OpenStack Epoxy : Configure Swift (Proxy Node)

Configure OpenStack Object Storage (Swift). This example is based on the environment like follows. ------------+--------------------------+------------ | | eth0|10.0.0.30 eth0|10.0.0.50 +-----------+-----------+ +-----------+-----------+ | [ dlp.srv.world ] | | [ network.srv.world ] | | (Control Node) | | (Proxy Node) | | | | | | MariaDB RabbitMQ | | Swift Proxy | | Memcached Nginx | | Nginx | | Keystone httpd | | | +-----------------------+ +-----------------------+ ------------+--------------------------+--------------------------+----------- eth0|10.0.0.71 eth0|10.0.0.72 eth0|10.0.0.73 +-----------+-----------+ +-----------+-----------+ +-----------+-----------+ | [snode01.srv.world] | | [snode02.srv.world] | | [snode03.srv.world] | | (Storage Node#1) | | (Storage Node#2) | | (Storage Node#3) | | | | | | | | Swift-Account | | Swift-Account | | Swift-Account | | Swift-Container | | Swift-Container | | Swift-Container | | Swift-Object | | Swift-Object | | Swift-Object | +-----------------------+ +-----------------------+ +-----------------------+

[1]	Install Swift-Proxy on Proxy Node.

root@network:~#  apt -y install swift swift-proxy python3-swiftclient python3-keystonemiddleware python3-memcache nginx libnginx-mod-stream

[2]	Configure Swift-Proxy.

root@network:~#  mv /etc/swift/proxy-server.conf /etc/swift/proxy-server.conf.org root@network:~#  vi /etc/swift/proxy-server.conf # create new [DEFAULT] bind_ip = 127.0.0.1 bind_port = 8080 keep_idle = 600 bind_timeout = 30 backlog = 4096 swift_dir = /etc/swift user = swift [pipeline:main] pipeline = catch_errors gatekeeper healthcheck proxy-logging cache listing_formats container_sync bulk ratelimit copy container-quotas account-quotas slo dlo versioned_writes symlink proxy-logging proxy-server [app:proxy-server] use = egg:swift#proxy allow_account_management = true account_autocreate = true [filter:s3api] use = egg:swift#s3api [filter:s3token] use = egg:swift#s3token reseller_prefix = AUTH_ delay_auth_decision = False # Keystone auth info auth_uri = https://dlp.srv.world:5000/v3 http_timeout = 10.0 auth_url = https://dlp.srv.world:5000 auth_type = password project_domain_name = Default project_domain_id = default user_domain_name = Default project_name = service username = swift password = servicepassword [filter:healthcheck] use = egg:swift#healthcheck [filter:cache] use = egg:swift#memcache # specify Memcached server memcache_servers = dlp.srv.world:11211 [filter:ratelimit] use = egg:swift#ratelimit [filter:read_only] use = egg:swift#read_only [filter:domain_remap] use = egg:swift#domain_remap [filter:catch_errors] use = egg:swift#catch_errors [filter:cname_lookup] use = egg:swift#cname_lookup [filter:staticweb] use = egg:swift#staticweb [filter:formpost] use = egg:swift#formpost [filter:name_check] use = egg:swift#name_check [filter:etag-quoter] use = egg:swift#etag_quoter [filter:list-endpoints] use = egg:swift#list_endpoints [filter:proxy-logging] use = egg:swift#proxy_logging [filter:bulk] use = egg:swift#bulk [filter:slo] use = egg:swift#slo [filter:dlo] use = egg:swift#dlo [filter:container-quotas] use = egg:swift#container_quotas [filter:account-quotas] use = egg:swift#account_quotas [filter:gatekeeper] use = egg:swift#gatekeeper [filter:container_sync] use = egg:swift#container_sync [filter:xprofile] use = egg:swift#xprofile [filter:versioned_writes] use = egg:swift#versioned_writes [filter:copy] use = egg:swift#copy [filter:keymaster] use = egg:swift#keymaster meta_version_to_write = 2 encryption_root_secret = my_root_secret [filter:kms_keymaster] use = egg:swift#kms_keymaster [filter:kmip_keymaster] use = egg:swift#kmip_keymaster [filter:encryption] use = egg:swift#encryption [filter:listing_formats] use = egg:swift#listing_formats [filter:symlink] use = egg:swift#symlink root@network:~#  vi /etc/swift/swift.conf # line 9,10 : change values # shared among Swift Nodes - any words you like [swift-hash] swift_hash_path_suffix =  swift_shared_path swift_hash_path_prefix =  swift_shared_path root@network:~#  chown -R swift:swift /etc/swift

[3]	Configure Swift Ring files.

root@network:~#  swift-ring-builder /etc/swift/account.builder create 12 3 1 root@network:~#  swift-ring-builder /etc/swift/container.builder create 12 3 1 root@network:~#  swift-ring-builder /etc/swift/object.builder create 12 3 1 root@network:~#  swift-ring-builder /etc/swift/account.builder add r0z0-10.0.0.71:6202/device 100 Device d0r0z0-10.0.0.71:6202R10.0.0.71:6202/device_"" with 100.0 weight got id 0 root@network:~#  swift-ring-builder /etc/swift/container.builder add r0z0-10.0.0.71:6201/device 100 Device d0r0z0-10.0.0.71:6201R10.0.0.71:6201/device_"" with 100.0 weight got id 0 root@network:~#  swift-ring-builder /etc/swift/object.builder add r0z0-10.0.0.71:6200/device 100 Device d0r0z0-10.0.0.71:6200R10.0.0.71:6200/device_"" with 100.0 weight got id 0 root@network:~#  swift-ring-builder /etc/swift/account.builder add r1z1-10.0.0.72:6202/device 100 Device d1r1z1-10.0.0.72:6202R10.0.0.72:6202/device_"" with 100.0 weight got id 1 root@network:~#  swift-ring-builder /etc/swift/container.builder add r1z1-10.0.0.72:6201/device 100 Device d1r1z1-10.0.0.72:6201R10.0.0.72:6201/device_"" with 100.0 weight got id 1 root@network:~#  swift-ring-builder /etc/swift/object.builder add r1z1-10.0.0.72:6200/device 100 Device d1r1z1-10.0.0.72:6200R10.0.0.72:6200/device_"" with 100.0 weight got id 1 root@network:~#  swift-ring-builder /etc/swift/account.builder add r2z2-10.0.0.73:6202/device 100 Device d2r2z2-10.0.0.73:6202R10.0.0.73:6202/device_"" with 100.0 weight got id 2 root@network:~#  swift-ring-builder /etc/swift/container.builder add r2z2-10.0.0.73:6201/device 100 Device d2r2z2-10.0.0.73:6201R10.0.0.73:6201/device_"" with 100.0 weight got id 2 root@network:~#  swift-ring-builder /etc/swift/object.builder add r2z2-10.0.0.73:6200/device 100 Device d2r2z2-10.0.0.73:6200R10.0.0.73:6200/device_"" with 100.0 weight got id 2 root@network:~#  swift-ring-builder /etc/swift/account.builder rebalance Reassigned 12288 (300.00%) partitions. Balance is now 0.00. Dispersion is now 0.00 root@network:~#  swift-ring-builder /etc/swift/container.builder rebalance Reassigned 12288 (300.00%) partitions. Balance is now 0.00. Dispersion is now 0.00 root@network:~#  swift-ring-builder /etc/swift/object.builder rebalance Reassigned 12288 (300.00%) partitions. Balance is now 0.00. Dispersion is now 0.00 root@network:~#  chown swift:swift /etc/swift/*.gz root@network:~#  systemctl restart swift-proxy

[4]	Get valid SSL/TLS certificate or Create self-signed certificate for Network Node and configure Nginx for proxy settings.

root@network:~#  unlink /etc/nginx/sites-enabled/default root@network:~#  vi /etc/nginx/nginx.conf # add to last line stream { upstream swift-proxy { server 127.0.0.1:8080; } server { listen 10.0.0.50:8080 ssl; proxy_pass swift-proxy; } ssl_certificate "/etc/letsencrypt/live/network.srv.world/fullchain.pem"; ssl_certificate_key "/etc/letsencrypt/live/network.srv.world/privkey.pem"; } root@network:~#  systemctl restart nginx

Matched Content