文档章节

011 RGW的SwiftAPi支持

o
 osc_fmg49rzg
发布于 2019/03/20 14:01
字数 1082
阅读 17
收藏 0

精选30+云产品,助力企业轻松上云!>>>

一、 Swift简介

openstack swift是openstack开源云计算项目开源的对象存储,提供了强大的扩展性、冗余和持久性

1.1 swift特性

极高的数据持久性

完全对称的系统架构

无限的可扩展性

无单点故障

1.2 对象存储在容器中

Openstack Swift API的用户模型与Amazon S3 API稍有不同。若要使用swift api通过rados网关的身份验证,需要rados网关用户帐户配置子用户

Amazon S3 API授权和身份验证模型具有单层设计。一个用户可以有多个access key和secret key,用于在同一帐户中提供不同类型的访问

而swift有租户概念,rados网关用户对应swift的租户,而子帐号则对应swift的api用户

RADOS网关支持Swift v1.0以及OpenStack keystone v2.0身份验证

二、swift 用户管理

2.1 创建Swift的子用户

[root@ceph5 ~]#  radosgw-admin user info --uid joy

{
    "user_id": "joy",
    "display_name": "Joy Ning",
    "email": "",
    "suspended": 0,
    "max_buckets": 1000,
    "auid": 0,
    "subusers": [],
    "keys": [
        {
            "user": "joy",
            "access_key": "5XCV68WUQJFFJPVM3UHK",
            "secret_key": "xhaA2YB1CA3xH54xLbmwPcglqjDyuFez36F8XGuG"
        }
    ],
    "swift_keys": [],
    "caps": [],
    "op_mask": "read, write, delete",
    "default_placement": "",
    "placement_tags": [],
    "bucket_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": 1024,
        "max_size_kb": 1,
        "max_objects": -1
    },
    "user_quota": {
        "enabled": true,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "temp_url_keys": [],
    "type": "rgw"
}

2.2 创建一个子账号

 [root@ceph5 ~]# radosgw-admin subuser create --uid joy --subuser joy:swift --access=full

{
    "user_id": "joy",
    "display_name": "Joy Ning",
    "email": "",
    "suspended": 0,
    "max_buckets": 1000,
    "auid": 0,
    "subusers": [
        {
            "id": "joy:swift",
            "permissions": "full-control"
        }
    ],
    "keys": [
        {
            "user": "joy",
            "access_key": "5XCV68WUQJFFJPVM3UHK",
            "secret_key": "xhaA2YB1CA3xH54xLbmwPcglqjDyuFez36F8XGuG"
        }
    ],
    "swift_keys": [
        {
            "user": "joy:swift",
            "secret_key": "6Ea8Cu94ea37ESj7mJWFV1TmoL9ffMjVHJ5D0vKK"
        }
    ],
    "caps": [],
    "op_mask": "read, write, delete",
    "default_placement": "",
    "placement_tags": [],
    "bucket_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": 1024,
        "max_size_kb": 1,
        "max_objects": -1
    },
    "user_quota": {
        "enabled": true,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "temp_url_keys": [],
    "type": "rgw"
} 

创建另一个子账号

[root@ceph5 ~]# radosgw-admin subuser create --uid joy --subuser joy:swift2 --access=full

{
    "user_id": "joy",
    "display_name": "Joy Ning",
    "email": "",
    "suspended": 0,
    "max_buckets": 1000,
    "auid": 0,
    "subusers": [
        {
            "id": "joy:swift",
            "permissions": "full-control"
        },
        {
            "id": "joy:swift2",
            "permissions": "full-control"
        }
    ],
    "keys": [
        {
            "user": "joy",
            "access_key": "5XCV68WUQJFFJPVM3UHK",
            "secret_key": "xhaA2YB1CA3xH54xLbmwPcglqjDyuFez36F8XGuG"
        }
    ],
    "swift_keys": [
        {
            "user": "joy:swift",
            "secret_key": "6Ea8Cu94ea37ESj7mJWFV1TmoL9ffMjVHJ5D0vKK"
        },
        {
            "user": "joy:swift2",
            "secret_key": "kJl6k4dVfqbOlZxdIX1Apmu5VFkL0KmSb5B8MkXz"
        }
    ],
    "caps": [],
    "op_mask": "read, write, delete",
    "default_placement": "",
    "placement_tags": [],
    "bucket_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": 1024,
        "max_size_kb": 1,
        "max_objects": -1
    },
    "user_quota": {
        "enabled": true,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "temp_url_keys": [],
    "type": "rgw"
}

2.3 删除一个子账号

 [root@ceph5 ~]# radosgw-admin subuser rm  --uid joy --subuser joy:swift2

{
    "user_id": "joy",
    "display_name": "Joy Ning",
    "email": "",
    "suspended": 0,
    "max_buckets": 1000,
    "auid": 0,
    "subusers": [
        {
            "id": "joy:swift",
            "permissions": "full-control"
        }
    ],
    "keys": [
        {
            "user": "joy",
            "access_key": "5XCV68WUQJFFJPVM3UHK",
            "secret_key": "xhaA2YB1CA3xH54xLbmwPcglqjDyuFez36F8XGuG"
        }
    ],
    "swift_keys": [
        {
            "user": "joy:swift",
            "secret_key": "6Ea8Cu94ea37ESj7mJWFV1TmoL9ffMjVHJ5D0vKK"
        }
    ],
    "caps": [],
    "op_mask": "read, write, delete",
    "default_placement": "",
    "placement_tags": [],
    "bucket_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": 1024,
        "max_size_kb": 1,
        "max_objects": -1
    },
    "user_quota": {
        "enabled": true,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "temp_url_keys": [],
    "type": "rgw"
} 

2.4 修改子用户秘钥

[root@ceph5 ~]#  radosgw-admin key create --subuser joy:swift --gen-secret

{
    "user_id": "joy",
    "display_name": "Joy Ning",
    "email": "",
    "suspended": 0,
    "max_buckets": 1000,
    "auid": 0,
    "subusers": [
        {
            "id": "joy:swift",
            "permissions": "full-control"
        }
    ],
    "keys": [
        {
            "user": "joy",
            "access_key": "5XCV68WUQJFFJPVM3UHK",
            "secret_key": "xhaA2YB1CA3xH54xLbmwPcglqjDyuFez36F8XGuG"
        }
    ],
    "swift_keys": [
        {
            "user": "joy:swift",
            "secret_key": "RB5SfO54XqgPl7TkfEjobfz9GP63dLIG1tZ9MQiq"
        }
    ],
    "caps": [],
    "op_mask": "read, write, delete",
    "default_placement": "",
    "placement_tags": [],
    "bucket_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": 1024,
        "max_size_kb": 1,
        "max_objects": -1
    },
    "user_quota": {
        "enabled": true,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "temp_url_keys": [],
    "type": "rgw"
}

三、使用swift客户端

3.1 安装swift客户端

[root@ceph1 ceph]#  yum -y install python-swiftclient 

3.2 创建一个容器

[root@ceph1 ceph]# swift -A http://ceph5.lab.example.com/auth/v1.0 -U joy:swift -K RB5SfO54XqgPl7TkfEjobfz9GP63dLIG1tZ9MQiq post swiftbk

3.3 向容器上传一个文件

[root@ceph1 ceph]# swift -A http://ceph5.lab.example.com/auth/v1.0 -U joy:swift -K RB5SfO54XqgPl7TkfEjobfz9GP63dLIG1tZ9MQiq upload swiftbk /etc/ceph/ceph.conf

3.4 服务器端查看

[root@ceph5 ~]#  rados -p  default.rgw.buckets.data ls  --cluster backup

3.5 列出容器中的文件

[root@ceph1 ceph]# swift -A http://ceph5.lab.example.com/auth/v1.0  -U joy:swift -K RB5SfO54XqgPl7TkfEjobfz9GP63dLIG1tZ9MQiq list  swiftbk 

 

 3.6 查看容器状态

[root@ceph1 ceph]# swift -A http://ceph5.lab.example.com/auth/v1.0  -U joy:swift -K RB5SfO54XqgPl7TkfEjobfz9GP63dLIG1tZ9MQiq stat swiftbk 

Account: v1
                    Container: swiftbk
                      Objects: 1
                        Bytes: 589
                     Read ACL:
                    Write ACL:
                      Sync To:
                     Sync Key:
                Accept-Ranges: bytes
             X-Storage-Policy: default-placement
X-Container-Bytes-Used-Actual: 4096
                  X-Timestamp: 1553059437.79870
                   X-Trans-Id: tx000000000000000000017-005c91cf25-1095-default
                 Content-Type: text/plain; charset=utf-8
       X-Openstack-Request-Id: tx000000000000000000017-005c91cf25-1095-default

 

 [root@ceph1 ceph]# swift -A http://ceph5.lab.example.com/auth/v1.0  -U joy:swift -K RB5SfO54XqgPl7TkfEjobfz9GP63dLIG1tZ9MQiq stat

Account: v1
                                 Containers: 2
                                    Objects: 3
                                      Bytes: 1184
Objects in policy "default-placement-bytes": 0
  Bytes in policy "default-placement-bytes": 0
   Containers in policy "default-placement": 2
      Objects in policy "default-placement": 3
        Bytes in policy "default-placement": 1184
                              Accept-Ranges: bytes
                                X-Timestamp: 1553059632.46208
                X-Account-Bytes-Used-Actual: 12288
                                 X-Trans-Id: tx000000000000000000019-005c91cf30-1095-default
                               Content-Type: text/plain; charset=utf-8
                     X-Openstack-Request-Id: tx000000000000000000019-005c91cf30-1095-default

 3.7 重复操作

[root@ceph1 ceph]# swift -A http://ceph5.lab.example.com/auth/v1.0  -U joy:swift -K RB5SfO54XqgPl7TkfEjobfz9GP63dLIG1tZ9MQiq upload test /etc/ceph/rbdmap 
etc/ceph/rbdmap
[root@ceph1 ceph]# swift -A http://ceph5.lab.example.com/auth/v1.0  -U joy:swift -K RB5SfO54XqgPl7TkfEjobfz9GP63dLIG1tZ9MQiq list
swiftbk
test
[root@ceph1 ceph]# swift -A http://ceph5.lab.example.com/auth/v1.0  -U joy:swift -K RB5SfO54XqgPl7TkfEjobfz9GP63dLIG1tZ9MQiq list test
ceph
demoobject
etc/ceph/rbdmap
[root@ceph1 ceph]# swift -A http://ceph5.lab.example.com/auth/v1.0  -U joy:swift -K RB5SfO54XqgPl7TkfEjobfz9GP63dLIG1tZ9MQiq post swifttest
[root@ceph1 ceph]# swift -A http://ceph5.lab.example.com/auth/v1.0  -U joy:swift -K RB5SfO54XqgPl7TkfEjobfz9GP63dLIG1tZ9MQiq post  list
[root@ceph1 ceph]# swift -A http://ceph5.lab.example.com/auth/v1.0  -U joy:swift -K RB5SfO54XqgPl7TkfEjobfz9GP63dLIG1tZ9MQiq list
list
swiftbk
swifttest
test

博主声明:本文的内容来源主要来自誉天教育晏威老师,由本人实验完成操作验证,需要的博友请联系誉天教育(http://www.yutianedu.com/),获得官方同意或者晏老师(https://www.cnblogs.com/breezey/)本人同意即可转载,谢谢!

 

o
粉丝 0
博文 500
码字总数 0
作品 0
私信 提问
加载中
请先登录后再评论。
Ceph对象存储 S3

ceph对象存储 作为文件系统的磁盘,操作系统不能直接访问对象存储。相反,它只能通过应用程序级别的API访问。ceph是一种分布式对象存储系统,通过ceph对象网关提供对象存储接口,也称为RADOS...

osc_8p3a5j7v
2019/08/01
2
0
ceph-对象存储

ceph对象存储 作为文件系统的磁盘,操作系统不能直接访问对象存储。相反,它只能通过应用程序级别的API访问。ceph是一种分布式对象存储系统,通过ceph对象网关提供对象存储接口,也称为RADOS...

osc_otkk1ufm
2019/02/15
3
0
05 RGW对象存储

参考连接:https://ceph.readthedocs.io/en/latest/radosgw/; 作为文件系统的磁盘,操作系统不能直接访问对象存储。相反,它只能通过应用程序级别的API访问。Ceph是一种分布式对象存储系统,...

osc_pberzs5e
07/04
8
0
05 RGW对象存储

参考连接:; 作为文件系统的磁盘,操作系统不能直接访问对象存储。相反,它只能通过应用程序级别的API访问。Ceph是一种分布式对象存储系统,通过Ceph对象网关提供对象存储接口,也称为RADOS...

db2start
07/03
0
0
Redhat对象网关指南

1.配置 更换默认的端口 从apache迁移到civetweb 一个基于apache的配置类似以下形式: 修改成Civetweb,只需要移除: 得到: 重启rgw: Civetweb使用SSL 在v2.0前,基于HAProxy和keepalived上...

wzyuliyang
2016/10/28
325
0

没有更多内容

加载失败,请刷新页面

加载更多

Hacker News 简讯 2020-07-10

更新时间: 2020-07-10 01:15 US Supreme Court deems half of Oklahoma a Native American Reservation - (reuters.com) 美国最高法院认为俄克拉荷马州的一半是印第安人保留地 得分:131 | 评...

FalconChen
今天
26
0
OSChina 周五乱弹 —— 求求你吃了我吧,不要再玩弄食物的感情了

Osc乱弹歌单(2020)请戳(这里) 【今日歌曲】 @巴拉迪维 :张喆的单曲《陷阱 》 这首歌已经在网易找不到原唱了,不知道被哪家买了版权。#今日歌曲推荐# 《陷阱 》- 张喆 手机党少年们想听歌...

小小编辑
今天
26
1
清华陈文光教授:AI 超算基准测试的最新探索和实践。

道翰天琼认知智能平台为您揭秘新一代人工智能。 无规矩不成方圆。放在超级计算机的研发领域,没有一个大家普遍接受的算力评测指标,便难以推动超算迅猛发展。 而现在伴随着人工智能的发展,大...

jackli2020
今天
7
0
@RequestMapping, consumes 提交简单有意思的测试

getParm @GetMapping("getParm")public Result getParm(String id){ System.out.println(); return ResultFactory.success(id);} 等同于 == bodyParm @PostMapping("bodyParm......

莫库什勒
今天
25
0
63. Unique Paths II

题目: 63. Unique Paths II A robot is located at the top-left corner of a m x n grid (marked 'Start' in the diagram below). The robot can only move either down or right at any p......

JiaMing
今天
55
0

没有更多内容

加载失败,请刷新页面

加载更多

返回顶部
顶部