https://www.os3.nl/2010-2011/students/vic_ding/lia
Above is the link to the wiki of the configuration in case people would like to replicate such an object storage thing.
It is a going on project, so reports and slides will be attached later.
Shared part on all machines
apt-get install python-software-properties add-apt-repository ppa:swift-core/ppa apt-get update apt-get install swift mkdir -p /etc/swift chown -R swift:swift /etc/swift/ nano /etc/swift/swift.conf ##paste this [swift-hash] # random unique string that can never change (DO NOT LOSE) swift_hash_path_suffix = <replace with your hash string> ##end of paste
proxy node
apt-get install swift-proxy memcached nano /etc/memcached.conf ##change the following line -l 145.100.106.85 ##end of change service memcached restart nano /etc/swift/proxy-server.conf ##paste this [DEFAULT] cert_file = /etc/swift/cert.crt key_file = /etc/swift/cert.key bind_port = 8080 workers = 8 user = swift [pipeline:main] # For DevAuth: pipeline = healthcheck cache auth proxy-server # For Swauth: # pipeline = healthcheck cache swauth proxy-server [app:proxy-server] use = egg:swift#proxy allow_account_management = true # Only needed for DevAuth [filter:auth] use = egg:swift#auth ip = 145.100.106.86 [filter:healthcheck] use = egg:swift#healthcheck [filter:cache] use = egg:swift#memcache memcache_servers = 145.100.106.85:11211 ##end of paste swift-ring-builder account.builder create 18 3 1 swift-ring-builder container.builder create 18 3 1 swift-ring-builder object.builder create 18 3 1 swift-ring-builder account.builder add z1-145.100.106.87:6002/sdb1 100 swift-ring-builder account.builder add z2-145.100.106.88:6002/sdb1 100 swift-ring-builder account.builder add z3-145.100.106.89:6002/sdb1 100 swift-ring-builder account.builder add z4-145.100.105.88:6002/sdb1 100 swift-ring-builder account.builder add z5-145.100.105.89:6002/sdb1 100 swift-ring-builder container.builder add z1-145.100.106.87:6001/sdb1 100 swift-ring-builder container.builder add z2-145.100.106.88:6001/sdb1 100 swift-ring-builder container.builder add z3-145.100.106.89:6001/sdb1 100 swift-ring-builder container.builder add z4-145.100.105.88:6001/sdb1 100 swift-ring-builder container.builder add z5-145.100.105.89:6001/sdb1 100 swift-ring-builder object.builder add z1-145.100.106.87:6000/sdb1 100 swift-ring-builder object.builder add z2-145.100.106.88:6000/sdb1 100 swift-ring-builder object.builder add z3-145.100.106.89:6000/sdb1 100 swift-ring-builder object.builder add z4-145.100.105.88:6000/sdb1 100 swift-ring-builder object.builder add z5-145.100.105.89:6000/sdb1 100 swift-ring-builder account.builder rebalance swift-ring-builder container.builder rebalance swift-ring-builder object.builder rebalance #### do this on "every" machine ### scp fsadmin@145.100.106.85:/etc/swift/*.gz /etc/swift/ chown swift:swift /etc/swift/* #### end every do swift-init proxy restart
Auth node
apt-get install swift-auth nano /etc/swift/auth-server.conf ## paste this [DEFAULT] user = swift [pipeline:main] pipeline = auth-server [app:auth-server] use = egg:swift#auth default_cluster_url = http://145.100.106.85:8080/v1 # Highly recommended to change this key to something else! super_admin_key = <replace with admin key> ## end of paste chown -R swift:swift /etc/swift/*
Storage nodes
run on each of it
apt-get install swift-account swift-container swift-object xfsprogs #make file image and convert to xfs dd if=/dev/zero of=/storage.img bs=1024 count=1 seek=10M mkfs.xfs -i size=1024 /storage.img echo "/storage.img /srv/node/sdb1 xfs loop,noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab mkdir -p /srv/node/sdb1 mount /srv/node/sdb1 chown -R swift:swift /srv/node nano /etc/rsyncd.conf ##paste this uid = swift gid = swift log file = /var/log/rsyncd.log pid file = /var/run/rsyncd.pid address = <STORAGE_LOCAL_NET_IP> [account] max connections = 2 path = /srv/node/ read only = false lock file = /var/lock/account.lock [container] max connections = 2 path = /srv/node/ read only = false lock file = /var/lock/container.lock [object] max connections = 2 path = /srv/node/ read only = false lock file = /var/lock/object.lock ##end of paste nano /etc/default/rsync ##change this line RSYNC_ENABLE=true ##end of change service rsync start nano /etc/swift/account-server.conf ##paste this [DEFAULT] bind_ip = <STORAGE_LOCAL_NET_IP> workers = 2 [pipeline:main] pipeline = account-server [app:account-server] use = egg:swift#account [account-replicator] [account-auditor] [account-reaper] ##end of paste nano /etc/swift/container-server.conf ##paste this [DEFAULT] bind_ip = <STORAGE_LOCAL_NET_IP> workers = 2 [pipeline:main] pipeline = container-server [app:container-server] use = egg:swift#container [container-replicator] [container-updater] [container-auditor] ##end of paste nano /etc/swift/object-server.conf ##paste this [DEFAULT] bind_ip = <STORAGE_LOCAL_NET_IP> workers = 2 [pipeline:main] pipeline = object-server [app:object-server] use = egg:swift#object [object-replicator] [object-updater] [object-auditor] ##end of paste swift-init object-server start swift-init object-replicator start swift-init object-updater start swift-init object-auditor start swift-init container-server start swift-init container-replicator start swift-init container-updater start swift-init container-auditor start swift-init account-server start swift-init account-replicator start swift-init account-auditor start
add account
add a admin user with the following command
swift-auth-add-user -K devauth -a system root testpass
upload and download files
1. Create a user with administrative privileges (account = system, username = root, password = testpass). Make sure to replace devauth (or swauthkey) with whatever super_admin key you assigned in the auth-server.conf file (or proxy-server.conf file in the case of Swauth) above. Note: None of the values of account, username, or password are special - they can be anything.: # For DevAuth: swift-auth-add-user -K devauth -a system root testpass # For Swauth: swauth-add-user -K swauthkey -a system root testpass 2. Get an X-Storage-Url and X-Auth-Token: curl -k -v -H 'X-Storage-User: system:root' -H 'X-Storage-Pass: testpass' https://<AUTH_HOSTNAME>:11000/v1.0 3. Check that you can HEAD the account: curl -k -v -H 'X-Auth-Token: <token-from-x-auth-token-above>' <url-from-x-storage-url-above> 4. Check that st works: st -A https://<AUTH_HOSTNAME>:11000/v1.0 -U system:root -K testpass stat 5. Use st to upload a few files named ‘bigfile[1-2].tgz’ to a container named ‘myfiles’: st -A https://<AUTH_HOSTNAME>:11000/v1.0 -U system:root -K testpass upload myfiles bigfile1.tgz st -A https://<AUTH_HOSTNAME>:11000/v1.0 -U system:root -K testpass upload myfiles bigfile2.tgz 6. Use st to download all files from the ‘myfiles’ container: st -A https://<AUTH_HOSTNAME>:11000/v1.0 -U system:root -K testpass download myfiles
I uploaded a test file, name: testfile. with only “hihi” in it. Then I try to open it directly from the storage node.
root@storage1:/etc/swift# cat /srv/node/sdb1/objects/130033/2b6/7efc7b52beaf55b7ce478ab7bfd0c2b6/1299174108.09001.data hihi
Works~!!!!
Created script to up/download file. It is on the proxy server home folder of the user.
./transfer [upload|download] <filename>
choose the action you want to do and give the filename
first cp the original script then change obj/server.py for encryption
sudo cp /usr/share/pyshared/swift/obj/server.py /usr/share/pyshared/swift/obj/server.py.origin sudo scp fsadmin@145.100.106.85:/usr/share/pyshared/swift/obj/server.py /usr/share/pyshared/swift/obj/server.py sudo swift-init all restart
Looks like there is integrity check on the chunk, so the encrypted part won't pass the text hence won't be written to the disk. Have to figure it out.
