ceph10.2 radosgw网关配置

作者: seamus 分类: ceph 发布时间: 2018-05-04 23:09

3台主机部署ceph10.2 过程略

 

[root@radosgw1 ~]# ceph -s
cluster 5f1ea62e-d5a5-49b3-bc31-f7967c79d2f9
health HEALTH_OK
monmap e3: 3 mons at {radosgw1=192.168.1.31:6789/0,radosgw2=192.168.1.32:6789/0,radosgw3=192.168.1.33:6789/0}
election epoch 6052, quorum 0,1,2 radosgw1,radosgw2,radosgw3
fsmap e564: 1/1/1 up {0=radosgw1=up:active}, 2 up:standby
osdmap e2129: 6 osds: 6 up, 6 in
flags sortbitwise,require_jewel_osds
pgmap v142022: 760 pgs, 18 pools, 480 MB data, 367 objects
38182 MB used, 84625 MB / 119 GB avail
760 active+clean
client io 48471 B/s rd, 0 B/s wr, 47 op/s rd, 31 op/s wr

 

下面介绍radosgw配置过程

1.安装ceph对象网关

# ceph-depoly install –rgw radosgw1

# ceph-depoly admin radosgw1  (设置对象网关管理节点)

 

 

2.新建网关实例

在管理节点的工作目录下,使用命令在 Ceph 对象网关节点上新建一个 Ceph对象网关实例

# ceph-depoly rgw create radosgw1

在网关服务成功运行后,你可以使用未经授权的请求来访问端口 7480  (7480为默认端口号)http://{radosgw1 ip}:7480

后台查看radosgw进程状态

[root@radosgw1 ~]# ps -ef | grep radosgw1.7480
ceph 7293 1 0 Apr24   00:02:29 /usr/bin/radosgw -f –cluster ceph –name client.rgw.radosgw1.7480 –setuser ceph –setgroup ceph

 

若需要重启服务,请使用 systemctl restart ceph-radosgw.target  重启服务

3.为s3访问创建radosgw用户

[root@radosgw1~]# radosgw-admin user create –uid=”chen” –display-name=”First User”

{

“user_id”: “chen”,

“display_name”: “First User”,

“email”: “”,

“suspended”: 0,

“max_buckets”: 1000,

“auid”: 0,

“subusers”: [],

“keys”: [

{

“user”: “chen”,

“access_key”: ” ITCC2JPO5BDZ99TXUWAX “,

“secret_key”: “2Ezf2QJO7i8SOQQZfvJTVohsYhRyzlRCu7lADFYm”

}

],

“swift_keys”: [],

“caps”: [],

“op_mask”: “read, write, delete”,

“default_placement”: “”,

“placement_tags”: [],

“bucket_quota”: {

“enabled”: false,

“max_size_kb”: -1,

“max_objects”: -1

},

“user_quota”: {

“enabled”: false,

“max_size_kb”: -1,

“max_objects”: -1

},

“temp_url_keys”: []

}

 4.通过s3cmd测试s3访问

4.1安装s3cmd安装包

# yum –y install s3cmd

[root@radosgw1 ceph]# s3cmd –configure

Enter new values or accept defaults in brackets with Enter.

Refer to user manual for detailed description of all options.



Access key and Secret key are your identifiers for Amazon S3. Leave them empty for using the env variables.

Access Key: ITCC2JPO5BDZ99TXUWAX     ###(创建用户时显示的Access Key)###

Secret Key: 2Ezf2QJO7i8SOQQZfvJTVohsYhRyzlRCu7lADFYm

###(创建用户时显示的Secret Key)####

Default Region [US]:



Encryption password is used to protect your files from reading

by unauthorized persons while in transfer to S3

Encryption password:

Path to GPG program [/usr/bin/gpg]:



When using secure HTTPS protocol all communication with Amazon S3

servers is protected from 3rd party eavesdropping. This method is

slower than plain HTTP, and can only be proxied with Python 2.7 or newer

Use HTTPS protocol [Yes]: no



On some networks all internet access must go through a HTTP proxy.

Try setting it here if you can’t connect to S3 directly

HTTP Proxy server name:



New settings:

Access Key: ITCC2JPO5BDZ99TXUWAX

Secret Key: 2Ezf2QJO7i8SOQQZfvJTVohsYhRyzlRCu7lADFYm

Default Region: US

Encryption password:

Path to GPG program: /usr/bin/gpg

Use HTTPS protocol: False

HTTP Proxy server name:

HTTP Proxy server port: 0



Test access with supplied credentials? [Y/n] Y

Please wait, attempting to list all buckets…

Success. Your access key and secret key worked fine



Now verifying that encryption works…

Not configured. Never mind.



Save settings? [y/N] y

Configuration saved to ‘/root/.s3cfg’

 

5.修改/root/.s3cfg

[root@radosgw1ceph]# cat ~/.s3cfg  修改如下4个参数 选择正确的值

[default]

access_key = ITCC2JPO5BDZ99TXUWAX(创建用户的可以看到)

host_base = {radowgw1 ip}:7480 (填写正确的IP地址 )

host_bucket = {radowgw1 ip}:7480

secret_key = JO7i8SOQQZfvJTVohsYhRyzlRCu7lADFYm(创建用户的可以看到)

 

完成后保存后使用s3cmd相关操作验证

[root@radosgw1 ~]# s3cmd mb s3://haha

[root@radosgw1 ~]# s3cmd ls
2018-04-25 07:08 s3://haha

 

验证成功,至此,配置完成。

 s3cmd命令使用

一旦配置成功完成 现在找到如何使用命令管理s3桶的命令详细信息。

 

1.创建新的桶

要在Amazon S3中使用以下命令创建一个新的桶。它将 在S3帐户中创建名为tecadmin的数据桶  。

# s3cmd mb s3:// chenyu



Bucket’s3:// chenyu/’created

 

 

2.在Bucket中上传文件

以下命令将 使用s3cmd命令将文件file.txt上传  到s3桶。

[root@server53 ~]# touch a

[root@server53 ~]# s3cmd put a s3://chenyu

upload: ‘a’ -> ‘s3://chenyu/a’  [1 of 1]

0 of 0     0% in    1s     0.00 B/s  done

 

 

3.在桶中上传目录

如果我们需要上传整个目录,请使用  -r  递归上传,如下所示。

# s3cmd put -r backup s3:// tecadmin /

[root@server53 ~]# s3cmd put -r file1 s3://chenyu

upload: ‘file1/a’ -> ‘s3://chenyu/file1/a’  [1 of 3]

0 of 0     0% in    0s     0.00 B/s  done

upload: ‘file1/b’ -> ‘s3://chenyu/file1/b’  [2 of 3]

0 of 0     0% in    0s     0.00 B/s  done

upload: ‘file1/c’ -> ‘s3://chenyu/file1/c’  [3 of 3]

0 of 0     0% in    0s     0.00 B/s  done

确保您不要在名为backup的上传目录中添

 

加尾部斜杠(例如:backup /),否则只会上传备份目录的内容。

 

4.列出S3 Bucket的数据

使用s3cmd的ls  开关列出s3 bucket的对象  。

[root@server53 ~]# s3cmd ls s3://chenyu

2017-10-27 02:00         0   s3://chenyu/a

 

5.从Bucket下载文件

有些时候,如果我们需要从s3桶中下载文件,请使用以下命令下载。

[root@server53 ~]# s3cmd get s3://chenyu/a

download: ‘s3://chenyu/a’ -> ‘./a’  [1 of 1]

0 of 0     0% in    0s     0.00 B/s  done

 

 

6.删除S3 Bucket的数据

要从s3桶中删除文件是文件夹,请使用以下命令。

从s3桶中删除文件

[root@server53 ~]# s3cmd del s3://chenyu/a

delete: ‘s3://chenyu/a’

 

 

7.从s3桶中删除目录

[root@server53 ~]# s3cmd del s3://chenyu/file1

delete: ‘s3://chenyu/file1’

 

8.删除S3 Bucket

如果我们不再需要s3 bucket,我们可以使用以下命令简单地删除它。拆除桶前确保其空。

[root@server53 ~]# s3cmd rb s3://chenyu

ERROR: S3 error: 409 (BucketNotEmpty)

 

 

以上命令失败,因为s3桶不是空的

要删除桶首先删除bucket中的所有对象,然后再次使用命令。

[root@server53 ~]# s3cmd del s3://chenyu/a

delete: ‘s3://chenyu/a’

[root@server53 ~]# s3cmd rb s3://chenyu

Bucket ‘s3://chenyu/’ removed

 

 

9.列出所有S3 Bucket

使用以下命令列出您帐户中的所有s3桶

#s3cmd ls

 

发表回复