openstack/openstack-manuals
Code Issues Proposed changes
55c1830f89
openstack-manuals/doc/install-guide/object-storage/section_swift-controller-node.xml

196 lines
9.4 KiB
XML
Raw Normal View History

Update swift content I updated the swift content in the installation guide as follows: 1) Consolidated Identity service configuration into proxy service configuration section. 2) Changed initial example architecture to install the proxy service on the controller node instead of a separate node. However, I used wording that supports separate and/or multiple proxy services. 3) The steps to configure memcached break installations with horizon because the latter references 127.0.0.1 instead of the management network interface IP address. After consolidating the proxy service to a single instance on the controller node, it now references 127.0.0.1. 4) Changed initial example architecture to install two storage nodes rather than five storage nodes to reduce the barrier to entry for users that want to try swift. However, I used wording that supports additional storage nodes and also references the swift documentation for larger deployments. 5) Changed the initial example architecture to use only the management network instead of a separate storage/replication network because the original instructions didn't actually use the latter. Fully implementing a separate storage/replication network requires a considerably more complex configuration and eliminating it reduces the barrier to entry for users that want to try swift. However, I used wording that mentions a separate storage/replication network and also references the swift documentation for larger deployments. 6) The Ubuntu and RHEL/CentOS/Fedora packages include ancient upstream/example configuration files that contain deprecated/defunct options and lack options that enable useful features. Packages take a while to fix, so the instructions now pull the upstream configuration files. 7) Removed the steps to create disk labels and partitions on the storage nodes because a variety of methods exist and users should choose their own method. 8) Changed rsync to run as a standard service rather than use the xinetd wrapper on RHEL/CentOS/Fedora. 9) Separated account, container, and object ring creation steps into separate sections to improve clarity and reduce typos. 10) Reduced partition power from 18 to 10 during ring creation because the example architecture shouldn't scale to the higher value using the example architecture. 11) Changed storage node service management steps on Ubuntu to use 'swift-init' rather than manually starting a large number of services. 12) Modified file names and IDs to increase consistency with other content in the guide. I recommend backporting to Juno as this chapter wasn't functional in time for release. Also, I'm planning to improve the diagrams in a future patch. Change-Id: I26710efe16e8cb6ed1a20ebc70b3f6d5962536d1 Partial-Bug: #1389382 Implements: blueprint installation-guide-improvements backport: juno
2014-11-06 10:51:07 -06:00
<?xml version="1.0" encoding="UTF-8"?>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
version="5.0"
xml:id="swift-install-controller-node">
<title>Install and configure the controller node</title>
<para>This section describes how to install and configure the proxy
service that handles requests for the account, container, and object
Swift content enhancements and fixes I updated the swift content in the installation guide with a few enhancements and fixes as follows: 1) Improved wording/phrasing (thanks Joe Robinson). 2) Improved consistency of duplicate content. 3) Added example output from ring builder commands. 4) Addressed other minor issues. Change-Id: I14b6f07877677b3c1b38271150e7c39d19c2c96f Partial-Bug: #1389382 backport: juno
2014-11-08 08:19:54 -06:00
services operating on the storage nodes. For simplicity, this
Update swift content I updated the swift content in the installation guide as follows: 1) Consolidated Identity service configuration into proxy service configuration section. 2) Changed initial example architecture to install the proxy service on the controller node instead of a separate node. However, I used wording that supports separate and/or multiple proxy services. 3) The steps to configure memcached break installations with horizon because the latter references 127.0.0.1 instead of the management network interface IP address. After consolidating the proxy service to a single instance on the controller node, it now references 127.0.0.1. 4) Changed initial example architecture to install two storage nodes rather than five storage nodes to reduce the barrier to entry for users that want to try swift. However, I used wording that supports additional storage nodes and also references the swift documentation for larger deployments. 5) Changed the initial example architecture to use only the management network instead of a separate storage/replication network because the original instructions didn't actually use the latter. Fully implementing a separate storage/replication network requires a considerably more complex configuration and eliminating it reduces the barrier to entry for users that want to try swift. However, I used wording that mentions a separate storage/replication network and also references the swift documentation for larger deployments. 6) The Ubuntu and RHEL/CentOS/Fedora packages include ancient upstream/example configuration files that contain deprecated/defunct options and lack options that enable useful features. Packages take a while to fix, so the instructions now pull the upstream configuration files. 7) Removed the steps to create disk labels and partitions on the storage nodes because a variety of methods exist and users should choose their own method. 8) Changed rsync to run as a standard service rather than use the xinetd wrapper on RHEL/CentOS/Fedora. 9) Separated account, container, and object ring creation steps into separate sections to improve clarity and reduce typos. 10) Reduced partition power from 18 to 10 during ring creation because the example architecture shouldn't scale to the higher value using the example architecture. 11) Changed storage node service management steps on Ubuntu to use 'swift-init' rather than manually starting a large number of services. 12) Modified file names and IDs to increase consistency with other content in the guide. I recommend backporting to Juno as this chapter wasn't functional in time for release. Also, I'm planning to improve the diagrams in a future patch. Change-Id: I26710efe16e8cb6ed1a20ebc70b3f6d5962536d1 Partial-Bug: #1389382 Implements: blueprint installation-guide-improvements backport: juno
2014-11-06 10:51:07 -06:00
guide installs and configures the proxy service on the controller node.
However, you can run the proxy service on any node with network
connectivity to the storage nodes. Additionally, you can install and
configure the proxy service on multiple nodes to increase performance
and redundancy. For more information, see the
<link xlink:href="http://docs.openstack.org/developer/swift/deployment_guide.html"
>Deployment Guide</link>.</para>
<procedure>
<title>To configure prerequisites</title>
<para>The proxy service relies on an authentication and authorization
mechanism such as the Identity service. However, unlike other services,
it also offers an internal mechanism that allows it to operate without
any other OpenStack services. However, for simplicity, this guide
references the Identity service in <xref linkend="ch_keystone"/>. Before
you configure the Object Storage service, you must create Identity
service credentials including endpoints.</para>
<note>
<para>The Object Storage service does not use a SQL database on
the controller node.</para>
</note>
<step>
<para>To create the Identity service credentials, complete these
steps:</para>
<substeps>
<step>
<para>Create a <literal>swift</literal> user:</para>
<screen><prompt>$</prompt> <userinput>keystone user-create --name swift --pass <replaceable>SWIFT_PASS</replaceable></userinput>
<computeroutput>+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | |
| enabled | True |
| id | d535e5cbd2b74ac7bfb97db9cced3ed6 |
| name | swift |
| username | swift |
+----------+----------------------------------+</computeroutput></screen>
<para>Replace <replaceable>SWIFT_PASS</replaceable> with a suitable
password.</para>
</step>
<step>
<para>Link the <literal>swift</literal> user to the
<literal>service</literal> tenant and <literal>admin</literal>
role:</para>
<screen><prompt>$</prompt> <userinput>keystone user-role-add --user swift --tenant service --role admin</userinput></screen>
<note>
<para>This command provides no output.</para>
</note>
</step>
<step>
<para>Create the <literal>swift</literal> service:</para>
<screen><prompt>$</prompt> <userinput>keystone service-create --name swift --type object-store \
--description "OpenStack Object Storage"</userinput>
<computeroutput>+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Object Storage |
| enabled | True |
| id | 75ef509da2c340499d454ae96a2c5c34 |
| name | swift |
| type | object-store |
+-------------+----------------------------------+</computeroutput></screen>
</step>
</substeps>
</step>
<step>
<para>Create the Identity service endpoints:</para>
<screen><prompt>$</prompt> <userinput>keystone endpoint-create \
--service-id $(keystone service-list | awk '/ object-store / {print $2}') \
--publicurl 'http://<replaceable>controller</replaceable>:8080/v1/AUTH_%(tenant_id)s' \
--internalurl 'http://<replaceable>controller</replaceable>:8080/v1/AUTH_%(tenant_id)s' \
--adminurl http://<replaceable>controller</replaceable>:8080 \
--region regionOne</userinput>
<computeroutput>+-------------+---------------------------------------------------+
| Property | Value |
+-------------+---------------------------------------------------+
| adminurl | http://controller:8080/ |
| id | af534fb8b7ff40a6acf725437c586ebe |
| internalurl | http://controller:8080/v1/AUTH_%(tenant_id)s |
| publicurl | http://controller:8080/v1/AUTH_%(tenant_id)s |
| region | regionOne |
| service_id | 75ef509da2c340499d454ae96a2c5c34 |
+-------------+---------------------------------------------------+</computeroutput></screen>
</step>
</procedure>
<procedure>
<title>To install and configure the controller node components</title>
<step>
<para>Install the packages:</para>
<note>
<para>Complete OpenStack environments already include some of these
packages.</para>
</note>
<screen os="ubuntu;debian"><prompt>#</prompt> <userinput>apt-get install swift swift-proxy python-swiftclient python-keystoneclient memcached</userinput></screen>
<screen os="rhel;centos;fedora"><prompt>#</prompt> <userinput>yum install openstack-swift-proxy python-swiftclient python-keystone-auth-token memcached</userinput></screen>
<screen os="sles;opensuse"><prompt>#</prompt> <userinput>zypper install openstack-swift-proxy python-swiftclient python-keystoneclient memcached python-xml</userinput></screen>
</step>
<step os="ubuntu;debian">
<para>Create the <literal>/etc/swift</literal> directory.</para>
</step>
<step os="ubuntu;debian;rhel;centos;fedora">
<para>Obtain the proxy service configuration file from the Object
Storage source repository:</para>
<screen><prompt>#</prompt> <userinput>curl -o /etc/swift/proxy-server.conf \
https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/proxy-server.conf-sample</userinput></screen>
</step>
<step>
<para>Edit the <filename>/etc/swift/proxy-server.conf</filename>
file and complete the following actions:</para>
<substeps>
<step>
<para>In the <literal>[DEFAULT]</literal> section, configure
the bind port, user, and configuration directory:</para>
<programlisting language="ini">[DEFAULT]
...
bind_port = 8080
user = swift
swift_dir = /etc/swift</programlisting>
</step>
<step>
Corrected syntax in swift .conf files In both controller node section and storage node section, changed [pipeline] header to [pipeline:main] backport: juno Change-Id: Id801dc1bfb07cdb7cb1e7d29e361dc7bd3be0a63 Closes-Bug: #1392839
2014-11-17 13:21:39 -05:00
<para>In the <literal>[pipeline:main]</literal> section, enable
Update swift content I updated the swift content in the installation guide as follows: 1) Consolidated Identity service configuration into proxy service configuration section. 2) Changed initial example architecture to install the proxy service on the controller node instead of a separate node. However, I used wording that supports separate and/or multiple proxy services. 3) The steps to configure memcached break installations with horizon because the latter references 127.0.0.1 instead of the management network interface IP address. After consolidating the proxy service to a single instance on the controller node, it now references 127.0.0.1. 4) Changed initial example architecture to install two storage nodes rather than five storage nodes to reduce the barrier to entry for users that want to try swift. However, I used wording that supports additional storage nodes and also references the swift documentation for larger deployments. 5) Changed the initial example architecture to use only the management network instead of a separate storage/replication network because the original instructions didn't actually use the latter. Fully implementing a separate storage/replication network requires a considerably more complex configuration and eliminating it reduces the barrier to entry for users that want to try swift. However, I used wording that mentions a separate storage/replication network and also references the swift documentation for larger deployments. 6) The Ubuntu and RHEL/CentOS/Fedora packages include ancient upstream/example configuration files that contain deprecated/defunct options and lack options that enable useful features. Packages take a while to fix, so the instructions now pull the upstream configuration files. 7) Removed the steps to create disk labels and partitions on the storage nodes because a variety of methods exist and users should choose their own method. 8) Changed rsync to run as a standard service rather than use the xinetd wrapper on RHEL/CentOS/Fedora. 9) Separated account, container, and object ring creation steps into separate sections to improve clarity and reduce typos. 10) Reduced partition power from 18 to 10 during ring creation because the example architecture shouldn't scale to the higher value using the example architecture. 11) Changed storage node service management steps on Ubuntu to use 'swift-init' rather than manually starting a large number of services. 12) Modified file names and IDs to increase consistency with other content in the guide. I recommend backporting to Juno as this chapter wasn't functional in time for release. Also, I'm planning to improve the diagrams in a future patch. Change-Id: I26710efe16e8cb6ed1a20ebc70b3f6d5962536d1 Partial-Bug: #1389382 Implements: blueprint installation-guide-improvements backport: juno
2014-11-06 10:51:07 -06:00
the appropriate modules:</para>
Corrected syntax in swift .conf files In both controller node section and storage node section, changed [pipeline] header to [pipeline:main] backport: juno Change-Id: Id801dc1bfb07cdb7cb1e7d29e361dc7bd3be0a63 Closes-Bug: #1392839
2014-11-17 13:21:39 -05:00
<programlisting language="ini">[pipeline:main]
Update swift content I updated the swift content in the installation guide as follows: 1) Consolidated Identity service configuration into proxy service configuration section. 2) Changed initial example architecture to install the proxy service on the controller node instead of a separate node. However, I used wording that supports separate and/or multiple proxy services. 3) The steps to configure memcached break installations with horizon because the latter references 127.0.0.1 instead of the management network interface IP address. After consolidating the proxy service to a single instance on the controller node, it now references 127.0.0.1. 4) Changed initial example architecture to install two storage nodes rather than five storage nodes to reduce the barrier to entry for users that want to try swift. However, I used wording that supports additional storage nodes and also references the swift documentation for larger deployments. 5) Changed the initial example architecture to use only the management network instead of a separate storage/replication network because the original instructions didn't actually use the latter. Fully implementing a separate storage/replication network requires a considerably more complex configuration and eliminating it reduces the barrier to entry for users that want to try swift. However, I used wording that mentions a separate storage/replication network and also references the swift documentation for larger deployments. 6) The Ubuntu and RHEL/CentOS/Fedora packages include ancient upstream/example configuration files that contain deprecated/defunct options and lack options that enable useful features. Packages take a while to fix, so the instructions now pull the upstream configuration files. 7) Removed the steps to create disk labels and partitions on the storage nodes because a variety of methods exist and users should choose their own method. 8) Changed rsync to run as a standard service rather than use the xinetd wrapper on RHEL/CentOS/Fedora. 9) Separated account, container, and object ring creation steps into separate sections to improve clarity and reduce typos. 10) Reduced partition power from 18 to 10 during ring creation because the example architecture shouldn't scale to the higher value using the example architecture. 11) Changed storage node service management steps on Ubuntu to use 'swift-init' rather than manually starting a large number of services. 12) Modified file names and IDs to increase consistency with other content in the guide. I recommend backporting to Juno as this chapter wasn't functional in time for release. Also, I'm planning to improve the diagrams in a future patch. Change-Id: I26710efe16e8cb6ed1a20ebc70b3f6d5962536d1 Partial-Bug: #1389382 Implements: blueprint installation-guide-improvements backport: juno
2014-11-06 10:51:07 -06:00
pipeline = authtoken cache healthcheck keystoneauth proxy-logging proxy-server</programlisting>
<note>
<para>For more information on other modules that enable
additional features, see the
<link xlink:href="http://docs.openstack.org/developer/swift/deployment_guide.html"
>Deployment Guide</link>.</para>
</note>
</step>
<step>
<para>In the <literal>[app:proxy-server]</literal> section, enable
account management:</para>
<programlisting language="ini">[app:proxy-server]
...
allow_account_management = true
account_autocreate = true</programlisting>
</step>
<step>
<para>In the <literal>[filter:keystoneauth]</literal> section,
configure the operator roles:</para>
<programlisting language="ini">[filter:keystoneauth]
use = egg:swift#keystoneauth
...
operator_roles = admin,_member_</programlisting>
<note os="ubuntu;debian;rhel;centos;fedora">
<para>You might need to uncomment this section.</para>
</note>
</step>
<step>
<para>In the <literal>[filter:authtoken]</literal> section,
configure Identity service access:</para>
<programlisting language="ini">[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
...
auth_uri = http://<replaceable>controller</replaceable>:5000/v2.0
Swift content enhancements and fixes I updated the swift content in the installation guide with a few enhancements and fixes as follows: 1) Improved wording/phrasing (thanks Joe Robinson). 2) Improved consistency of duplicate content. 3) Added example output from ring builder commands. 4) Addressed other minor issues. Change-Id: I14b6f07877677b3c1b38271150e7c39d19c2c96f Partial-Bug: #1389382 backport: juno
2014-11-08 08:19:54 -06:00
identity_uri = http://<replaceable>controller</replaceable>:35357
Update swift content I updated the swift content in the installation guide as follows: 1) Consolidated Identity service configuration into proxy service configuration section. 2) Changed initial example architecture to install the proxy service on the controller node instead of a separate node. However, I used wording that supports separate and/or multiple proxy services. 3) The steps to configure memcached break installations with horizon because the latter references 127.0.0.1 instead of the management network interface IP address. After consolidating the proxy service to a single instance on the controller node, it now references 127.0.0.1. 4) Changed initial example architecture to install two storage nodes rather than five storage nodes to reduce the barrier to entry for users that want to try swift. However, I used wording that supports additional storage nodes and also references the swift documentation for larger deployments. 5) Changed the initial example architecture to use only the management network instead of a separate storage/replication network because the original instructions didn't actually use the latter. Fully implementing a separate storage/replication network requires a considerably more complex configuration and eliminating it reduces the barrier to entry for users that want to try swift. However, I used wording that mentions a separate storage/replication network and also references the swift documentation for larger deployments. 6) The Ubuntu and RHEL/CentOS/Fedora packages include ancient upstream/example configuration files that contain deprecated/defunct options and lack options that enable useful features. Packages take a while to fix, so the instructions now pull the upstream configuration files. 7) Removed the steps to create disk labels and partitions on the storage nodes because a variety of methods exist and users should choose their own method. 8) Changed rsync to run as a standard service rather than use the xinetd wrapper on RHEL/CentOS/Fedora. 9) Separated account, container, and object ring creation steps into separate sections to improve clarity and reduce typos. 10) Reduced partition power from 18 to 10 during ring creation because the example architecture shouldn't scale to the higher value using the example architecture. 11) Changed storage node service management steps on Ubuntu to use 'swift-init' rather than manually starting a large number of services. 12) Modified file names and IDs to increase consistency with other content in the guide. I recommend backporting to Juno as this chapter wasn't functional in time for release. Also, I'm planning to improve the diagrams in a future patch. Change-Id: I26710efe16e8cb6ed1a20ebc70b3f6d5962536d1 Partial-Bug: #1389382 Implements: blueprint installation-guide-improvements backport: juno
2014-11-06 10:51:07 -06:00
admin_tenant_name = service
admin_user = swift
admin_password = <replaceable>SWIFT_PASS</replaceable>
delay_auth_decision = true</programlisting>
<para>Replace <replaceable>SWIFT_PASS</replaceable> with the
password you chose for the <literal>swift</literal> user in the
Identity service.</para>
<note os="ubuntu;debian;rhel;centos;fedora">
<para>You might need to uncomment this section.</para>
</note>
<note>
<para>Comment out any <literal>auth_host</literal>,
<literal>auth_port</literal>, and
<literal>auth_protocol</literal> options because the
<literal>identity_uri</literal> option replaces them.</para>
</note>
</step>
<step>
<para>In the <literal>[filter:cache]</literal> section, configure
the <application>memcached</application> location:</para>
<programlisting language="ini">[filter:cache]
...
memcache_servers = 127.0.0.1:11211</programlisting>
</step>
</substeps>
</step>
</procedure>
</section>
Copy Permalink