一 安装 OpenStack

1. 更新 yum 源
$ yum update

$ yum update
2. 关闭防火墙
$ setenforce 0
$ sed -i "s/^SELINUX=.*$/SELINUX=disabled/" /etc/selinux/config
$ systemctl stop firewalld
$ systemctl disable firewalld

$ setenforce 0
$ sed -i "s/^SELINUX=.*$/SELINUX=disabled/" /etc/selinux/config
$ systemctl stop firewalld
$ systemctl disable firewalld
3. 更新 device-mapper
$ yum update device-mapper

$ yum update device-mapper
4. 安装 rdo
$ yum install -y http://rdo.fedorapeople.org/rdo-release.rpm

$ yum install -y http://rdo.fedorapeople.org/rdo-release.rpm
5. 安装 packstack
$ yum install -y openstack-packstack

$ yum install -y openstack-packstack
6. 安装 openstack

需要较久时间。

$ packstack --allinone

$ packstack --allinone

根据 CPU 和内存大小在以下步骤可能会等待比较久的时间(笔者的配置是4C8G):

Testing if puppet apply is finished: 192.168.0.214_controller.pp  [ | ]

Testing if puppet apply is finished: 192.168.0.214_controller.pp  [ | ]

解决方案

如下图所示,当出现 installation completed successfull,则说明安装已经成功:

Applying 192.168.0.214_controller.pp
192.168.0.214_controller.pp:                         [ DONE ]
Applying 192.168.0.214_network.pp
192.168.0.214_network.pp:                            [ DONE ]
Applying 192.168.0.214_compute.pp
192.168.0.214_compute.pp:                            [ DONE ]
Applying Puppet manifests                            [ DONE ]
Finalizing                                           [ DONE ]

 **** Installation completed successfully ******

Additional information:
 * Parameter CONFIG_NEUTRON_L2_AGENT: You have chosen OVN Neutron backend. Note that this backend does not support the VPNaaS or FWaaS services. Geneve will be used as the encapsulation method for tenant networks
 * A new answerfile was created in: /root/packstack-answers-20201203-111803.txt
 * Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
 * Warning: NetworkManager is active on 192.168.0.214. OpenStack networking currently does not work on systems that have the Network Manager service enabled.
 * File /root/keystonerc_admin has been created on OpenStack client host 192.168.0.214. To use the command line tools you need to source the file.
 * To access the OpenStack Dashboard browse to http://192.168.0.214/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
 * The installation log file is available at: /var/tmp/packstack/20201203-111800-63RjqK/openstack-setup.log
 * The generated manifests are available at: /var/tmp/packstack/20201203-111800-63RjqK/manifests

Applying 192.168.0.214_controller.pp
192.168.0.214_controller.pp:                         [ DONE ]
Applying 192.168.0.214_network.pp
192.168.0.214_network.pp:                            [ DONE ]
Applying 192.168.0.214_compute.pp
192.168.0.214_compute.pp:                            [ DONE ]
Applying Puppet manifests                            [ DONE ]
Finalizing                                           [ DONE ]

 **** Installation completed successfully ******

Additional information:
 * Parameter CONFIG_NEUTRON_L2_AGENT: You have chosen OVN Neutron backend. Note that this backend does not support the VPNaaS or FWaaS services. Geneve will be used as the encapsulation method for tenant networks
 * A new answerfile was created in: /root/packstack-answers-20201203-111803.txt
 * Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
 * Warning: NetworkManager is active on 192.168.0.214. OpenStack networking currently does not work on systems that have the Network Manager service enabled.
 * File /root/keystonerc_admin has been created on OpenStack client host 192.168.0.214. To use the command line tools you need to source the file.
 * To access the OpenStack Dashboard browse to http://192.168.0.214/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
 * The installation log file is available at: /var/tmp/packstack/20201203-111800-63RjqK/openstack-setup.log
 * The generated manifests are available at: /var/tmp/packstack/20201203-111800-63RjqK/manifests
7. 查看默认 admin 账号的用户名和密码
$ cat /root/keystonerc_admin

$ cat /root/keystonerc_admin
unset OS_SERVICE_TOKEN
    export OS_USERNAME=admin
    export OS_PASSWORD='849136cb6d22409f'
    export OS_REGION_NAME=RegionOne
    export OS_AUTH_URL=http://192.168.0.214:5000/v3
    export PS1='[\u@\h \W(keystone_admin)]\$ '

export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_IDENTITY_API_VERSION=3

unset OS_SERVICE_TOKEN
    export OS_USERNAME=admin
    export OS_PASSWORD='849136cb6d22409f'
    export OS_REGION_NAME=RegionOne
    export OS_AUTH_URL=http://192.168.0.214:5000/v3
    export PS1='[\u@\h \W(keystone_admin)]\$ '

export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_IDENTITY_API_VERSION=3
8. 访问URL

http://192.168.0.214

使用第7步获取的用户名 OS_USERNAME 字段和密码 OS_PASSWORD 字段登录:



openstack之swift静态大对象 openstack swift部署_HTTP

openstack之swift静态大对象 openstack swift部署_postman安装路径_02

9. 创建一个用户



openstack之swift静态大对象 openstack swift部署_swift_03

openstack之swift静态大对象 openstack swift部署_HTTP_04

二 使用Swift

1. 获取token

下面介绍如何构建 HTTP 请求和 OpenStack Swift 通信,我们使用 postman 工具模拟发送的请求。Postman 是 Google 开发的一款功能强大的网页调试和发送 HTTP 请求的工具,它可以发送任何类型的 HTTP 请求,比如 GET,POST,PUT,HEAD,DELETE 等,附带任何数量的参数和 HTTP header,可支持不同类型的认证机制(basic,digest,OAuth),一款用于模拟 http 请求的软件,能够方便我们调试 http 请求,它既可以以 Chrome 浏览器插件的形式存在,也可以是独立的应用程序存在。可以访问 Postman 官网了解更多信息,官方网站:https://www.getpostman.com/,Postman安装方法不再介绍,本文默认用户已经安装好了此软件。

访问 OpenStack Swift 需要先向 keystone 主机获取访问权限,然后使用获取到的 token 访问 swift 的代理节点。

使用 POST 方法,向 http://ip:5000/v3/auth/tokens 发送请求。Header 的 Content-Type 字段类型为 application/json。在 requestBody 中填写以下内容,其中 name 和 password 是需要根据实际情况填写的部分,发送的 HTTP 请求格式如下:

http://192.168.0.214:5000/v3/auth/tokens

{"auth": {"identity": {"methods": ["password"],"password": {"user": {"name": "iuskye","domain": {"name": "Default"},"password":"12345678"}}}}}

http://192.168.0.214:5000/v3/auth/tokens

{"auth": {"identity": {"methods": ["password"],"password": {"user": {"name": "iuskye","domain": {"name": "Default"},"password":"12345678"}}}}}



openstack之swift静态大对象 openstack swift部署_Postman_05

responseBody 的 header 中的 X-Subject-Token 字段就是服务器返回的 token:

gAAAAABfyGbkSI9XKevkxBSneocJtf0fbUQkH-EtPhGWT19hdVGJtwFpkoCIjiBI-AJD90ZzVYjO6-eEpGy4Ku3igsnwfJjR0IMzeWJc05v3xItz446NpF66UE9i_lQJpJkH2kGz5s3FwaL6uw3l1tbfC5ThT-uYUEXSeC5Fd3GSQIFsKn9Z0Pg

gAAAAABfyGbkSI9XKevkxBSneocJtf0fbUQkH-EtPhGWT19hdVGJtwFpkoCIjiBI-AJD90ZzVYjO6-eEpGy4Ku3igsnwfJjR0IMzeWJc05v3xItz446NpF66UE9i_lQJpJkH2kGz5s3FwaL6uw3l1tbfC5ThT-uYUEXSeC5Fd3GSQIFsKn9Z0Pg

token 的有效期在 /etc/keystone/keystone.conf 文件中的 [token] 下设置,单位为秒。如下图所示,现在的 token 有效期是一小时:

expiration=3600

expiration=3600
2. 创建容器

打开 openstack,在菜单栏中选择“访问API”可以看到 API 的 URL 接口。从下图中可以看到 object storage(对象存储)的访问 url 接口地址是 http://192.168.0.214:8080/v1/AUTH_dcdd4e8ba5a7412b8250474e21b8d0e7:



openstack之swift静态大对象 openstack swift部署_swift_06

使用 Postman 工具构建创建容器的 HTTP 请求,如下图:



openstack之swift静态大对象 openstack swift部署_postman安装路径_07

网页上可以看到容器已经创建成功:



openstack之swift静态大对象 openstack swift部署_HTTP_08

3. 上传文件

使用 Postman 工具,使用下面 url,用 put 方法向自己创建的 iuskye 账户的 xiaoliutest 容器中添加一个 swift-api.png 文件:

http://192.168.0.214:8080/v1/AUTH_dcdd4e8ba5a7412b8250474e21b8d0e7/xiaoliutest/swift-api.png



openstack之swift静态大对象 openstack swift部署_Postman_09

openstack之swift静态大对象 openstack swift部署_HTTP_10

其中 AUTH_dcdd4e8ba5a7412b8250474e21b8d0e7 是账户 iuskye,xiaoliutest 是容器名,swift-api.png 是对象名(可以加子路径,例如 uploadfolder/swift-api.png),在 body 中选择类型为 binary 并添加文件,在 header 中添加 X-Auth-Token 字段,值为 token。

成功后可以看到文件已成功上传:



openstack之swift静态大对象 openstack swift部署_Postman_11