rgw swift as trove store

介绍

要使用rgw 的swift接口，只需要创建对应的swift user和key即可。

集成keystone

controller节点

nss

# mkdir -p /var/ceph/nss 
# openssl x509 -in /etc/keystone/ssl/certs/ca.pem -pubkey | \
certutil -d /var/ceph/nss -A -n ca -t "TCu,Cu,Tuw"
# openssl x509 -in /etc/keystone/ssl/certs/signing_cert.pem -pubkey | \
certutil -A -d /var/ceph/nss -n signing_cert -t "P,P,P"

将/var/ceph/nss拷贝到rgw节点的/var/ceph/nss

添加swift endpoint

1. 若有使用openstack swift, 需要先删掉原endpoint，原endpoint如下：

   | 1d7aca58ca47401bbdefb8efe4b5f65d | RegionOne | http://192.168.6.125:8080/v1/AUTH_%(tenant_id)s | http://192.168.6.125:8080/v1/AUTH_%(tenant_id)s | http://192.168.6.125:8080/ | 3a408d0525d546c7aca888b3e4d36833 |

   2. 添加新的endpoint：
   192.168.6.127为rgw地址
   

   keystone endpoint-create –region RegionOne \ 
   –service-id 3a408d0525d546c7aca888b3e4d36833 \ 
   –publicurl http://192.168.6.127/swift/v1 \ 
   –internalurl http://192.168.6.127/swift/v1 \
   –adminurl http://192.168.6.127/swift/v1

rgw 节点

在rgw节点修改配置文件/etc/ceph/ceph.conf, 添加如下配置：

rgw keystone url = http://192.168.6.125:5000 
rgw keystone admin token = 85cc6b3914c042fe8be37032ff03fa49
rgw keystone accepted roles = Member, member, admin, SwiftOperator 
rgw keystone token cache size = 500rgw keystone revocation interval = 500 rgw s3 auth use keystone = truergw nss db path = /var/ceph/nss
rgw keystone revocation interval = 500 
rgw s3 auth use keystone = true
rgw nss db path = /var/ceph/nss

重启rgdosgw

trove 调整

修改配置文件/etc/trove/trove.conf、/etc/trove/trove-guestmanager.conf, 注释掉swift_url该配置项。

原该项配置value是http://192.168.6.125:8080/v1/AUTH_, 正确的地址应该是http://192.168.6.127/swift/v1, 即endpoint配置的url。当注释掉该项配置，会从endpoint中查询url

参考

http://docs.ceph.com/docs/master/radosgw/keystone/