swift and keystone integration problem
Hi there,
I am wondering if someone can help me about how to get swift and keystone work together?
The following is the system set up:
1) The instruction I followed is "Installing OpenStack Storage on Ubuntu", not SAIO: http://docs.openstack.org/trunk/openstack-object-storage/admin/content/installing-openstack-object-storage-on-ubuntu.html
2) The OS is Ubuntu 12.04 64 LTS
3) Architecture:
I have 7 VMs on a single physical box. The physical box has CentOS 6.3, and VMs have Ubuntu 12.04 The followings are VM names and IP address, and description
keystone, 192.168.1.154 , for authentication
sproxy, 192.168.1.155, proxy server
snode01, 192.168.1.156, storage node 1
snode02, 192.168.1.157, storage node 2
snode03, 192.168.1.158, storage node 3
snode04, 192.168.1.159, storage node 4
snode05, 192.168.1.160, storage node 5
4) on keystone, i have the following created:
a) users: swift and admin
b) tenants: admin and service
c) roles: Member, _member_, admin, KeystoneAdmin, KeystoneServiceAdmin
d) swift is added "service" tenant with "admin" role
e) services: name: swift; type: object-store
f) end point: This part puzzles me. Some one used port 8888, someone used 8080. I guess if I use
8888, in swift-proxy-server.conf, I need to set the port to be 8888 as well.
another thing is about version "v1". Can I use "v2"? But any way, I created the following endpoints for swift:
+-------------+---------------------------------------------------+
| Property | Value |
+-------------+----------------------------------------------------------------+
| adminurl | http://192.168.1.154:8888/v1 |
| id | 878f926925634667b74f2053f616adfe |
| internalurl | http://192.168.1.154:8888/v1/AUTH_%(tenant_id)s |
| publicurl | http://192.168.1.154:8888/v1/AUTH_%(tenant_id)s |
| region | RegionOne |
| service_id | 1771a9ca06d34c4bbdcecdd6c8f865fd |
+-------------+-----------------------------------------------------------------+
5) swift proxy-server.conf :
The following is the settings. I got a few questions here
question 1: user =swift. why swift? I got a user called swift in keystone, I got a user called swift in my Ubuntu OS
question 2: admin_user=swift How is this swift different from the one above?
question 3: admin_tenant_name, should this one be "service" or "admin"?
[DEFAULT]
bind_port = 8888
user = swift
[pipeline:main]
pipeline = healthcheck cache authtoken keystoneauth proxy-server
....
# auth_* settings refer to the Keystone server
auth_protocol = http
auth_host = 192.168.1.154
auth_port = 35357
# the same admin_token as provided in keystone.conf
admin_token = ADMIN
# the service tenant and swift userid and password created in Keystone
admin_tenant_name = service
admin_user = swift
admin_password = stack
6) add zones
The followings are part of scripts to add zones. My question for this part are the port numbers 6000, 6001, and 6002 are the same for different storage nodes. are these right?
#
#zone 1 -- snode01
#
swift-ring-builder account.builder add r1z1-192.168.1.156:6002/vdb1 100 <br>
swift-ring-builder container.builder add r1z1-192.168.1.156:6001/vdb1 100 <br>
swift-ring-builder object.builder add r1z1-192.168.1.156:6000/vdb1 100 <br>
#
#zone 2 -- snode02
#<br>
swift-ring-builder account.builder add r1z2-192.168.1.157:6002/vdb1 100<br>
swift-ring-builder container.builder add r1z2-192.168.1.157:6001/vdb1 100<br>
swift-ring-builder ...