在顺利的安装部署了KeyStone之后,原以为swift的安装调试也会如KeyStone一般,但过程却充满了坎坷,在结合源代码中的一些函数之后,终于成功的完成了swift的安装,并实验了上传下载文件等功能,下面整理了swift的安装过程,并对遇到的问题进行了总结,希望对遇到同样问题的人有些启示或帮助。安装过程依然参考的是OpenStack的官方安装手册,但补充了一些细节。在安装之前,先简单的介绍一下Swift是什么、主要功能是什么。OpenStack的对象存储(Swift)是一个多租户的、高可扩展的对象存储系统,通过RESTful HTTP API管理着大量的非结构化数据,在部署对象存储之前必须至少安装了身份服务(KeyStone)。Swift包含的组件包括:

  1. 代理服务器(swift-proxy-server):接受对象存储API和HTTP请求以上传文件、修改元数据和创建容器,也向浏览器提供文件或容器的列表。为了改进性能,代理服务器可以使用可选的缓存,通常选择memcache与代理服务器一起部署。
  2.  账户服务(account-server):管理对象存储中的账户。
  3. 容器服务(container-server):管理对象存储中容器或文件夹的映射。
  4. 对象服务(object-server):管理存储节点上的实际对象,比如文件。
  5.  WSGI中间层:处理认证,通常是身份服务(KeyStone)。
  6. 周期性进程:在集群中执行各种维护任务,比如复制(replicator)服务确保集群中数据的一致性和可用性,其它还包括:auditor, updater和reaper。

    代理服务依赖于认证和授权机制,如果使用身份服务完成认证和授权的话,则在配置管理swift之前,首先要在keystone中创建swift的认证信息和endpoint。对象存储在控制节点上不适用SQL数据库。由于之前已经成功部署了KeyStone,所以这里就不在赘述KeyStone的安装过程,直接进入Swift的安装。本次安装是在单节点的虚拟机进行的,也就是控制节点和存储节点部署在相同的主机中,操作系统为CentOS7.1。首先在KeyStone中创建Swift的用户、服务及endpoint,具体命令及结果如下:

[openstack@localhost ~]$ keystone user-create --name swift --pass 123456
+----------+----------------------------------+
| Property |              Value               |
+----------+----------------------------------+
|  email   |                                  |
| enabled  |               True               |
|    id    | ed4f45ac3e8a4ac683d54b642e61ac04 |
|   name   |              swift               |
| username |              swift               |
+----------+----------------------------------+
keystone user-role-add --user swift --role admin --tenant service
[openstack@localhost ~]$ keystone service-create --name swift --type object-store
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| description |                                  |
|   enabled   |               True               |
|      id     | 094cc0da43e348f8b792f77ef99f8e7e |
|     name    |              swift               |
|     type    |           object-store           |
+-------------+----------------------------------+
[openstack@localhost ~]$ keystone endpoint-create --region regionOne --service swift --publicurl 'http://localhost:8080/v1/AUTH_%(tenant_id)s' --internalurl 'http://localhost:8080/v1/AUTH_%(tenant_id)s' --adminurl 'http://localhost:8080/v1/AUTH_%(tenant_id)s'
+-------------+-----------------------------------------------------------------+
|   Property  |                              Value                              |
+-------------+-----------------------------------------------------------------+
|   adminurl  |                    http://locoalhost:8080/v1/                   |
|      id     |                 c0da7d196e204e038766740e405dbbce                |
| internalurl | http://locoalhost:8080/v1/AUTH_2835009c452b4d408f95ff5a920fc877 |
|  publicurl  | http://locoalhost:8080/v1/AUTH_2835009c452b4d408f95ff5a920fc877 |
|    region   |                            regionOne                            |
|  service_id |                 094cc0da43e348f8b792f77ef99f8e7e                |
+-------------+-----------------------------------------------------------------+

    然后安装proxy-server,swift客户端、memcached等:yum install openstack-swift-proxy python-swiftclient python-keystone-auth-token python-keystonemiddleware memcached。上面命令中的python-keystone-auth-token是无法安装的,当使用yum安装时将会报如下的异常信息:没有可用软件包 python-keystone-auth-token。经过在OpenStack的官网确认,该问题属于文档中的错误,直接忽略该问题或者执行yum install openstack-swift-proxy python-swiftclient  python-keystonemiddleware memcached。安装执行完毕后,执行下面的命令下载proxy-server.conf文件:

curl -o /etc/swift/proxy-server.conf https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/proxyserver.conf-sample

    下载完成后需要对文件中的配置参数进行修改,修改的具体内容如下:

  • 在[DEFAULT]中指定端口号、用户名和配置文件目录:
[DEFAULT]
...
bind_port = 8080
user = swift
swift_dir = /etc/swift
  • 在[pipeline:main]中,启用合适的模块:
[pipeline:main]
pipeline = authtoken cache healthcheck keystoneauth proxy-logging proxy-server
  • 在[app:proxy-server]中,启用用户管理功能:
[app:proxy-server]
...
allow_account_management = true
account_autocreate = true
  • 在[filter:keystoneauth]中配置合适的操作角色;
[filter:keystoneauth]
use = egg:swift#keystoneauth
...
operator_roles = admin,_member_
  • 在[filter:authtoken]中配置认证服务的相关信息:
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
...
auth_uri = http://localhost:5000/v2.0
identity_uri = http://localhost:35357
admin_tenant_name = service
admin_user = swift
admin_password = SWIFT_PASS #指定为使用keystone创建swift用户时设置的密码,比如123456
delay_auth_decision = true
  • 在[filter:cache]中,配置memcached的位置:
[filter:cache]
...
memcache_servers = 127.0.0.1:11211

/dev/sdb1 /srv/node/ xfs noatime,nodiratime,nobarrier,logbufs=8 0 2

uid = swift
gid = swift
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
address = MANAGEMENT_INTERFACE_IP_ADDRESS
[account]
max connections = 2
path = /srv/
read only = false
lock file = /var/lock/account.lock
[container]
max connections = 2
path = /srv/
read only = false
lock file = /var/lock/container.lock
[object]
max connections = 2
path = /srv/
read only = false
lock file = /var/lock/object.lock
curl -o /etc/swift/account-server.conf https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/account-server.conf-sample

curl -o /etc/swift/container-server.conf https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/container-server.conf-sample

curl -o /etc/swift/object-server.conf https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/object-server.conf-sample

    三个配置文件所要修改的内容很相似,因此仅对account-server.conf进行说明,其它两个文件不同的地方将进行标记。

  • 在[DEFAULT]中,配置ip地址、端口号、用户、配置文件所在目录和挂载目录,需要注意的地方是挂载目录,该目录为挂载点的上级目录,比如/dev/sdb1挂载到目录/srv/node目录,在该配置文件的中的挂载目录应该为/srv,而不是/srv/node。
[DEFAULT]
...
bind_ip = 127.0.0.1
bind_port = 6002 #不同的服务使用不同的端口
user = swift
swift_dir = /etc/swift
devices = /srv/ #设备挂载目录的上级目录
  • 在[pipeline:main]中,设置合适的模块:
[pipeline:main]
pipeline = healthcheck recon account-server#account-server在其它配置文件中应该改为container-server、object-server
  • 在[filter:recon]中,配置recon缓存目录:
[filter:recon]
...
recon_cache_path = /var/cache/swift

swift-ring-builder account.builder create 8 1 1
swift-ring-builder container.builder create 8 1 1
swift-ring-builder object.builder create 8 1 1

swift-ring-builder account.builder add r1z1-127.0.0.1:6002/node 100
swift-ring-builder container.builder add r1z1-127.0.0.1:6001/node 100
swift-ring-builder object.builder add r1z1-127.0.0.1:6000/node 100

object-replicator: node is not mounted
proxy-server: ERROR Insufficient Storage 127.0.0.1:6002/node

from swift.common.constraints import check_mount
check_mount('/srv','node') #第一个参数为配置文件中devices的值,第二个参数为向ring增加设备时/后面的值

swift-ring-builder account.builder rebalance
swift-ring-builder container.builder rebalance
swift-ring-builder object.builder rebalance
curl -o /etc/swift/swift.conf https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/swift.conf-sample
  • 在[swift-hash]中配置hash路径的前缀和后缀:
[swift-hash]
...
swift_hash_path_suffix = HASH_PATH_PREFIX
swift_hash_path_prefix = HASH_PATH_SUFFIX
  • 在[storage-policy:0]配置默认的存储策略:
[storage-policy:0]
...
name = Policy-0
default = yes

部署配置完成后,就需要启动所有服务。除了proxy-server、account-server、container-server和object-server外,swift还包括许多其它的周期性进程,如果每次都要逐一启动、停止、重启这些服务,将会是繁琐且无聊的过程,因此建议将所有启动、停止或重启的命令编入相应的脚本,这样只需执行脚本就可以了,比如:

[openstack@localhost ~]$ cat swift-stop.sh 
#! /bin/bash
systemctl stop openstack-swift-account.service openstack-swift-account-auditor.service openstack-swift-account-reaper.service openstack-swift-account-replicator.service
systemctl stop openstack-swift-container.service openstack-swift-container-auditor.service openstack-swift-container-replicator.service openstack-swift-container-updater.service
systemctl stop openstack-swift-object.service openstack-swift-object-auditor.service openstack-swift-object-replicator.service openstack-swift-object-updater.service

[openstack@localhost ~]$ source demo-openrc.sh 
[openstack@localhost ~]$ swift stat
        Account: AUTH_1928446a6c364ace8a40043b5318bd9f
     Containers: 0
        Objects: 0
          Bytes: 0
X-Put-Timestamp: 1434681204.28622
     Connection: keep-alive
    X-Timestamp: 1434681204.28622
     X-Trans-Id: tx60e7648bf53f4365a2c84-0055837f72
   Content-Type: text/plain; charset=utf-8


[openstack@localhost ~]$ swift upload demo swift-stop.sh --object-name stop
stop
[openstack@localhost ~]$ swift list
demo
[openstack@localhost ~]$ swift list demo
stop

    至此就完成了swift的单节点部署工作,并且从测试结果来看,一切动作正常。成功部署swift并不意味者对swift的所有功能、流程都已经熟悉了,相反还有很多需要学习的,比如swift客户端命令的详细使用方法,上传下载文件的具体流程,ring文件的具体含义,如何调整partition的数量等,还需要进一步的学习。