8080
user = swift
swift_dir = /etc/swift
[pipeline:main]
# Order of execution of modules defined below
pipeline = catch_errors healthcheck cache authtoken keystone proxy-server
[app:proxy-server]
use = egg:swift#proxy
allow_account_management = true
account_autocreate = true
set log_name = swift-proxy
set log_facility = LOG_LOCAL0
set log_level = INFO
set access_log_name = swift-proxy
set access_log_facility = SYSLOG
set access_log_level = INFO
set log_headers = True
account_autocreate = True
[filter:healthcheck]
use = egg:swift#healthcheck
[filter:catch_errors]
use = egg:swift#catch_errors
[filter:cache]
use = egg:swift#memcache
set log_name = cache
[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
auth_protocol = http
auth_host = 127.0.0.1
auth_port = 35357
auth_token = admin
service_protocol = http
service_host = 127.0.0.1
service_port = 5000
admin_token = admin
admin_tenant_name = service
admin_user = swift
admin_password = swift
delay_auth_decision = 0
[filter:keystone]
paste.filter_factory = keystone.middleware.swift_auth:filter_factory
operator_roles = admin, swiftoperator
is_admin = true
注意:可以使用apt-get安裝swift-doc軟件包,安裝後許多文檔都收錄在/usr/share/doc/swift-doc/html下,本配置樣例也是如此。
2. 配置Swift賬戶服務器
默認swift容器服務配置文件爲 /etc/swift/account-server.conf:
[DEFAULT]
bind_ip = 0.0.0.0
workers = 2
[pipeline:main]
pipeline = account-server
[app:account-server]
use = egg:swift#account
[account-replicator]
[account-auditor]
[account-reaper]
所有的account server配置文件都在 /etc/swift/account-server目錄中。與 /srv裏的設備相對應,我們創建1.conf、2.conf等等文件,並將它們放到/etc/swift/account-server/下。以下是/etc/swift/account-server/1.conf配置文件的內容:
[DEFAULT]
devices = /srv/node1
mount_check = false
bind_port = 6012
user = swift
log_facility = LOG_LOCAL2
[pipeline:main]
pipeline = account-server
[app:account-server]
use = egg:swift#account
[account-replicator]
vm_test_mode = no
[account-auditor]
[account-reaper]
對其它設備也是如此,比如/srv/node2、/srv/node3、/srv/node4等,我們分別創建2.conf,3.conf和4.conf與之對應。現在利用1.conf進行復制生成其餘文件,並一一設置唯一的綁定端口及本地日誌值:
sudo cp /etc/swift/account-server/1.conf /etc/swift/account-server/2.conf
sudo cp /etc/swift/account-server/1.conf /etc/swift/account-server/3.conf
sudo cp /etc/swift/account-server/1.conf /etc/swift/account-server/4.conf
sudo sed -i 's/6012/6022/g;s/LOCAL2/LOCAL3/g;s/node1/node2/g' /etc/swift/account-server/2.conf
sudo sed -i 's/6012/6032/g;s/LOCAL2/LOCAL4/g;s/node1/node3/g' /etc/swift/account-server/3.conf
sudo sed -i 's/6012/6042/g;s/LOCAL2/LOCAL5/g;s/node1/node4/g' /etc/swift/account-server/4.conf
3. 配置Swift容器服務器
默認swift容器服務配置文件爲 /etc/swift/container-server.conf:
[DEFAULT]
bind_ip = 0.0.0.0
workers = 2
[pipeline:main]
pipeline = container-server
[app:container-server]
use = egg:swift#container
[container-replicator]
[container-updater]
[container-auditor]
[container-sync]
與account-server類似,我們同樣創建 /etc/swift/container-server/1.conf等等文件與 /srv設備匹配,這是1.conf文件內容:
[DEFAULT]
devices = /srv/node1
mount_check = false
bind_port = 6011
user = swift
log_facility = LOG_LOCAL2
[pipeline:main]
pipeline = container-server
[app:container-server]
use = egg:swift#container
[container-replicator]
vm_test_mode = no
[container-updater]
接着利用1.conf繼續創建2.conf、3.conf和4.conf。並修改端口(分別是6021、6031和6041)及本地日誌值(LOG_LOCAL3、LOG_LOCAL4和 LOG_LOCAL5)。
4. 配置Swift對象服務器
默認swift容器服務配置文件爲 /etc/swift/object-server.conf:
[DEFAULT]
bind_ip = 0.0.0.0
workers = 2
[pipeline:main]
pipeline = object-server
[app:object-server]
use = egg:swift#object
[object-replicator]
[object-updater]
[object-auditor]
與account-server和container-server一樣,我們同樣創建 /etc/swift/object-server/1.conf等等文件與 /srv設備匹配,這是1.conf文件內容:
[DEFAULT]
devices = /srv/node1
mount_check = false
bind_port = 6010
user = swift
log_facility = LOG_LOCAL2
[pipeline:main]
pipeline = object-server
[app:object-server]
use = egg:swift#object
[object-replicator]
vm_test_mode = no
[object-updater]
[object-auditor]
繼而利用1.conf繼續創建2.conf、3.conf和4.conf。並修改端口(分別是6020、6030和6040)及本地日誌值(LOG_LOCAL3、LOG_LOCAL4和 LOG_LOCAL5)。
5. 配置Swift Ring服務器
Ring是swift的一個極爲重要的組件,它維護着對象的真實物理位置信息,對象的副本及多種設備。創建與對象服務、容器服務和賬戶服務相對應的ring-builder文件:
pushd /etc/swift
sudo swift-ring-builder object.builder create 18 3 1
sudo swift-ring-builder container.builder create 18 3 1
sudo swift-ring-builder account.builder create 18 3 1
注意:執行以上命令時需要在 /etc/swift目錄下。
命令中的參數指定了分區、副本和小時的數量,用來限制分區多次移動。可以參考man頁面中的swift-ring-builder獲取更多信息。
現在添加區域以均衡ring服務。命令格式如下:
swift-ring-builder <builder_file> add <zone>-<ip_address>:<port>/<device><weight>
執行下列命令:
sudo swift-ring-builder object.builder add z1-127.0.0.1:6010/device 1
sudo swift-ring-builder object.builder add z2-127.0.0.1:6020/device 1
sudo swift-ring-builder object.builder add z3-127.0.0.1:6030/device 1
sudo swift-ring-builder object.builder add z4-127.0.0.1:6040/device 1
sudo swift-ring-builder object.builder rebalance
sudo swift-ring-builder container.builder add z1-127.0.0.1:6011/device 1
sudo swift-ring-builder container.builder add z2-127.0.0.1:6021/device 1
sudo swift-ring-builder container.builder add z3-127.0.0.1:6031/device 1
sudo swift-ring-builder container.builder add z4-127.0.0.1:6041/device 1
sudo swift-ring-builder container.builder rebalance
sudo swift-ring-builder account.builder add z1-127.0.0.1:6012/device 1
sudo swift-ring-builder account.builder add z2-127.0.0.1:6022/device 1
sudo swift-ring-builder account.builder add z3-127.0.0.1:6032/device 1
sudo swift-ring-builder account.builder add z4-127.0.0.1:6042/device 1
sudo swift-ring-builder account.builder rebalance
啓動Swift服務
使用以下命令啓動swift和REST API:
sudo swift-init main start
sudo swift-init rest start
測試Swift
可以通過Swift命令或Horizon提供的Web管理面板測試Swift是否正確運行。
首先,將 /etc/swift目錄的屬主設爲swift.swift:
sudo chown -R swift.swift /etc/swift
執行以下命令查看是否能得到正確的account、容器數量和存儲的對象信息:
swift -v -V 2.0 -A http://127.0.0.1:5000/v2.0/ -U service:swift -K swift stat
StorageURL: http://127.0.0.1:8080/v1/AUTH_c7970080576646c6959ee35970cf3199
Auth Token: ba9df200a92d4a5088dcd6b7dcc19c0d
Account: AUTH_c7970080576646c6959ee35970cf3199
Containers: 1
Objects: 1
Bytes: 77
Accept-Ranges: bytes
X-Trans-Id: tx11c64e218f984749bc3ec37ea46280ee
至此,Server1終於安裝完畢!