<center>Ceph RGW</center>

原文地址:RGW 安装和创建

本文通过ceph-deploy安装和创建RGW,然后分别创建S3Swift接口并提供了相应的方案。

Ceph RGW基于librados,是为应用提供RESTful类型的对象存储接口。RGW提供两种类型的接口:

  • S3:兼容Amazon S3 RESTful API
  • Swift:兼容OpenStack Swift API

S3Swift API共享同一个命名空间,所以可以使用两种API访问相同的数据。

参考链接: Ceph:创建RGW

部署 RGW

进入 ceph 目录

cd /etc/ceph

安装 ceph object gateway

我这边是node1,根据hostname对号入座就行

ceph-deploy install --rgw node1 

Gather keys

ceph-deploy gatherkeys node1

创建 rgw 实例

ceph-deploy rgw create node1

Ceph CLI

Ceph CLI工具需要在管理员模式下运行,因此需要执行以下命令

ceph-deploy admin node1

测试是否安装成功

一旦RGW开始运行,就可以通过端口7480(如果没有修改的话)来访问。如:
http://node1:7480,如果RGW运行正常,它应该返回类似的信息:

This XML file does not appear to have any style information associated with it. The document tree is shown below.
<ListAllMyBucketsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<Owner>
<ID>anonymous</ID>
<DisplayName/>
</Owner>
<Buckets/>
</ListAllMyBucketsResult>

创建 S3 用户

想正常的访问RGW,需要创建相应的RGW用户,并赋予相应的权限,radosgw-admin命令实现了这些功能。

其中keys中的useraccess_keysecret_key用于之后的S3接口访问确认

[root@node1 ~]# radosgw-admin user create --uid="admin" --display-name="First user"
2017-11-08 16:51:39.883217 7fb6868fac40  0 WARNING: detected a version of libcurl which contains a bug in curl_multi_wait(). enabling a workaround that may degrade performance slightly.
{
    "user_id": "admin",
    "display_name": "First user",
    "email": "",
    "suspended": 0,
    "max_buckets": 1000,
    "auid": 0,
    "subusers": [],
    "keys": [
        {
            "user": "admin",
            "access_key": "1MWH3LWM1BS4ZF4HN5IH",
            "secret_key": "cuObxYgtl1lJgqNxOIpENycVqXfxLxZ8z5IXDM0O"
        }
    ],
    "swift_keys": [],
    "caps": [],
    "op_mask": "read, write, delete",
    "default_placement": "",
    "placement_tags": [],
    "bucket_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "user_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "temp_url_keys": [],
    "type": "rgw"
}

创建 Swift 用户

Swift用户是作为子用户subuser被创建的,执行以下命令:

其中swift_keys中的usersecret_key用于之后的swift接口访问确认

[root@node1 ~]# radosgw-admin subuser create --uid=admin --subuser=admin:swift --access=full
2017-11-08 16:55:05.371174 7fb4cbfc2c40  0 WARNING: detected a version of libcurl which contains a bug in curl_multi_wait(). enabling a workaround that may degrade performance slightly.
{
    "user_id": "admin",
    "display_name": "First user",
    "email": "",
    "suspended": 0,
    "max_buckets": 1000,
    "auid": 0,
    "subusers": [
        {
            "id": "admin:swift",
            "permissions": "full-control"
        }
    ],
    "keys": [
        {
            "user": "admin",
            "access_key": "1MWH3LWM1BS4ZF4HN5IH",
            "secret_key": "cuObxYgtl1lJgqNxOIpENycVqXfxLxZ8z5IXDM0O"
        }
    ],
    "swift_keys": [
        {
            "user": "admin:swift",
            "secret_key": "PKRXACd8Ysgx7MCTjd9gHnL3sdpJ2J6wsuy2IS0P"
        }
    ],
    "caps": [],
    "op_mask": "read, write, delete",
    "default_placement": "",
    "placement_tags": [],
    "bucket_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "user_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "temp_url_keys": [],
    "type": "rgw"
}

测试 S3 接口

需要创建一个python测试脚本来测试S3访问。该脚本会连接RGW,创建一个bucket并打印输出所有的bucket。其中,变量access_keysecret_access的值,来自于创建S3用户命令时,radosgw-admin命令返回的keys->access_keykeys->secret_key

安装 python-boto库

执行以下步骤,首先安装python-boto库,该库用于连接S3

yum install -y python-boto 

创建脚本

#!/usr/bin/python  
# -*- coding:utf-8 -*-  

import boto.s3.connection  
   
access_key = '1MWH3LWM1BS4ZF4HN5IH'     
secret_key ='cuObxYgtl1lJgqNxOIpENycVqXfxLxZ8z5IXDM0O'  
conn = boto.connect_s3(  
        aws_access_key_id=access_key,  
        aws_secret_access_key=secret_key,  
        host='{hostname}',port={port},  
        is_secure=False,calling_format=boto.s3.connection.OrdinaryCallingFormat(),  
        )  
   
bucket = conn.create_bucket('my-new-bucket')  
for bucket in conn.get_all_buckets():  
    print"{name} {created}".format(  
            name=bucket.name,  
            created=bucket.creation_date,  
            )  
   

需要将上面的{hostname}替换成对应的hostname或者IP,例如192.168.1.1;将{port}替换成RGW运行的端口,默认为7480;前者为字符串,后者为数字

执行脚本测试

[root@node1 ceph]# python s3test.py 
my-new-bucket 2017-11-01T10:58:53.670Z

测试 Swift 接口

安装相关软件包

pip installpython-setuptools    
pip installpython-swiftclient  

命令行访问

替换{ip}{port}{swift_secret_key},其中{swift_secret_key}为创建Swift用户时,radosgw-admin命令返回的swift_keys->secret_key的值

swift -A http://{ip}:{port}/auth/1.0 -Utestuser:swift -K '{swift_secret_key}' list 

正常输出应该如下:

[root@node1 ceph]# swift -Ahttp://192.168.1.1:7480/auth/1.0 -U admin:swift -K 'PKRXACd8Ysgx7MCTjd9gHnL3sdpJ2J6wsuy2IS0P' list  
my-new-bucket 

小结

ceph-deploy命令,大大地简化了对Ceph集群和RGW的安装和配置,可以很快速的搭建测试环境,达到测试效果,但如果要在生产环境中应用的话,可能需要手动做一些配置就,不能完全依赖ceph-deploy了。


Tony_Zby
7.1k 声望154 粉丝

世界太大,没事瞄一瞄


引用和评论

0 条评论