In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-03-31 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
This article mainly introduces the installation and configuration of Ceph object Storage Gateway. in daily operation, I believe many people have doubts about the installation and configuration of Ceph object Storage Gateway. the editor consulted all kinds of materials and sorted out simple and easy-to-use operation methods. I hope it will be helpful to answer the doubts of "installation and configuration of Ceph object Storage Gateway". Next, please follow the editor to study!
Introduction
Based on the deployed Ceph cluster, a gateway server is deployed to provide object storage services. In fact, the operating system CentOS6.5 CEPH0.94.3 can be accessed directly based on librados, but I have seen the object storage of Baidu and UCLOUD. When users upload and download files on the web page, they all deal with the storage cluster indirectly through the web server, which is isolated instead of communicating directly with the cluster. I have to understand that it is easy to access control and isolation.
1. Dependent package installation
Ceph rados-gateway relies on Apache and FastCGI. The user's request goes to the web server first, and then goes to rados-gateway to enter the cluster.
1.1 install Apache service sudo yum install httpdPackage httpd-2.2.15-47.el6.centos.x86_64 already installed and latest version1.2 configure http server sudo vim / etc/httpd/conf/httpd.conf
Remove the comment number of ServerName and add the IP address of your own gateway server
272 # If your host doesn't have a registered DNS name, enter its IP address here.273 # You will have to access it by its address anyway, and this will make 274 # redirections work in a sensible way.275 # 276 ServerName 101.67.163.34:80
Add the following information to the configuration to load mod_proxy_fcgi
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
Note here that the content needs to be loaded at the back of the LoadModule series, otherwise the following error will be reported:
Sudo service httpd startStarting httpd: httpd: Syntax error on line 129 of / etc/httpd/conf/httpd.conf: Cannot load / etc/httpd/modules/mod_proxy_fcgi.so into server: / etc/httpd/modules/mod_proxy_fcgi.so: undefined symbol: ap_proxy_release_connection
Modify the LISTEN field in the configuration to add the IP address of the host where the gateway is located
# Listen: Allows you to bind Apache to specific IP addresses and/or# ports, in addition to the default. See also the # directive.## Change this to Listen on specific IP addresses as shown below to # prevent Apache from glomming onto all bound IP addresses (0.0.0.0) # Listen 101.67.163.34:80#Listen 801.3 SSL support (whether it must be clear here, just follow the official documentation)
Secret key file generation
Sudo yum install mod_ssl opensslopenssl genrsa-out ca.key 2048openssl req-new-key ca.key-out ca.csropenssl x509-req-days 365-in ca.csr-signkey ca.key-out ca.crt
Place sudo cp ca.crt / etc/pki/tls/certs in the file directory
Sudo cp ca.key / etc/pki/tls/private/ca.keysudo cp ca.csr / etc/pki/tls/private/ca.csr
Configuration file modification / etc/httpd/conf.d/ssl.conf.
SSLCertificateFile / etc/pki/tls/certs/ca.crtSSLCertificateKeyFile / etc/pki/tls/private/ca.key
Restart the httpd service sudo service httpd restart
1.4 Gateway service installation sudo yum install ceph-radosgw
At this point, the relevant dependency packages have been installed
2. CEPH gateway service configuration
The ceph gateway is actually a client of the ceph cluster. Users access the ceph cluster indirectly through this gateway. As a client, it needs to prepare the following:
Gateway name, which is called gateway here
A user who can access the storage cluster and the corresponding KEYRING
Data resource pool, which is provided by the ceph cluster
Prepare a data storage space for the gateway service example
Set gateway information in the ceph.conf configuration file
2.1 create access users and permission settings
Create a gateway keyring, which is empty at first
Sudo ceph-authtool-- create-keyring / etc/ceph/ceph.client.radosgw.keyringsudo chmod + r / etc/ceph/ceph.client.radosgw.keyring
Create the gateway user name and key where the name is client.radosgw.gateway
Sudo ceph-authtool / etc/ceph/ceph.client.radosgw.keyring-n client.radosgw.gateway-- gen-key
Add permissions for KEYRING
Sudo ceph-authtool-n client.radosgw.gateway-- cap osd 'allow rwx'-- cap mon' allow rwx' / etc/ceph/ceph.client.radosgw.keyring
Add key to the cluster
Sudo ceph-k / etc/ceph/ceph.client.admin.keyring auth add client.radosgw.gateway-I / etc/ceph/ceph.client.radosgw.keyring
Copy the relevant KEYRING files to the host / etc/ceph/ directory where rados-gateway is located
2.2 data resource pool creation. Rgw.root.rgw.control.rgw.gc.rgw.buckets.rgw.buckets.index.rgw.buckets.extra.log.intent-log.usage.users.users.email.users.swift.users.uid [root@gnop029-ct-zhejiang_wenzhou-16-34 conf] # ceph osd lspools4 rbd,6 pool-1,7 pool-2,8 .rgw, 9. Rgw.root, 10. Rgw.control, 11. Rgw.gc, 12. Rgw.buckets, 13. Rgw.buckets.index, 14. Log 15. Intent-log,16 .usage, 17. Users, 18. Users.email, 19. Users.swift, 20. Users.uid2.3 add gateway configuration information to the cluster configuration [client.radosgw.gateway] host=ceph-24keyring=/etc/ceph/ceph.client.radosgw.keyringrgw socket path=/var/run/ceph/ceph.radosgw.gateway.fastcgi.socklog file=/var/log/radosgw/client.radosgw.gateway.logrgw frontends=fastcgi socket_port=9000 socket_host=0.0.0.0rgw print continue=false2.4 directory and permission adjustment
Create a data directory
Sudo mkdir-p / var/lib/ceph/radosgw/ceph-radosgw.gateway adjust apache running permissions sudo chown apache:apache / var/run/ceph
Adjust log permissions
Sudo chown apache:apache / var/log/radosgw/client.radosgw.gateway.log
Start the gateway service sudo / etc/init.d/ceph-radosgw start
2.5 Gateway Profil
A configuration file for interaction between web server and FastCGI
Sudo vi / etc/httpd/conf.d/rgw.conf
ServerName 101.67.163.34DocumentRoot / var/www/htmlErrorLog / var/log/httpd/rgw_error.logCustomLog / var/log/httpd/rgw_access.log combinedRewriteEngine OnRewriteRule. *-[SetEnv proxy-nokeepalive 1ProxyPass / fcgi://101.67.163.34:9000/] SetEnv proxy-nokeepalive 1ProxyPass / fcgi://101.67.163.34:9000/
The red mark should be filled in according to the actual situation.
User creates radosgw-admin user create-- uid=xuwenping-- display-name= "ceph xuwenping"-- email=xuwenping@d***n.com {"user_id": "xuwenping", "display_name": "ceph xuwenping", "email": "xuwenping@dnion.com", "suspended": 0, "max_buckets": 1000, "auid": 0, "subusers": [] "keys": [{"user": "xuwenping", "access_key": "4J3GD7GJIJKSDCVS1I9T", "secret_key": "yfmxvzQdWT4EmVDijOFp6oNt4kZ25y9wRVARas4I"}], "swift_keys": [], "caps": [], "op_mask": "read, write, delete", "default_placement": "" Placement_tags: [], bucket_quota: {"enabled": false, "max_size_kb":-1, "max_objects":-1}, "user_quota": {"enabled": false, "max_size_kb":-1, "max_objects":-1}, "temp_url_keys": []}
Create SWIFT type USER
Sudo radosgw-admin subuser create-- uid=xuwenping-- subuser=xuwenping: swift-- access=full2015-10-10 1414 swift 19.854951 7f402eadc8a0 0 max_buckets=1000 specified=0 {"user_id": "xuwenping", "display_name": "ceph xuwenping", "email": "xuwenping@dnion.com", "suspended": 0, "max_buckets": 1000, "auid": 0 "subusers": [{"id": "xuwenping:swift", "permissions": "full-control"}], "keys": [{"user": "xuwenping", "access_key": "4J3GD7GJIJKSDCVS1I9T", "secret_key": "yfmxvzQdWT4EmVDijOFp6oNt4kZ25y9wRVARas4I"} {"user": "xuwenping:swift", "access_key": "PEIT99BBWMZP31BD6S3I", "secret_key": ""}], "swift_keys": [{"user": "xuwenping:swift", "secret_key": "qWHPhvUy4md1XSa2PSbcxUyMU5YXodlqxt0ZC2hn"}], "caps": [] "op_mask": "read, write, delete", "default_placement": "," placement_tags ": []," bucket_quota ": {" enabled ": false," max_size_kb ":-1," max_objects ":-1}," user_quota ": {" enabled ": false," max_size_kb ":-1 "max_objects":-1}, "temp_url_keys": []} 2.7 actual verification
Write a piece of python code to access the gateway, create a bucket, and list all the current bucket through the list method (official example)
Dependent library installation
Sudo yum install python-botoimport botoimport boto.s3.connectionaccess_key = '4J3GD7GJIJKSDCVS1I9T'secret_key =' yfmxvzQdWT4EmVDijOFp6oNt4kZ25y9wRVARas4I'conn = boto.connect_s3 (aws_access_key_id = access_key,aws_secret_access_key = secret_key,host = '101.67.163.34) ) bucket = conn.create_bucket ('my-new-bucket') for bucket in conn.get_all_buckets (): print "{name}\ t {created}" .format (name = bucket.name, created = bucket.creation_date,)
Running result
[root@gnop029-ct-zhejiang_wenzhou-16-34 ceph-rados] # python s3test.py my-new-bucket 2015-10-10T06:23:48.000Z
At this point, the object storage gateway of the Ceph cluster is installed and set up.
Attached:
Sometimes the following error is reported when installing software through yum:
Downloading Packages:warning: rpmts_HdrFromFdno: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEYRetrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6GPG key retrieval failed: [Errno 14] Could not open/read file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
You can execute the installation command with the following parameters:
Yum install mod_proxy_fcgi-nogpgcheck at this point, the study on "installation and configuration of Ceph object Storage Gateway" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 281
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.