- Source .adminrc
source .adminrc- Create service and creds
- Create swift user and add role:
openstack user create --domain default --password password123 swift
openstack role add --project service --user swift admin- Create swift service:
openstack service create --name swift \
--description "Openstack Object Storage" object-store- Create service API endpoints:
for i in public internal admin; \
do openstack endpoint create --region RegionOne \
object-store $i http://controller:8080/v1/AUTH_%\(project_id\)s; \
done- Install packages:
apt install swift swift-proxy python3-swiftclient \
python3-keystoneclient python3-keystonemiddleware \
memcached -y- Create /etc/swift dir:
install -d /etc/swift -o root -g swift- Get copy of proxy-server.conf:
curl -o /etc/swift/proxy-server.conf https://opendev.org/openstack/swift/raw/branch/stable/wallaby/etc/proxy-server.conf-sample
chgrp swift /etc/swift/proxy-server.conf- Backup an sanitize /etc/swift/proxy-server.conf:
cp -p /etc/swift/proxy-server.conf /etc/swift/proxy-server.conf.bak
grep -Ev '^(#|$)' /etc/swift/proxy-server.conf.bak|sed '/^\[.*]/i \ '|tail -n +2 > /etc/swift/proxy-server.conf- Edit /etc/swift/proxy-server.conf sections:
[DEFAULT]
#...
bind_port = 8080
user = swift
swift_dir = /etc/swift
[pipeline:main]
# remove tempurl and tempauth, add authtoken and keystoneauth
pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk ratelimit authtoken keystoneauth container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server
[app:proxy-server]
use = egg:swift#proxy
#...
account_autocreate = True
[filter:keystoneauth]
use = egg:swift#keystoneauth
#...
operator_roles = admin,member
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
#...
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = swift
password = password123
delay_auth_decision = True
[filter:cache]
use = egg:swift#memcache
#...
memcache_servers = controller:11211- Install packages:
apt-get install xfsprogs rsync -y- Format extra disks
mkfs.xfs /dev/vdc
mkdir -p /srv/node/vdc
- get block id of new vol and add to fstab, then mount
blkid
UUID="<UUID>" /srv/node/vdc xfs noatime 0 2mount /srv/node/vdc
- create or modify /etc/rsyncd.conf:
uid = swift
gid = swift
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
address = MANAGEMENT_INTERFACE_IP_ADDRESS
[account]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/account.lock
[container]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/container.lock
[object]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/object.lock- enable rsync in /etc/default/rsync
RSYNC_ENABLE=true- start rsync:
service rsync start
- install packages
apt-get install swift swift-account swift-container swift-object -y
- pull sample config files
curl -o /etc/swift/account-server.conf https://opendev.org/openstack/swift/raw/branch/stable/wallaby/etc/account-server.conf-sample
curl -o /etc/swift/container-server.conf https://opendev.org/openstack/swift/raw/branch/stable/wallaby/etc/container-server.conf-sample
curl -o /etc/swift/object-server.conf https://opendev.org/openstack/swift/raw/branch/stable/wallaby/etc/object-server.conf-sample
- Backup an sanitize /etc/swift/account-server.conf:
cp -p /etc/swift/account-server.conf /etc/swift/account-server.conf.bak
grep -Ev '^(#|$)' /etc/swift/account-server.conf.bak|sed '/^\[.*]/i \ '|tail -n +2 > /etc/swift/account-server.conf- edit /etc/swift/account-server.conf
[DEFAULT]
#...
bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS
bind_port = 6202
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = True
[pipeline:main]
pipeline = healthcheck recon account-server
[filter:recon]
use = egg:swift#recon
#...
recon_cache_path = /var/cache/swift- Backup an sanitize /etc/swift/container-server.conf:
cp -p /etc/swift/container-server.conf /etc/swift/container-server.conf.bak
grep -Ev '^(#|$)' /etc/swift/container-server.conf.bak|sed '/^\[.*]/i \ '|tail -n +2 > /etc/swift/container-server.conf- edit /etc/swift/container-server.conf
[DEFAULT]
#...
bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS
bind_port = 6201
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = True
[pipeline:main]
pipeline = healthcheck recon container-server
[filter:recon]
use = egg:swift#recon
#...
recon_cache_path = /var/cache/swift- Backup an sanitize /etc/swift/object-server.conf:
cp -p /etc/swift/object-server.conf /etc/swift/object-server.conf.bak
grep -Ev '^(#|$)' /etc/swift/object-server.conf.bak|sed '/^\[.*]/i \ '|tail -n +2 > /etc/swift/object-server.conf- edit /etc/swift/object-server.conf
[DEFAULT]
#...
bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS
bind_port = 6200
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = True
[pipeline:main]
pipeline = healthcheck recon object-server
[filter:recon]
use = egg:swift#recon
#...
recon_cache_path = /var/cache/swift
recon_lock_path = /var/lock- set perms on /srv/node
chown -R swift:swift /srv/node
- create cache dir and set perms
mkdir -p /var/cache/swift
chown -R root:swift /var/cache/swift
chmod -R 775 /var/cache/swift
-
cd to /etc/swift dir
-
create rings
swift-ring-builder account.builder create 8 1 1
swift-ring-builder container.builder create 8 1 1
swift-ring-builder object.builder create 8 1 1
- add storage devices to rings
swift-ring-builder account.builder \
add --region 1 --zone 1 --ip STORAGE_NODE_MANAGEMENT_INTERFACE_IP_ADDRESS --port 6202 --device DEVICE_NAME --weight DEVICE_WEIGHT
swift-ring-builder container.builder \
add --region 1 --zone 1 --ip STORAGE_NODE_MANAGEMENT_INTERFACE_IP_ADDRESS --port 6201 --device DEVICE_NAME --weight DEVICE_WEIGHT
swift-ring-builder object.builder \
add --region 1 --zone 1 --ip STORAGE_NODE_MANAGEMENT_INTERFACE_IP_ADDRESS --port 6200 --device DEVICE_NAME --weight DEVICE_WEIGHT
- verify rings
swift-ring-builder account.builder
swift-ring-builder container.builder
swift-ring-builder object.builder
- rebalance rings
swift-ring-builder account.builder rebalance
swift-ring-builder container.builder rebalance
swift-ring-builder object.builder rebalance
- distribute rings to object storage nodes
scp /etc/swift/*.gz STORAGE_NODE:/etc/swift
- get sample conf file
curl -o /etc/swift/swift.conf https://opendev.org/openstack/swift/raw/branch/stable/wallaby/etc/swift.conf-sample
- Backup an sanitize /etc/swift/swift.conf:
cp -p /etc/swift/swift.conf /etc/swift/swift.conf.bak
grep -Ev '^(#|$)' /etc/swift/swift.conf.bak|sed '/^\[.*]/i \ '|tail -n +2 > /etc/swift/swift.conf- modify file /etc/swift/swift.conf
[swift-hash]
#...
swift_hash_path_suffix = suffix_4332469b98761c60e0c2e3e40daeefe9
swift_hash_path_prefix = prefix_952b70ca75466fe48354359f958b2a42
[storage-policy:0]
#...
name = Policy-0
default = yes- distribute conf file to /etc/swift on storage nodes
scp /etc/swift/swift.conf STORAGE_NODE:/etc/swift
- ensure proper ownership of files on controll and all storage nodes
chown -R root:swift /etc/swift
- restart services
service memcached restart
service swift-proxy restart
- start all swift services
systemctl stop swift-proxy
swift-init all start
- get creds
source ~/.adminrc
- check swift stats
swift stat
- create container, object, test, etc
openstack container create container1
echo 'sample text' > test.txt
openstack object create container1 test.txt
rm -f test.txt
openstack object list container1
openstack object save container1 test.txt
openstack object delete container1 test.txt