溫馨提示×

溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊×
其他方式登錄
點擊 登錄注冊 即表示同意《億速云用戶服務(wù)條款》

Ceph 配置S3和swift接口訪問集群

發(fā)布時間:2020-07-23 05:00:36 來源:網(wǎng)絡(luò) 閱讀:651 作者:腿快抖斷了 欄目:系統(tǒng)運維

要使用REST接口,我們首先要為S3接口創(chuàng)建一個初始的Ceph對象網(wǎng)關(guān)用戶,然后為Swift界面創(chuàng)建一個子用戶,最后,我們需要驗證創(chuàng)建的用戶是否能夠訪問網(wǎng)關(guān)。

創(chuàng)建用以訪問s3接口的radosgw用戶

執(zhí)行如下命令創(chuàng)建用戶,記錄下access_key和secret_key,沒記住也沒關(guān)系,可以使用radosgw-admin user info --uid=s3查看

[root@ceph-node1 ~]# radosgw-admin user create --uid="s3" --display-name="s3 user"
{
"user_id": "s3",
"display_name": "s3 user",
"email": "",
"suspended": 0,
"max_buckets": 1000,
"auid": 0,
"subusers": [],
"keys": [
{
"user": "s3",
"access_key": "WNXRGPK6XGWO8XRLWRUA",
"secret_key": "Segqx8fZ8H5arM1Pvpygiewp4gl9Qjkrymi09aVP"
}
],
"swift_keys": [],
"caps": [],
"op_mask": "read, write, delete",
"default_placement": "",
"placement_tags": [],
"bucket_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
},
"user_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
},
"temp_url_keys": [],
"type": "rgw",
"mfa_ids": []
}

創(chuàng)建用以訪問swift接口的radosgw用戶

進行swift接口訪問,需要創(chuàng)建一個Swift子用戶,記錄下s3:swift的secret_key

[root@ceph-node1 ~]#radosgw-admin subuser create --uid=s3 --subuser=s3:swift --access=full
{
"user_id": "s3",
"display_name": "s3 user",
"email": "",
"suspended": 0,
"max_buckets": 1000,
"auid": 0,
"subusers": [
{
"id": "s3:swift",
"permissions": "full-control"
}
],
"keys": [
{
"user": "s3",
"access_key": "WNXRGPK6XGWO8XRLWRUA",
"secret_key": "Segqx8fZ8H5arM1Pvpygiewp4gl9Qjkrymi09aVP"
}
],
"swift_keys": [
{
"user": "s3:swift",
"secret_key": "czb1ExW6XRy7iE41gFLL0xQNlamLLc569DC9FG1r"
}
],
"caps": [],
"op_mask": "read, write, delete",
"default_placement": "",
"placement_tags": [],
"bucket_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
},
"user_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
},
"temp_url_keys": [],
"type": "rgw",
"mfa_ids": []
}

測試s3接口

我們需要編寫并運行Python測試腳本來驗證S3訪問, S3訪問測試腳本將連接到radosgw,創(chuàng)建一個新的存儲桶并列出所有存儲桶, access_key_id和secret_access_key的值取自radosgw-admin命令返回的s3用戶的access_key和secret_key的值,另外需要修改主機名(host)和端口(port)

[root@ceph-node1 ~]yum install python-boto -y

[root@ceph-node1 ~]vim s3test.py

import boto
import boto.s3.connection
access_key = 'WNXRGPK6XGWO8XRLWRUA'
secret_key = 'Segqx8fZ8H5arM1Pvpygiewp4gl9Qjkrymi09aVP'
conn = boto.connect_s3(
    aws_access_key_id = access_key,
    aws_secret_access_key = secret_key,
    host = 'ceph-node1', port=7480,
    is_secure=False,
    calling_format = boto.s3.connection.OrdinaryCallingFormat(),
)
bucket = conn.create_bucket('my-first-s3-bucket')
for bucket in conn.get_all_buckets():
        print "{name}\t{created}".format(
                name = bucket.name,
                created = bucket.creation_date,
)

root@ceph-node1 ~]python s3test.py
my-first-s3-bucket 2019-12-13T02:58:44.604Z

也可以使用s3cmd這個命令行工具

root@ceph-node1 ~]yum install s3cmd -y

root@ceph-node1 ~]s3cmd --configure

配置里需要填寫s3用戶的secret_key和access_key,以及S3 Endpoint和target Amazon S3,這兩個填寫radosgw的主機的主機名和端口,如ceph-node1:7480

root@ceph-node1 ~]s3cmd ls #查看已有bucket
2019-12-13 02:58 s3://my-first-s3-bucket
root@ceph-node1 ~]s3cmd mb s3://my-second-s3-bucket #創(chuàng)建一個bucket
root@ceph-node1 ~]s3cmd put /etc/hosts s3://my-second-s3-bucket #給剛才創(chuàng)建的bucket中放入一個文件
[root@ceph-node1]# s3cmd ls s3://my-second-s3-bucket #查看桶中文件
2019-12-13 03:08 575 s3://my-second-s3-bucket/hosts

測試swift接口

root@ceph-node1 ~]yum install python-pip -y
root@ceph-node1 ~]pip install --upgrade python-swiftclient

創(chuàng)建一個bucket
[root@liuning s3]# swift -A http://glusterfs-node1:7480/auth/1.0 -U s3:swift -K e58xcqROWx2bMMSo36KnNWUYpEUrdPbDruNWezqr post my-first-swift-bucket

用swift接口查看這個已有的bucket
[root@liuning s3]# swift -A http://glusterfs-node1:7480/auth/1.0 -U s3:swift -K e58xcqROWx2bMMSo36KnNWUYpEUrdPbDruNWezqr list
my-first-s3-bucket
my-first-swift-bucket
my-second-s3-bucket

注意可能會出現(xiàn)下面這個錯誤,等一會就好了,要是不行就把剛才的用戶刪除了重新創(chuàng)建一個,使用新的secret_key

Auth GET failed: http://ceph-node1:7480/auth/1.0 403 Forbidden [first 60 chars of response] {"Code":"AccessDenied","RequestId":"tx000000000000000000013-
Failed Transaction ID: tx000000000000000000013-005df3022d-e2a1-default

至此,s3和swift接口的搭建和測試已經(jīng)完成,如需更多使用實例和api,可以查閱man或ceph官網(wǎng)

向AI問一下細節(jié)

免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點不代表本網(wǎng)站立場,如果涉及侵權(quán)請聯(lián)系站長郵箱:is@yisu.com進行舉報,并提供相關(guān)證據(jù),一經(jīng)查實,將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI