OpenStack Dalmatian : Swift 設定 (Proxy ノード)2024/10/14 |
OpenStack Object Storage(Swift)を設定します。 当例では以下のような環境を例に Swift サービスを設定します。 ------------+--------------------------+------------ | | eth0|10.0.0.30 eth0|10.0.0.50 +-----------+-----------+ +-----------+-----------+ | [ dlp.srv.world ] | | [ network.srv.world ] | | (Control Node) | | (Proxy Node) | | | | | | MariaDB RabbitMQ | | Swift Proxy | | Memcached Nginx | | Nginx | | Keystone httpd | | | +-----------------------+ +-----------------------+ ------------+--------------------------+--------------------------+----------- eth0|10.0.0.71 eth0|10.0.0.72 eth0|10.0.0.73 +-----------+-----------+ +-----------+-----------+ +-----------+-----------+ | [snode01.srv.world] | | [snode02.srv.world] | | [snode03.srv.world] | | (Storage Node#1) | | (Storage Node#2) | | (Storage Node#3) | | | | | | | | Swift-Account | | Swift-Account | | Swift-Account | | Swift-Container | | Swift-Container | | Swift-Container | | Swift-Object | | Swift-Object | | Swift-Object | +-----------------------+ +-----------------------+ +-----------------------+ |
[1] | こちらの [3] を参考に OpenStack Dalmatian リポジトリを設定後、Swift-Proxy をインストールします。 |
root@network:~# apt -y install swift swift-proxy python3-swiftclient python3-keystonemiddleware python3-memcache nginx libnginx-mod-stream
|
[2] | Swift-Proxy を設定します。 |
root@network:~#
vi /etc/swift/proxy-server.conf # 新規作成 [DEFAULT] bind_ip = 127.0.0.1 bind_port = 8080 keep_idle = 600 bind_timeout = 30 backlog = 4096 swift_dir = /etc/swift user = swift [pipeline:main] pipeline = catch_errors gatekeeper healthcheck proxy-logging cache listing_formats container_sync bulk ratelimit copy container-quotas account-quotas slo dlo versioned_writes symlink proxy-logging proxy-server [app:proxy-server] use = egg:swift#proxy allow_account_management = true account_autocreate = true [filter:s3api] use = egg:swift#s3api [filter:s3token] use = egg:swift#s3token reseller_prefix = AUTH_ delay_auth_decision = False # Keystone 認証情報 auth_uri = https://dlp.srv.world:5000/v3 http_timeout = 10.0 auth_url = https://dlp.srv.world:5000 auth_type = password project_domain_name = Default project_domain_id = default user_domain_name = Default project_name = service username = swift password = servicepassword [filter:healthcheck] use = egg:swift#healthcheck [filter:cache] use = egg:swift#memcache # Memcached サーバーを指定 memcache_servers = dlp.srv.world:11211 [filter:ratelimit] use = egg:swift#ratelimit [filter:read_only] use = egg:swift#read_only [filter:domain_remap] use = egg:swift#domain_remap [filter:catch_errors] use = egg:swift#catch_errors [filter:cname_lookup] use = egg:swift#cname_lookup [filter:staticweb] use = egg:swift#staticweb [filter:formpost] use = egg:swift#formpost [filter:name_check] use = egg:swift#name_check [filter:etag-quoter] use = egg:swift#etag_quoter [filter:list-endpoints] use = egg:swift#list_endpoints [filter:proxy-logging] use = egg:swift#proxy_logging [filter:bulk] use = egg:swift#bulk [filter:slo] use = egg:swift#slo [filter:dlo] use = egg:swift#dlo [filter:container-quotas] use = egg:swift#container_quotas [filter:account-quotas] use = egg:swift#account_quotas [filter:gatekeeper] use = egg:swift#gatekeeper [filter:container_sync] use = egg:swift#container_sync [filter:xprofile] use = egg:swift#xprofile [filter:versioned_writes] use = egg:swift#versioned_writes [filter:copy] use = egg:swift#copy [filter:keymaster] use = egg:swift#keymaster meta_version_to_write = 2 encryption_root_secret = my_root_secret [filter:kms_keymaster] use = egg:swift#kms_keymaster [filter:kmip_keymaster] use = egg:swift#kmip_keymaster [filter:encryption] use = egg:swift#encryption [filter:listing_formats] use = egg:swift#listing_formats [filter:symlink] use = egg:swift#symlink
root@network:~#
vi /etc/swift/swift.conf # 新規作成 # Swift ノード間でシェアする値 : 適当な文字列で OK
[swift-hash]
swift_hash_path_suffix = swift_shared_path swift_hash_path_prefix = swift_shared_path chown -R swift:swift /etc/swift
|
[3] | Swift Ring ファイルの設定です。 |
root@network:~#
swift-ring-builder /etc/swift/account.builder create 12 3 1 root@network:~# swift-ring-builder /etc/swift/container.builder create 12 3 1 root@network:~# swift-ring-builder /etc/swift/object.builder create 12 3 1
root@network:~#
swift-ring-builder /etc/swift/account.builder add r0z0-10.0.0.71:6002/device 100 Device d0r0z0-10.0.0.71:6202R10.0.0.71:6202/device_"" with 100.0 weight got id 0 root@network:~# swift-ring-builder /etc/swift/container.builder add r0z0-10.0.0.71:6001/device 100 Device d0r0z0-10.0.0.71:6201R10.0.0.71:6201/device_"" with 100.0 weight got id 0 root@network:~# swift-ring-builder /etc/swift/object.builder add r0z0-10.0.0.71:6000/device 100 Device d0r0z0-10.0.0.71:6200R10.0.0.71:6200/device_"" with 100.0 weight got id 0
root@network:~#
swift-ring-builder /etc/swift/account.builder add r1z1-10.0.0.72:6002/device 100 Device d1r1z1-10.0.0.72:6202R10.0.0.72:6202/device_"" with 100.0 weight got id 1 root@network:~# swift-ring-builder /etc/swift/container.builder add r1z1-10.0.0.72:6001/device 100 Device d1r1z1-10.0.0.72:6201R10.0.0.72:6201/device_"" with 100.0 weight got id 1 root@network:~# swift-ring-builder /etc/swift/object.builder add r1z1-10.0.0.72:6000/device 100 Device d1r1z1-10.0.0.72:6200R10.0.0.72:6200/device_"" with 100.0 weight got id 1
root@network:~#
swift-ring-builder /etc/swift/account.builder add r2z2-10.0.0.73:6002/device 100 Device d2r2z2-10.0.0.73:6202R10.0.0.73:6202/device_"" with 100.0 weight got id 2 root@network:~# swift-ring-builder /etc/swift/container.builder add r2z2-10.0.0.73:6001/device 100 Device d2r2z2-10.0.0.73:6201R10.0.0.73:6201/device_"" with 100.0 weight got id 2 root@network:~# swift-ring-builder /etc/swift/object.builder add r2z2-10.0.0.73:6000/device 100 Device d2r2z2-10.0.0.73:6200R10.0.0.73:6200/device_"" with 100.0 weight got id 2
root@network:~#
root@network:~# swift-ring-builder /etc/swift/account.builder rebalance Reassigned 12288 (300.00%) partitions. Balance is now 0.00. Dispersion is now 0.00 root@network:~# swift-ring-builder /etc/swift/container.builder rebalance Reassigned 12288 (300.00%) partitions. Balance is now 0.00. Dispersion is now 0.00 root@network:~# swift-ring-builder /etc/swift/object.builder rebalance Reassigned 12288 (300.00%) partitions. Balance is now 0.00. Dispersion is now 0.00 chown swift:swift /etc/swift/*.gz root@network:~# systemctl restart swift-proxy |
[4] | ネットワークノード用の SSL/TLS 証明書を取得 または 自己署名の証明書を作成して、Nginx にプロキシの設定をします。 |
root@network:~# unlink /etc/nginx/sites-enabled/default
root@network:~#
vi /etc/nginx/nginx.conf # 最終行に追記 stream { upstream swift-proxy { server 127.0.0.1:8080; } server { listen 10.0.0.50:8080 ssl; proxy_pass swift-proxy; } ssl_certificate "/etc/letsencrypt/live/network.srv.world/fullchain.pem"; ssl_certificate_key "/etc/letsencrypt/live/network.srv.world/privkey.pem"; } systemctl restart nginx |
Sponsored Link |