Установка swift на pike
Авторизация может быть двух типов TempAuth и keystone. На продуктовых средах не рекомендуется испоьзование tempauth. Подробнее здесь https://docs.openstack.org/swift/pike/overview_auth.html#temp-auth
Настройку авторизации делал по https://docs.openstack.org/swift/pike/overview_auth.html#temp-auth
Основные моменты
В файлах /etc/keystone/default_catalog.templates на KSTN-000x надо добавить:
catalog.RegionOne.object_store.name = Swift Service
catalog.RegionOne.object_store.publicURL = http://swiftproxy:8080/v1/AUTH_$(tenant_id)s
catalog.RegionOne.object_store.adminURL = http://swiftproxy:8080/
catalog.RegionOne.object_store.internalURL = http://swiftproxy:8080/v1/AUTH_$(tenant_id)s
После этого надо добавить запись в /etc/hosts, гда указать виртуальный адрес haproxy, который ведет на IP-адрес контейнера SWFT-000x
В файл /etc/swift/proxy-server.conf добавить keystone аутентификацию
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
auth_uri = http://10.10.31.2:5000/
auth_url = http://10.10.31.2:35357/
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = swift
password = Aepie2i
cache = swift.cache
include_service_catalog = False
delay_auth_decision = True
Заменить строку
Сервис | Порт | Расположение | Комментарий |
---|---|---|---|
swift-proxy | 8080 | SWFT-000x | |
На контейнере SWFT-000N
openstack role add --project service --user swift admin
apt-get install swift swift-proxy python-swiftclient python-keystoneclient python-keystonemiddleware memcached
mkdir /etc/swift
cd /etc/swift
curl -o /etc/swift/proxy-server.conf https://opendev.org/openstack/swift/raw/branch/stable/pike/etc/proxy-server.conf-sample?h=stable/pike
На ноде
apt-get install libxml2-dev libxslt1-dev
apt-get install python-numpy libicu-dev
sudo apt-get install libffi-dev
git clone https://github.com/openstack/swift.git -b stable/pike --depth=1 /opt/swift
#pip install -c http://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt?h=stable/pike /opt/swift/
sudo pip install -r test-requirements.txt
python setup.py install
apt-get install swift swift-account swift-container swift-object
swift-ring-builder account.builder add --region 1 --zone 1 --ip 192.168.30.52 --port 6202 --device sdc --weight 100
swift-ring-builder container.builder add --region 1 --zone 1 --ip 192.168.30.52 --port 6201 --device sdc --weight 100
swift-ring-builder object.builder add --region 1 --zone 1 --ip 192.168.30.52 --port 6200 --device sdc --weight 100
curl -o /etc/swift/swift.conf https://opendev.org/openstack/swift/raw/branch/stable/pike/etc/swift.conf-sample?=stable/pike
mkdir -p /var/lock/swift
chown swift: /var/lock/swift
Swift services
systemctl [start|status|restart|stop] openstack-swift-account openstack-swift-account-auditor openstack-swift-account-reaper openstack-swift-account-replicator
systemctl [start|status|restart|stop] openstack-swift-container openstack-swift-container-auditor openstack-swift-container-replicator openstack-swift-container-updater
systemctl [start|status|restart|stop] openstack-swift-object openstack-swift-object-auditor openstack-swift-object-replicator openstack-swift-object-updater