OpenStack Swiftã®ä»£ã‚ã‚Šã«Riak-CSを使ã£ã¦ã¿ã‚‹
OpenStackã§ã¯ã‚ªãƒ–ジェクトストレージサービスã¨ã—ã¦SwiftãŒä½¿ãˆã¾ã™ãŒã€APIレイヤã§å·®ã—æ›ãˆå¯èƒ½ãªã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã¨ã—ã¦SwiftStackã‚„Riak-CSãªã©ãŒã‚ã‚Šã¾ã™ã€‚今回ã®è¨˜äº‹ã§ã¯ã€åˆ†æ•£ã‚ªãƒ–ジェクトストレージ Riak-CS ã‚’OpenStackã¨çµ„ã¿åˆã‚ã›ã‚‹æ–¹æ³•ã«ã¤ã„ã¦ã¾ã¨ã‚ã¦ã¿ã¾ã™ã€‚
Riak-CSã§å‡ºæ¥ã‚‹ã“ã¨
Riak-CS㯠Basho Technologies社ãŒé–‹ç™ºã—ãŸAmazon S3ã®APIã‚’æŒã¤åˆ†æ•£ã‚ªãƒ–ジェクトストレージã®ã‚½ãƒ•ãƒˆã‚¦ã‚§ã‚¢ã§ã€2013å¹´3月ã«ã‚ªãƒ¼ãƒ—ンソース化ã•ã‚Œã¾ã—ãŸã€‚Riak-CSã¯åˆ†æ•£ãƒ‡ãƒ¼ã‚¿ãƒ™ãƒ¼ã‚¹ Riak ã®ä¸Šã§å‹•ä½œã™ã‚‹ã‚¢ãƒ¼ã‚テクãƒãƒ£ã‚’å–ã£ã¦ã„ã‚‹ãŸã‚ã€Riakã®ç‰¹é•·ã§ã‚る高ã„Availabilityã‚„ScalabilityãŒå®Ÿç¾ã•ã‚Œã¦ã„ã¾ã™ã€‚
Swiftã§ã¯é£½ã足らãªã„人やRiakãŒå¤§å¥½ããªäººã¯ã€æ˜¯éžã“ã®è¨˜äº‹ã‚’å‚考㫠OpenStack ã®ã‚ªãƒ–ジェクトストレージを Riak-CS ã«ã—ã¦ãŠæ¥½ã—ã¿ãã ã•ã„。
æƒ…å ±æº
Riak-CSãŒå¯¾å¿œã—ã¦ã„ã‚‹èªè¨¼æ–¹å¼
Riak-CSã‚’OpenStack KeyStoneã¨é€£ä¿‚ã•ã›ã‚‹éš›ã«åˆ©ç”¨ã§ãã‚‹èªè¨¼æ–¹å¼ã¯ä»¥ä¸‹ã®2ã¤ãŒã‚ã‚Šã¾ã™ã€‚
Riak-CSãŒå¯¾å¿œã—ã¦ã„ã‚‹ Swift互æ›API
Riak-CSã§åˆ©ç”¨ã§ãã‚‹ Swift互æ›APIã¯ä»¥ä¸‹ã®é€šã‚Šã§ã™ã€‚
- List Containers(lists all buckets for authenticated user)
- List Objects
- Create Container
- Delete Container
- Get Object
- Create or Update Object
- Delete Object
インストール方法
本記事ã§ã¯ã€ã‚½ãƒ¼ã‚¹ã‚³ãƒ¼ãƒ‰ã‹ã‚‰ãƒ“ルドã™ã‚‹å½¢ã§ã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«æ–¹æ³•ã‚’解説ã—ã¾ã™ã€‚keystoneã«ã¤ã„ã¦ã¯ã€devstackを用ã„ã¦ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã—ã¾ã™ã€‚
riak, riak-csåŠã³stanchionã®ã‚½ãƒ¼ã‚¹ã‚³ãƒ¼ãƒ‰ã‚’ダウンãƒãƒ¼ãƒ‰ã™ã‚‹
$ git clone https://github.com/basho/riak $ git clone https://github.com/basho/riak_cs $ git clone https://github.com/basho/stanchion
riakをビルドã™ã‚‹
$ cd riak $ git branch -b 1.4.2 refs/tags/1.4.2 $ make stagedevrel $ cd ..
riak-csをビルドã™ã‚‹
$ cd riak_cs $ git branch -b 1.4.3 refs/tags/1.4.3 $ make stagedevrel $ cd ..
stanchionをビルドã™ã‚‹
$ cd stanchion $ git branch -b 1.4.3 refs/tags/1.4.3 $ make devrel $ cd ..
riakã®è¨å®šã‚’riak-cså‘ã‘ã«ä¿®æ£ã—ã€riakプãƒã‚»ã‚¹ã‚’èµ·å‹•ã™ã‚‹
$ cd riak $ vi dev/dev1/etc/app.conf
(riak_kv storage_backend ã®ç®‡æ‰€ã‚’コメントã—ã€ä¸‹è¨˜ã‚’è¿½åŠ )
{add_paths, ["/home/foobar/src-github/riak-swift-test/riak_cs/dev/dev1/lib/riak_cs/ebin"]},
{storage_backend, riak_cs_kv_multi_backend},
{multi_backend_prefix_list, [{<<"0b:">>, be_blocks}]},
{multi_backend_default, be_default},
{multi_backend, [
{be_default, riak_kv_eleveldb_backend, [
{max_open_files, 50},
{data_root, "./data/leveldb"}
]},
{be_blocks, riak_kv_bitcask_backend, [
{data_root, "./data/bitcask"}
]}
]},
(riak_core 下記ã®é …ç›®ã‚’è¿½åŠ )
{default_bucket_props, [{allow_mult, true}]},$ ulimit -n 4096 $ dev/dev1/bin/riak start $ cd ..
riak-csã®è¨å®šã‚’ä¿®æ£ã—ã€riak-csプãƒã‚»ã‚¹ã‚’èµ·å‹•ã™ã‚‹
$ cd ../riak_cs $ vi dev/dev1/etc/app.config
(adminアカウントを作æˆã™ã‚‹ãŸã‚ã€ä¸€æ™‚çš„ã«èªè¨¼ç„¡ã—ã®è¨å®šã«ã™ã‚‹)
{anonymous_user_creation, true},
(riakã®ãƒãƒ¼ãƒˆè¨å®šã‚’変更ã™ã‚‹)
riak_cs, ...
{riak_pb_port, 10017 } ,$ dev/dev1/bin/riak-cs start
stanchionプãƒã‚»ã‚¹ã‚’èµ·å‹•ã™ã‚‹
$ vi dev/stanchion/etc/app.config
(stanchion riakãƒãƒ¼ãƒˆã‚’変更ã™ã‚‹)
{stanchion,...
{riak_pb_port, 10017 },
admin userを作æˆã™ã‚‹
$ curl -H 'Content-Type: application/json' \
-X POST http://localhost:8071/riak-cs/user \
--data '{"email":"[email protected]", "name":"admin user"}'以下ã®ã‚ˆã†ãªãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒè¿”ã£ã¦ãã‚‹
{
"email" : "[email protected]",
"status" : "enabled",
"key_id" : "KDGRAVNHTYYF8XNTD7CD",
"name" : "admin user",
"id" : "e52d4a6ee043848fceecbfeee10f48076924ef2a758d03d9554ecec05d6d1233",
"display_name" : "admin",
"key_secret" : "9IucFpt32qbAltZb_kEWa5N3bD_N9kbSB5mxsg=="
}
riak-cs, stanchionã® Admin User Credentialè¨å®šã‚’上記ã§ä½œæˆã—ãŸã‚‚ã®ã«å¤‰æ›´ã—ã¦ã€anonymous user creation ã‚’ disable ã«æˆ»ã™
$ vi dev/stanchion/etc/app.config $ dev/stanchion/bin/stanchion restart $ cd ../riak_cs $ vi dev/dev1/etc/app.config $ dev/dev1/bin/riak-cs restart
s3cmdã§å‹•ä½œãƒ†ã‚¹ãƒˆ (ã¾ãšã¯ Riak-CSå˜ä½“ã®å‹•ä½œãƒ†ã‚¹ãƒˆ)
$ sudo apt-get install s3cmd $ vi 00s3.cfg
(00s3.cfg) [default] access_key = KDGRAVNHTYYF8XNTD7CD bucket_location = US cloudfront_host = cloudfront.amazonaws.com cloudfront_resource = /2010-07-15/distribution default_mime_type = binary/octet-stream delete_removed = False dry_run = False enable_multipart = False encoding = UTF-8 encrypt = False follow_symlinks = False force = False get_continue = False gpg_command = /usr/local/bin/gpg gpg_decrypt = %(gpg_command)s -d --verbose --no-use-agent --batch --yes --passphrase-fd %(passphrase_fd)s -o %(output_file)s %(input_file)s gpg_encrypt = %(gpg_command)s -c --verbose --no-use-agent --batch --yes --passphrase-fd %(passphrase_fd)s -o %(output_file)s %(input_file)s gpg_passphrase = password guess_mime_type = True host_base = s3.amazonaws.com host_bucket = %(bucket)s.s3.amazonaws.com human_readable_sizes = False list_md5 = False log_target_prefix = preserve_attrs = True progress_meter = True proxy_host = localhost proxy_port = 8071 recursive = False recv_chunk = 4096 reduced_redundancy = False secret_key = 9IucFpt32qbAltZb_kEWa5N3bD_N9kbSB5mxsg== send_chunk = 4096 simpledb_host = sdb.amazonaws.com skip_existing = False socket_timeout = 300 urlencoding_mode = normal use_https = True verbosity = WARNING
$ s3cmd -c 00s3.cfg ls $ s3cmd -c 00s3.cfg mb s3://test $ s3cmd -c 00s3.cfg put LICENSE s3://test/obj1 $ s3cmd -c 00s3.cfg ls s3://test/ $ s3cmd -c 00s3.cfg get s3://test/obj1 -
OpenStack Keystoneã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã€ãƒ—ãƒã‚»ã‚¹èµ·å‹•
$ cd .. $ git clone https://github.com/openstack-dev/devstack $ cd devstack $ cp samples/localrc . $ vi localrc
(localrcã®ä¿®æ£) (SwiftåŠã³Keystoneã®ã¿ã‚’動作ã•ã›ã‚‹ãŸã‚ã€ä¸‹è¨˜ã‚³ãƒ³ãƒ•ã‚£ã‚°ã‚’付ã‘足ã™) KEYSTONE_BRANCH=stable/havana SERVICE_TOKEN=$ADMIN_PASSWORD disable_all_services enable_service key mysql
$ ./stack.sh
$ source openrc admin admin
$ keystone service-create --name=swift --type="object-store" \
--description="Swift Service"
$ keystone endpoint-create \
--region RegionOne \
--service_id (service id) \
--publicurl "http://localhost:8071/v1/AUTH_\$(tenant_id)s" \
--adminurl "http://localhost:8071" \
--internalurl "http://localhost:8071/v1/AUTH_\$(tenant_id)s"
$ keystone catalog
S3 APIã®è¨å®šã€ãƒ†ã‚¹ãƒˆ
$ cd ../riak_cs $ vi dev/dev1/etc/app.config
(app.config)
- devstackã®ã‚³ãƒ³ãƒ•ã‚£ã‚°ã§æŒ‡å®šã—㟠token を追åŠ
{os_admin_token, "nomoresecrete"},
(Auth URL を指定ã™ã‚‹)
{os_auth_url, "http://(host or ip address):35357/v2.0/"},
{rewrite_module, riak_cs_s3_rewrite },
{auth_module, riak_cs_keystone_auth },$ dev/dev1/bin/riak-cs restart $ keystone user-create --name testuser --pass test --email [email protected] --tenant-id (demo tenant id) --enabled true $ keystone role-create --name swiftoperator $ keystone user-role-add --user-id (user-id) --role-id (role-id) --tenant-id (tenant-id) $ keystone ec2-credentials-create --user_id (uid) --tenant_id (tenant-id) $ vi 01s3.cfg (access_key, secret_key ã‚’ ec2-credentials-create ã§ç”Ÿæˆã•ã‚ŒãŸã‚‚ã®ã«å¤‰ãˆã‚‹) $ s3cmd -c 01s3.cfg mb s3://bucket2 $ s3cmd -c 01s3.cfg ls $ echo "ilovechickenilovelivermeowmixmeowmixwilldeliver" > upload.txt $ s3cmd -c 01s3.cfg put upload.txt s3://bucket2 $ s3cmd -c 01s3.cfg get s3://bucket2/upload.txt download.txt $ s3cmd -c 01s3.cfg del s3://bucket2/upload.txt $ s3cmd -c 01s3.cfg rb s3://bucket2
OpenStack(Swift) APIã®è¨å®šã€ãƒ†ã‚¹ãƒˆ
$ vi dev/dev1/etc/app.config
(app.config)
{rewrite_module, riak_cs_oos_rewrite },
(API ã‚’ Swift API ã«å¤‰æ›´ã™ã‚‹)$ dev/dev1/bin/riak-cs restart
$ curl -s -d '{"auth": {"tenantName": "demo", "passwordCredentials": {"username": "testuser", "password": "test"}}}' -H 'Content-type: application/json' http://localhost:5000/v2.0/tokens | json_pp$ export ID=... (tokené …ç›®ã®ä¸ã®idã‚’ X-Auth-Tokenã¨ã—ã¦ä½¿ã†) $ export URL=... (object-store service ã® serviceCatalogã‹ã‚‰ã€publicURLã®æƒ…å ±ã‚’å¾—ã‚‹) $ curl -X PUT -H 'X-Auth-Token: '$ID $URL/bucket1 $ curl -H 'X-Auth-Token: '$ID $URL $ curl -X PUT --data 'abcdefghi123456789' -H 'X-Auth-Token: '$ID $URL/bucket1/object1
