温馨提示×

温馨提示×

您好,登录后才能下订单哦!

密码登录×
登录注册×
其他方式登录
点击 登录注册 即表示同意《亿速云用户服务条款》

ceph radosgw与keystone整合

发布时间:2020-07-31 19:13:58 来源:网络 阅读:4054 作者:757781091 栏目:移动开发

1、参考http://penguintux.blog.51cto.com/3021117/1872939部署好ceph radosgw

  • ceph版本:jewel

  • docker镜像:ceph/daemon:tag-build-master-jewel-centos-7

2、安装keystone,这里使用kolla newton安装好了keystone

参考http://penguintux.blog.51cto.com/3021117/1865832,仅需要安装keyston,kolla的globals.yml如下:

cat /etc/kolla/globals.yml
kolla_base_distro: "centos"
kolla_install_type: "source"
openstack_release: "3.0.1"
 
kolla_internal_vip_address: "192.168.1.200"
kolla_external_vip_address: "{{ kolla_internal_vip_address }}"
 
docker_registry: "registry_ip_address:registry_ip_port"
docker_namespace: "kolla"
docker_registry_username: "admin"
docker_registry_password: "registry_password"
 
network_interface: "eth0"
neutron_external_interface: "eth2"
 
neutron_plugin_agent: "linuxbridge"
 
nova_console: "novnc"
 
enable_haproxy: "no"
enable_keystone: "yes"
enable_glance: "no"
enable_neutron: "no"
enable_heat: "no"
enable_nova: "no"
enable_horizon: "yes"
enable_cinder: "no"
enable_cinder_backend_lvm: "no" 
enable_central_logging: "no"
enable_ceph: "no"
enable_ceilometer: "no"
enable_mongodb: "no"
enable_sahara: "no"

3、整合ceph radosgw与keystone整合

查看radosgw cephx user

docker exec -it rgw ceph auth list
installed auth entries:
osd.0
        key: AQCK2T5YprIzOxAAosJID+MgoEblYW32EI2WUw==
        caps: [mon] allow profile osd
        caps: [osd] allow *
client.admin
        key: AQDM2D5YCga8ORAA+lAoJCLbzBK38n1IQLyrhw==
        auid: 0
        caps: [mds] allow
        caps: [mon] allow *
        caps: [osd] allow *
client.bootstrap-mds
        key: AQDN2D5YcBo2BRAAXHGmPpd+xT1BRT6sIdd08A==
        caps: [mon] allow profile bootstrap-mds
client.bootstrap-osd
        key: AQDN2D5YREdIAxAAvl3//4aCO59k8xLNA0wo0A==
        caps: [mon] allow profile bootstrap-osd
client.bootstrap-rgw
        key: AQDN2D5Y4qQfBxAAr/wQdam1ioKkGF4fly/X5Q==
        caps: [mon] allow profile bootstrap-rgw
client.radosgw.Control-1
        key: AQBe8j5YdJP0BBAAOB+xOeEGjncBpA4S0UEifA==
        caps: [mds] allow *
        caps: [mon] allow *
        caps: [osd] allow *
client.rgw.rgw0
        key: AQBH4D5Y04IpCRAAqDk+1f7479cv4pDoL5J/1g==
        caps: [mon] allow rw
        caps: [osd] allow rwx
# 注意 client.rgw.rgw0,记下这个,等下会使用

生成/etc/ceph/ceph.client.rgw.rgw0.keyring

ceph auth get-or-create  \
         client.rgw.rgw0 osd 'allow rwx' mon 'allow rw'  \
         -o /etc/ceph/ceph.client.rgw.rgw0.keyring

编辑/etc/ceph/ceph.conf

# [client.rgw.rgw0] 需要与ceph auth list 中输出的一致

[client.rgw.rgw0]
rgw keystone api version = 3
rgw keystone url = http://192.168.1.200:5000
# rgw keystone url = http://192.168.1.200:35357
#rgw keystone admin token = {keystone admin token}
rgw keystone admin user = admin
rgw keystone admin password = 123456
#rgw keystone admin tenant = {keystone service tenant name}
rgw keystone admin domain = default
rgw keystone admin project = admin
rgw keystone accepted roles = SwiftOperator,admin,_member_, project_admin, member2
rgw keystone token cache size = 500
rgw keystone revocation interval = 500
rgw keystone implicit tenants = true
rgw s3 auth use keystone = true
#nss db path = {path to nss db}
rgw keystone verify ssl = false
#keyring = /etc/ceph/ceph.client.radosgw.Control-1.keyring
keyring = /etc/ceph/ceph.client.rgw.rgw0.keyring

重启radosgw

docker restart rgw

创建swift endpoint

openstack service create --name swift object-store
openstack endpoint create --region RegionOne swift public http://192.168.1.200:8080/swift/v1
openstack endpoint create --region RegionOne swift admin http://192.168.1.200:8080/swift/v1
openstack endpoint create --region RegionOne swift internal  http://192.168.1.200:8080/swift/v1

测试

swift list

参考链接:

http://zhengtianbao.com/ceph/radosgw/2016/05/31/ceph-radosgw-install.html

https://kairen.gitbooks.io/openstack-ubuntu/content/deployments/ubuntu/keystone/ceph-keystone.html

http://docs.ceph.com/docs/jewel/radosgw/keystone/

向AI问一下细节

免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。

AI