installation openstack swift
TRANSCRIPT
㈜유미테크
OpenstackSwift node 생성
목차
• Openstack Swift
• 리눅스 환경설정
• OpenStack packages 설치
• Storage Node 설치
• Proxy Node 설치
• Swift Service 등록
• Swift Containers
2
Openstack Swift
• Block 단위의 저장을 하는 Cinder와 달리, Object 단위의 저장을 하는 Storage로, 데이터가 데이터센터 안의 서버들에 분산되어 저장된다.
• Swift의 구성
• Swift는 Openstack 내의 컴포넌트이지만, 다른 컴포넌트와의 관련성은 낮다. 따라서 다른 구성요소에 종속적이기 보단 개별 환경 구축이 가능하다.
3
서비스이름 설 명
Proxy Storage에 액세스하기 위한 API를 제공하거나 각 서비스를 관리한다.
Object 개체를 관리한다.
Container 컨테이너를 관리한다.
Account 계정을 관리한다.
Openstack Swift (계속)
• Swift Service Architecture
• Swift Logical Hierarchy
– ZONE ⊃ DEVICE ⊃ PARTITION ⊃ OBJECT
4
Proxy Server
ZONE #1
Storage
Storage
Storage
ACCO
UN
T, C
ON
TAIN
ER, O
BJE
CT S
ERVERS
…
ZONE #2
Storage
Storage
Storage
ACCO
UN
T, C
ON
TAIN
ER, O
BJE
CT S
ERVERS
…
ZONE #3
Storage
Storage
Storage
ACCO
UN
T, C
ON
TAIN
ER, O
BJE
CT S
ERVERS
…
ZONE #4
Storage
Storage
StorageACCO
UN
T, C
ON
TAIN
ER, O
BJE
CT S
ERVERS
…
ZONE #...
Storage
Storage
Storage
ACCO
UN
T, C
ON
TAIN
ER, O
BJE
CT S
ERVERS
…
리눅스 환경설정
• 설치환경
– OS : Ubuntu desktop 12.04.4 (64bit)
– Openstack Icehouse
– Ubuntu 설치 시 디스크 전체에 설치하지 않고 파티션을 나누어 설치한 뒤, 나머지 부분을 Storage Node로 사용한다.
– User : swift / Group : swift
– ‘Gparted’ 패키지를 설치하여 Storage Node로 사용하는 부분은 ‘xfs’ 파일시스템으로 포멧한다.
5
리눅스 환경설정
• Openstack 구성
6
Internet
Controller
nova
cinder
eth2
eth0
neutron-server
…
Compute node
nova-compute
VMbr-eth1
eth1
neutron-*-plugin-agent
eth0
eth0
br-int
int-br-eth1
Network node
neutron-metadata-agent
neutron-dhcp-agent
neutron-l3-agent
neutron-*-plugin-agent
eth0
br-eth1
eth1
br-ex
eth2
br-int
int-br-eth1
management network
externalnetwork
VM data networkapi network
Swift node
eth0
Storage Node
swift-proxy
Zone 1
swift-object
swift-container
swift-account
OpenStack packages 설치
• 기존에 devstack을 이용하여 Openstack을 설치하였는데,Swift node에서는 Swift Service만 구동하면 되므로 devstack을 이용하지 않는다.
• Openstack Packages 설치
7
~$ sudo apt-get install python-software-properties
~$ sudo add-apt-repository cloud-archive:icehouse
~$ sudo apt-get update && apt-get dist-upgrade
~$ sudo reboot
Storage Node 설치
• Storage node packages 설치
• rsyncd 환경설정
– vi /etc/rsyncd.conf
8
~$ sudo apt-get install swift-account swift-container swift-object xfsprogs
uid = swift
gid = swift
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
address = STORAGE_LOCAL_NET_IP
[account]
max connections = 2
path = /srv/node/
read only = false
lock file = /var/lock/account.lock
[container]
max connections = 2
path = /srv/node/
read only = false
lock file = /var/lock/container.lock
[object]
max connections = 2
path = /srv/node/
read only = false
lock file = /var/lock/object.lock
Storage Node 설치 (계속)
• rsync 설정
– vi /etc/default/rsync
• rsync 서비스를 구동시킨다.
– service rsync start
• swift recon cache directory를 생성한 후, 권한 설정을 한다.
9
# defaults file for rsync daemon mode
…
# about not starting rsyncd (you still need to modify inetd’s config yourself).
RSYNC_ENABLE=true
…
$ mkdir -p /var/swift/recon
$ chown -R swift:swift /var/swift/recon
Proxy Node 설치
• swift-proxy service 설치
• memcached 설정
– vi /etc/memcached.conf
• memcached 서비스를 재구동시킨다.
– service memcached restart
10
$ apt-get install swift-proxy memcached python-keystoneclient python-
swiftclient python-webob
# memcached default config file
…
# it’s listening on a firewalled interface.
-l PROXY_LOCAL_NET_IP
…
Proxy Node 설치 (계속)
• Proxy server 설정
– vi /etc/swift/proxy-server.conf
11
[DEFAULT]
bind_port = 8080
user = swift
[pipeline:main]
pipeline = healthcheck cache authtoken keystoneauth proxy-server
[app:proxy-server]
use = egg:swift#proxy
allow_account_management = true
account_autocreate = true
[filter:keystoneauth]
use = egg:swift#keystoneauth
operator_roles = Member,admin,swiftoperator
[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
delay_auth_decision = true
signing_dir = /home/swift/keystone-signing
auth_protocol = http
auth_host = controller_IP
auth_port = 35357
admin_tenant_name = service
admin_user = swift
admin_password = SWIFT_PASSWORD
[filter:cache]
use = egg:swift#memcache
[filter:catch_errors]
use = egg:swift#catch_errors
[filter:healthcheck]
use = egg:swift#healthcheck
Proxy Node 설치 (계속)
• account, container, object의 Ring을 생성한다.
– Ring : 클러스터상에서 특정 파일이 위치할 노드를 미리 할당한 테이블
– builder의 parameter
• 첫번째 18 : 2^18로, 파티션의 사이즈를 나타내는 값
• 두번째 1 : 각 object의 replicas 수
• 세번째 1 : 파티션 이동 제한 시간
12
$ cd /etc/swift
/etc/swift$ swift-ring-builder account.builder create 18 1 1
/etc/swift$ swift-ring-builder container.builder create 18 1 1
/etc/swift$ swift-ring-builder object.builder create 18 1 1
Proxy Node 설치 (계속)
• Ring-builder를 이용하여 storage device를 추가한다.
– 예
• 설정된 Ring을 확인한다.
13
/etc/swift$ swift-ring-builder account.builder add zZONE-STORAGE_LOCAL_NET_IP:6002/DEVICE 100
/etc/swift$ swift-ring-builder container.builder add zZONE-STORAGE_LOCAL_NET_IP_1:6001/DEVICE 100
/etc/swift$ swift-ring-builder object.builder add zZONE-STORAGE_LOCAL_NET_IP_1:6000/DEVICE 100
/etc/swift$ swift-ring-builder account.builder add z1-100.100.100.102:6002/sdb1 100
/etc/swift$ swift-ring-builder container.builder add z1-100.100.100.102:6001/sdb1 100
/etc/swift$ swift-ring-builder object.builder add z1-100.100.100.102:6000/sdb1 100
/etc/swift$ swift-ring-builder account.builder
/etc/swift$ swift-ring-builder container.builder
/etc/swift$ swift-ring-builder object.builder
Proxy Node 설치 (계속)
• 설정된 Ring을 확인한다. (계속)
– swift-ring-builder account.builder
– swift-ring-builder container.builder
– swift-ring-builder object.builder
14
/etc/swift$ swift-ring-builder account.builder
account.builder, build version 1
262144 partitions, 1.00000 replicas, 1 regions, 1 zones, 1 devices, 0.00 balance
The minimun number of hours before a partition can be reassigned is 1
Devices: id region zone ip address port replication ip replication port name weight partitions balance meta
0 1 1 100.100.100.102 6002 100.100.100.102 6002 sdb1 100.00 262144 0.00
/etc/swift$ swift-ring-builder container.builder
account.builder, build version 1
262144 partitions, 1.00000 replicas, 1 regions, 1 zones, 1 devices, 0.00 balance
The minimun number of hours before a partition can be reassigned is 1
Devices: id region zone ip address port replication ip replication port name weight partitions balance meta
0 1 1 100.100.100.102 6001 100.100.100.102 6001 sdb1 100.00 262144 0.00
/etc/swift$ swift-ring-builder object.builder
account.builder, build version 1
262144 partitions, 1.00000 replicas, 1 regions, 1 zones, 1 devices, 0.00 balance
The minimun number of hours before a partition can be reassigned is 1
Devices: id region zone ip address port replication ip replication port name weight partitions balance meta
0 1 1 100.100.100.102 6000 100.100.100.102 6000 sdb1 100.00 262144 0.00
Proxy Node 설치 (계속)
• Ring을 Rebalance 한다.
15
/etc/swift$ swift-ring-builder account.builder rebalance
/etc/swift$ swift-ring-builder container.builder rebalance
/etc/swift$ swift-ring-builder object.builder rebalance
Proxy Node 설치 (계속)
• 생성된 *.ring.gz파일을 각 Proxy node와 Storage노드의 /etc/swift 밑에 복사한다.
• /etc/swift 폴더의 권한설정을 한다.
• proxy server를 재구동시킨다.
• swift 서비스를 구동시킨다.
16
/etc/swift$ chown -R swift:swift /etc/swift
/etc/swift$ service swift-proxy restart
/etc/swift$ swift-init all restart
Swift Service 등록
• tenant id를 통해 swift user를 추가한다.
– CLI환경설정 : source openrc admin admin
– tenant ID 확인 : keystone tenant-list
– keystone user-create --name=swift --pass=password [email protected]
17
~/devstack$ source openrc admin demo
~/devstack$ keystone tenant-list
+----------------------------------+--------------------+---------+
| id | name | enabled |
+----------------------------------+--------------------+---------+
| 4c93da48d14f49fd8c32b61eba38536c | admin | True |
| 7c558519075a478389b35044e7a6be54 | alt_demo | True |
| a5458bdc7642423e9f91b987b0511e23 | demo | True |
| c033896420714b8ebbf411ce91a4d1c0 | invisible_to_admin | True |
| cfdae0d6a4eb45c09b15da90122edd36 | service | True |
+----------------------------------+--------------------+---------+
~/devstack$ keystone user-create --name=swift --pass=password --email=swift@exa
mple.com
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | [email protected] |
| enabled | True |
| id | 43554bbe8b3e4816bfc0650d18caedca |
| name | swift |
| username | swift |
+----------+----------------------------------+
Swift Service 등록 (계속)
• user에 role을 추가한다.
– keystone user-role-add --user=swift --tenant=service --role=admin
• swift service를 keystone에 등록한다.
– keystone service-create --name=swift --type=object-store --description=“Object Storage Service”
18
~/devstack$ keystone service-create --name=swift --type=object-store --descri
ption=“Object Storage Service”
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Object Storage Service |
| enabled | True |
| id | d3cde13149034d02a2de23d3dee83af1 |
| name | swift |
| type | object-store |
+-------------+----------------------------------+
Swift Service 등록 (계속)
• 해당 서비스를 endpoint에 생성한다
– keystone endpoint-create --region=$REGION_NAME --service-id $SERVICE_ID--publicurl=‘http://$PROXYSERVER_IP:8080/v1/AUTH_$(tenant_id)s’ --internalurl=‘http://$PROXYSERVER_IP:8080/v1/AUTH_$(tenant_id)s’--adminurl=‘http://$PROXYSERVER_IP:8080’
19
~/devstack$ keystone endpoint-create --region=RegionOne --service-id d3cde131490
34d02a2de23d3aee83af1 --Publicurl=‘http://100.100.100.102:8080/v1/AUTH_$(tenant_
id)s’ --internalurl=‘http://100.100.100.102:8080/v1/AUTH_$(tenant_id)s’ --adminu
rl=‘http://100.100.100.102:8080’
+-------------+---------------------------------------------------+
| Property | Value |
+-------------+---------------------------------------------------+
| adminurl | http://100.100.100.102:8080/ |
| id | 9e3ce428f82b40d38922f242c095982e |
| internalurl | http://100.100.100.102:8080/v1/AUTH_$(tenant_id)s |
| publicurl | http://100.100.100.102:8080/v1/AUTH_$(tenant_id)s |
| region | RegionOne |
| service_id | d3cde13149034d02a2de23d3aee83af1 |
+-------------+---------------------------------------------------+
Swift Containers
• swift노드를 생성하고 난 후, Project 메뉴에 Object Store 메뉴가 생성된 것을 확인할 수 있다.
20
Swift Containers (계속)
• Container 생성
21
Container 이름
Container에 접근범위 설정
Swift Containers (계속)
• 생성된 Containder 명을 선택하면, 그 밑에 pseudo-folder를 생성하거나, Object를 Upload/Download할 수 있다.
22
Swift Containers (계속)
• peudo-folder 생성
23
Swift Containers (계속)
• 해당 Container에 Object Upload
24
참고 자료
• Openstack Swift overview, 이어형, http://www.slideshare.net/ssuser5ad078/swift-overview
• Add Object Storage, openstack.org, http://docs.openstack.org/havana/install-guide/install/apt/content/ch_swift.html
25