ubuntu-上安装ceph-object-radosgw.docx

ubuntu 上安装ceph object radosgw 1、首先ubuntu服务器需要能够上网否则系统yum源不可用。 步骤如下： 安装apache2 fastcgi radosgw sudo apt-get -y install apache2 libapache2-mod-fastcgi radosgw openssl ssl-cert 1、修改apache2配置文件 #vi /etc/apache2/apache2.conf 在最后一行上添加对象存储服务器的名称： ServerName hostname 2、加载模块 #sudo a2enmod proxy_fcgi #sudo a2enmod rewrite #sudo a2enmond ssl 3、启动apache服务 #sudo service apache2 start 如果提示错误：Could not reliably determine the server's fully qualified domain name 是因为/etc/apache2/apache2.conf 下的ServerName没有配置 4、创建ssl密钥 #sudo mkdir /etc/apache2/ssl #sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt 重启 apche: sudo service apache2 restart Configure The Gateway 配置网关 Create a User and Keyring 1.Create a keyring for the gateway: sudo ceph-authtool --create-keyring /etc/ceph/ceph.client.radosgw.keyring sudo chmod +r /etc/ceph/ceph.client.radosgw.keyring 2.Generate a Ceph Object Gateway user name and key for each instance. For exemplary purposes, we will use the name gateway after client.radosgw: sudo ceph-authtool /etc/ceph/ceph.client.radosgw.keyring -n client.radosgw.gateway --gen-key 3.Add capabilities to the key. See Configuration Reference - Pools for details on the effect of write permissions for the monitor and creating pools. sudo ceph-authtool -n client.radosgw.gateway --cap osd 'allow rwx' --cap mon 'allow rwx' /etc/ceph/ceph.client.radosgw.keyring 4.Once you have created a keyring and key to enable the Ceph Object Gateway with access to the Ceph Storage Cluster, add the key to your Ceph Storage Cluster. For example: sudo ceph -k /etc/ceph/ceph.client.admin.keyring auth add client.radosgw.gateway -i /etc/ceph/ceph.client.radosgw.keyring 5.Distribute the keyring to the node with the gateway instance. sudo scp /etc/ceph/ceph.client.radosgw.keyring ceph@{hostname}:/etc/ceph/ Create Pools Ceph Object Gateways require Ceph Storage Cluster pools to store specific gateway data. If the user you created has permissions, the gateway will create the pools automatically. However, you should ensure that you have set an appropriate default number of placement groups per pool into your Ceph configuration file. Note Ceph Object Gateways have multiple pools, so don’t make the number of PGs too high considering all of the pools assigned to the same CRUSH hierarchy, or performance may suffer. When configuring a gateway with the default region and zone, the naming convention for pools typically omits region and zone naming, but you can use any naming convention you prefer. For example: .rgw ·.rgw.root ·.rgw.control ·.rgw.gc ·.rgw.buckets ·.rgw.buckets.index ·.users ·.log ·.users.email ·.users.swift ·.users.uid ceph osd pool create .rgw 32 32 ceph osd pool create .rgw.root 32 32 ceph osd pool create .rgw.control 32 32 ceph osd pool create .rgw.gc 32 32 ceph osd pool create .rgw.buckets 32 32 ceph osd pool create .rgw.buckets.index 32 32 ceph osd pool create .users 32 32 ceph osd pool create .log 32 32 ceph osd pool create .users.email 32 32 ceph osd pool create .users.swift 32 32 ceph osd pool create .users.uid 32 32 Add a Gateway Configuration to Ceph For distros with Apache 2.2 and early versions of Apache 2.4 (RHEL 6, Ubuntu 12.04, 14.04 etc), append the following configuration to /etc/ceph/ceph.conf in your admin node: [client.radosgw.gateway] host = {hostname} keyring = /etc/ceph/ceph.client.radosgw.keyring rgw socket path = "" log file = /var/log/radosgw/client.radosgw.gateway.log rgw frontends = fastcgi socket_port=9000 socket_host=0.0.0.0 rgw print continue = false Push the updated ceph.conf file from the admin node to all other nodes in the cluster including the gateway host: ceph-deploy --overwrite-conf config push [HOST] [HOST...] Copy ceph.client.admin.keyring from admin node to gateway host As the gateway host can be a different node that is not part of the cluster, the ceph.client.admin.keyring needs to be copied from the admin node to the gateway host. To do so, execute the following on admin node: sudo scp /etc/ceph/ceph.client.admin.keyring root@{hostname}:/etc/ceph/ Create Data Directory Deployment scripts may not create the default Ceph Object Gateway data directory. Create data directories for each instance of a radosgw daemon (if you haven’t done so already). The host variables in the Ceph configuration file determine which host runs each instance of a radosgw daemon. The typical form specifies the radosgw daemon, the cluster name and the daemon ID. To create the directory on the gateway host, execute the following: sudo mkdir -p /var/lib/ceph/radosgw/ceph-radosgw.gateway sudo touch /var/log/radosgw/client.radosgw.gateway.log Start radosgw service The Ceph Object gateway daemon needs to be started. To do so, execute the following on the gateway host: On Debian-based distros: radosgw -c /etc/ceph/ceph.conf -n client.radosgw.gateway Create a Gateway Configuration file On the host where you installed the Ceph Object Gateway i.e, gateway host, create an rgw.conf file. Place the file in /etc/apache2/site-available directory for Debian-based distros and in /etc/httpd/conf.d directory for RPM-based distros. It is a Apache configuration file which is needed for the radosgw service. This file must be readable by the web server. Execute the following steps: 1. Create the file: For Debian-based distros, execute: sudo vi /etc/apache2/site-available/rgw.conf <VirtualHost *:80> ServerName localhost DocumentRoot /var/www/html ErrorLog /var/log/apache2/rgw_error.log CustomLog /var/log/apache2/rgw_access.log combined # LogLevel debug RewriteEngine On RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L] SetEnv proxy-nokeepalive 1 ProxyPass / fcgi://localhost:9000/ </VirtualHost> 禁用默认站点启用rgw站点 sudo a2dissite 000-default.conf Sudo a2ensite rgw.conf 重启apache2服务 service apache2 restart Create a radosgw user for S3 access A radosgw user needs to be created and granted access. The command man radosgw-admin will provide information on additional command options. To create the user, execute the following on the gateway host: sudo radosgw-admin user create --uid="testuser" --display-name="First User" Test S3 access You need to write and run a Python test script for verifying S3 access. The S3 access test script will connect to the radosgw, create a new bucket and list all buckets. The values for aws_access_key_id and aws_secret_access_key are taken from the values of access_key and secret_key returned by the radosgw_admin command. Execute the following steps: 1. You will need to install the python-boto package. For Debian-based distros, run: sudo apt-get install python-boto For RPM-based distros, run: sudo yum install python-boto //rpm 2. Create the Python script: vi s3test.py Add the following contents to the file: import boto import boto.s3.connection access_key = 'I0PJDPCIYZ665MW88W9R' secret_key = 'dxaXZ8U90SXydYzyS5ivamEP20hkLSUViiaR+ZDA' conn = boto.connect_s3( aws_access_key_id = access_key, aws_secret_access_key = secret_key, host = '{hostname}', is_secure=False, calling_format = boto.s3.connection.OrdinaryCallingFormat(), ) bucket = conn.create_bucket('my-new-bucket') for bucket in conn.get_all_buckets(): print "{name}\t{created}".format( name = bucket.name, created = bucket.creation_date, )