diff --git a/install-guide/source/conf.py b/install-guide/source/conf.py new file mode 100644 index 0000000000..bcf546c929 --- /dev/null +++ b/install-guide/source/conf.py @@ -0,0 +1,300 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import os +# import sys + + +import openstackdocstheme + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +# sys.path.insert(0, os.path.abspath('.')) + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +# needs_sphinx = '1.0' + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +# TODO(ajaeger): enable PDF building, for example add 'rst2pdf.pdfbuilder' +# extensions = + +# Add any paths that contain templates here, relative to this directory. +# templates_path = ['_templates'] + +# The suffix of source filenames. +source_suffix = '.rst' + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The master toctree document. +master_doc = 'index' + +# General information about the project. +project = u'Installation Guide for Object Storage Service' +bug_tag = u'install-guide' +copyright = u'2016, OpenStack contributors' + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The short X.Y version. +version = '0.1' +# The full version, including alpha/beta/rc tags. +release = '0.1' + +# A few variables have to be set for the log-a-bug feature. +# giturl: The location of conf.py on Git. Must be set manually. +# gitsha: The SHA checksum of the bug description. Automatically extracted from git log. +# bug_tag: Tag for categorizing the bug. Must be set manually. +# These variables are passed to the logabug code via html_context. +giturl = u'http://git.openstack.org/cgit/openstack/swift/tree/install-guide/source' +git_cmd = "/usr/bin/git log | head -n1 | cut -f2 -d' '" +gitsha = os.popen(git_cmd).read().strip('\n') +html_context = {"gitsha": gitsha, "bug_tag": bug_tag, + "giturl": giturl, + "bug_project": "swift"} + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = [] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = 'sphinx' + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = 'openstackdocs' + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +# html_theme_options = {} + +# Add any paths that contain custom themes here, relative to this directory. +html_theme_path = [openstackdocstheme.get_html_theme_path()] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +# html_static_path = [] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# So that we can enable "log-a-bug" links from each output HTML page, this +# variable must be set to a format that includes year, month, day, hours and +# minutes. +html_last_updated_fmt = '%Y-%m-%d %H:%M' + + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +html_use_index = False + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +html_show_sourcelink = False + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Output file base name for HTML help builder. +htmlhelp_basename = 'install-guide' + +# If true, publish source files +html_copy_source = False + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + + # Additional stuff for the LaTeX preamble. + # 'preamble': '', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ('index', 'InstallGuide.tex', u'Install Guide', + u'OpenStack contributors', 'manual'), +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ('index', 'installguide', u'Install Guide', + [u'OpenStack contributors'], 1) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ('index', 'InstallGuide', u'Install Guide', + u'OpenStack contributors', 'InstallGuide', + 'This guide shows OpenStack end users how to install ' + 'an OpenStack cloud.', 'Miscellaneous'), +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False + +# -- Options for Internationalization output ------------------------------ +locale_dirs = ['locale/'] + +# -- Options for PDF output -------------------------------------------------- + +pdf_documents = [ + ('index', u'InstallGuide', u'Install Guide', + u'OpenStack contributors') +] diff --git a/install-guide/source/controller-common_prerequisites.txt b/install-guide/source/controller-common_prerequisites.txt new file mode 100644 index 0000000000..a87e7aad31 --- /dev/null +++ b/install-guide/source/controller-common_prerequisites.txt @@ -0,0 +1,116 @@ +Prerequisites +------------- + +The proxy service relies on an authentication and authorization mechanism such +as the Identity service. However, unlike other services, it also offers an +internal mechanism that allows it to operate without any other OpenStack +services. Before you configure the Object Storage service, you must +create service credentials and an API endpoint. + +.. note:: + + The Object Storage service does not use an SQL database on the controller + node. Instead, it uses distributed SQLite databases on each storage node. + +#. Source the ``admin`` credentials to gain access to admin-only CLI commands: + + .. code-block:: console + + $ . admin-openrc + +#. To create the Identity service credentials, complete these steps: + + * Create the ``swift`` user: + + .. code-block:: console + + $ openstack user create --domain default --password-prompt swift + User Password: + Repeat User Password: + +-----------+----------------------------------+ + | Field | Value | + +-----------+----------------------------------+ + | domain_id | e0353a670a9e496da891347c589539e9 | + | enabled | True | + | id | d535e5cbd2b74ac7bfb97db9cced3ed6 | + | name | swift | + +-----------+----------------------------------+ + + * Add the ``admin`` role to the ``swift`` user: + + .. code-block:: console + + $ openstack role add --project service --user swift admin + + .. note:: + + This command provides no output. + + * Create the ``swift`` service entity: + + .. code-block:: console + + $ openstack service create --name swift \ + --description "OpenStack Object Storage" object-store + +-------------+----------------------------------+ + | Field | Value | + +-------------+----------------------------------+ + | description | OpenStack Object Storage | + | enabled | True | + | id | 75ef509da2c340499d454ae96a2c5c34 | + | name | swift | + | type | object-store | + +-------------+----------------------------------+ + +#. Create the Object Storage service API endpoints: + + .. code-block:: console + + $ openstack endpoint create --region RegionOne \ + object-store public http://controller:8080/v1/AUTH_%\(tenant_id\)s + +--------------+----------------------------------------------+ + | Field | Value | + +--------------+----------------------------------------------+ + | enabled | True | + | id | 12bfd36f26694c97813f665707114e0d | + | interface | public | + | region | RegionOne | + | region_id | RegionOne | + | service_id | 75ef509da2c340499d454ae96a2c5c34 | + | service_name | swift | + | service_type | object-store | + | url | http://controller:8080/v1/AUTH_%(tenant_id)s | + +--------------+----------------------------------------------+ + + $ openstack endpoint create --region RegionOne \ + object-store internal http://controller:8080/v1/AUTH_%\(tenant_id\)s + +--------------+----------------------------------------------+ + | Field | Value | + +--------------+----------------------------------------------+ + | enabled | True | + | id | 7a36bee6733a4b5590d74d3080ee6789 | + | interface | internal | + | region | RegionOne | + | region_id | RegionOne | + | service_id | 75ef509da2c340499d454ae96a2c5c34 | + | service_name | swift | + | service_type | object-store | + | url | http://controller:8080/v1/AUTH_%(tenant_id)s | + +--------------+----------------------------------------------+ + + $ openstack endpoint create --region RegionOne \ + object-store admin http://controller:8080/v1 + +--------------+----------------------------------+ + | Field | Value | + +--------------+----------------------------------+ + | enabled | True | + | id | ebb72cd6851d4defabc0b9d71cdca69b | + | interface | admin | + | region | RegionOne | + | region_id | RegionOne | + | service_id | 75ef509da2c340499d454ae96a2c5c34 | + | service_name | swift | + | service_type | object-store | + | url | http://controller:8080/v1 | + +--------------+----------------------------------+ + diff --git a/install-guide/source/controller-include.txt b/install-guide/source/controller-include.txt new file mode 100644 index 0000000000..3e9b2b4305 --- /dev/null +++ b/install-guide/source/controller-include.txt @@ -0,0 +1,84 @@ +Edit the ``/etc/swift/proxy-server.conf`` file and complete the +following actions: + +* In the ``[DEFAULT]`` section, configure the bind port, user, and + configuration directory: + + .. code-block:: none + + [DEFAULT] + ... + bind_port = 8080 + user = swift + swift_dir = /etc/swift + +* In the ``[pipeline:main]`` section, remove the ``tempurl`` and + ``tempauth`` modules and add the ``authtoken`` and ``keystoneauth`` + modules: + + .. code-block:: none + + [pipeline:main] + pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk ratelimit authtoken keystoneauth container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server + + .. note:: + + Do not change the order of the modules. + + .. note:: + + For more information on other modules that enable additional features, + see the `Deployment Guide `__. + +* In the ``[app:proxy-server]`` section, enable automatic account creation: + + .. code-block:: console + + [app:proxy-server] + use = egg:swift#proxy + ... + account_autocreate = True + +* In the ``[filter:keystoneauth]`` section, configure the operator roles: + + .. code-block:: console + + [filter:keystoneauth] + use = egg:swift#keystoneauth + ... + operator_roles = admin,user + +* In the ``[filter:authtoken]`` section, configure Identity service access: + + .. code-block:: none + + [filter:authtoken] + paste.filter_factory = keystonemiddleware.auth_token:filter_factory + ... + auth_uri = http://controller:5000 + auth_url = http://controller:35357 + memcached_servers = controller:11211 + auth_type = password + project_domain_name = default + user_domain_name = default + project_name = service + username = swift + password = SWIFT_PASS + delay_auth_decision = True + + Replace ``SWIFT_PASS`` with the password you chose for the ``swift`` user + in the Identity service. + + .. note:: + + Comment out or remove any other options in the ``[filter:authtoken]`` + section. + +* In the ``[filter:cache]`` section, configure the ``memcached`` location: + + .. code-block:: none + + [filter:cache] + use = egg:swift#memcache + ... + memcache_servers = controller:11211 diff --git a/install-guide/source/controller-install-debian.rst b/install-guide/source/controller-install-debian.rst new file mode 100644 index 0000000000..3a9ce2ba01 --- /dev/null +++ b/install-guide/source/controller-install-debian.rst @@ -0,0 +1,50 @@ +.. _controller-debian: + +Install and configure the controller node for Debian +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This section describes how to install and configure the proxy service that +handles requests for the account, container, and object services operating +on the storage nodes. For simplicity, this guide installs and configures +the proxy service on the controller node. However, you can run the proxy +service on any node with network connectivity to the storage nodes. +Additionally, you can install and configure the proxy service on multiple +nodes to increase performance and redundancy. For more information, see the +`Deployment Guide `__. + +This section applies to Debian. + +.. include:: controller-common_prerequisites.txt + +Install and configure components +-------------------------------- + +.. note:: + + Default configuration files vary by distribution. You might need + to add these sections and options rather than modifying existing + sections and options. Also, an ellipsis (``...``) in the configuration + snippets indicates potential default configuration options that you + should retain. + +#. Install the packages: + + .. code-block:: console + + # apt-get install swift swift-proxy python-swiftclient \ + python-keystoneclient python-keystonemiddleware \ + memcached + + .. note:: + + Complete OpenStack environments already include some of these + packages. + + 2. Create the ``/etc/swift`` directory. + + 3. Obtain the proxy service configuration file from the Object Storage + source repository: + + .. code-block:: console + + # curl -o /etc/swift/proxy-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/proxy-server.conf-sample?h=stable/mitaka diff --git a/install-guide/source/controller-install-obs.rst b/install-guide/source/controller-install-obs.rst new file mode 100644 index 0000000000..7588510d44 --- /dev/null +++ b/install-guide/source/controller-install-obs.rst @@ -0,0 +1,45 @@ +.. _controller-obs: + +Install and configure the controller node for openSUSE and SUSE Linux Enterprise +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This section describes how to install and configure the proxy service that +handles requests for the account, container, and object services operating +on the storage nodes. For simplicity, this guide installs and configures +the proxy service on the controller node. However, you can run the proxy +service on any node with network connectivity to the storage nodes. +Additionally, you can install and configure the proxy service on multiple +nodes to increase performance and redundancy. For more information, see the +`Deployment Guide `__. + +This section applies to openSUSE Leap 42.1 and SUSE Linux Enterprise Server +12 SP1. + +.. include:: controller-common_prerequisites.txt + +Install and configure components +-------------------------------- + +.. note:: + + Default configuration files vary by distribution. You might need + to add these sections and options rather than modifying existing + sections and options. Also, an ellipsis (``...``) in the configuration + snippets indicates potential default configuration options that you + should retain. + +#. Install the packages: + + .. code-block:: console + + # zypper install openstack-swift-proxy python-swiftclient \ + python-keystoneclient python-keystonemiddleware \ + python-xml memcached + + .. note:: + + Complete OpenStack environments already include some of these + packages. + + 2. .. include:: controller-include.txt + diff --git a/install-guide/source/controller-install-rdo.rst b/install-guide/source/controller-install-rdo.rst new file mode 100644 index 0000000000..82c9eb657d --- /dev/null +++ b/install-guide/source/controller-install-rdo.rst @@ -0,0 +1,50 @@ +.. _controller-rdo: + +Install and configure the controller node for Red Hat Enterprise Linux and CentOS +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This section describes how to install and configure the proxy service that +handles requests for the account, container, and object services operating +on the storage nodes. For simplicity, this guide installs and configures +the proxy service on the controller node. However, you can run the proxy +service on any node with network connectivity to the storage nodes. +Additionally, you can install and configure the proxy service on multiple +nodes to increase performance and redundancy. For more information, see the +`Deployment Guide `__. + +This section applies to Red Hat Enterprise Linux 7 and CentOS 7. + +.. include:: controller-common_prerequisites.txt + +Install and configure components +-------------------------------- + +.. note:: + + Default configuration files vary by distribution. You might need + to add these sections and options rather than modifying existing + sections and options. Also, an ellipsis (``...``) in the configuration + snippets indicates potential default configuration options that you + should retain. + +#. Install the packages: + + .. code-block:: console + + # yum install openstack-swift-proxy python-swiftclient \ + python-keystoneclient python-keystonemiddleware \ + memcached + + .. note:: + + Complete OpenStack environments already include some of these + packages. + + 2. Obtain the proxy service configuration file from the Object Storage + source repository: + + .. code-block:: console + + # curl -o /etc/swift/proxy-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/proxy-server.conf-sample?h=stable/mitaka + + 3. .. include:: controller-include.txt diff --git a/install-guide/source/controller-install-ubuntu.rst b/install-guide/source/controller-install-ubuntu.rst new file mode 100644 index 0000000000..2b8baed14f --- /dev/null +++ b/install-guide/source/controller-install-ubuntu.rst @@ -0,0 +1,52 @@ +.. _controller-ubuntu: + +Install and configure the controller node for Ubuntu +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This section describes how to install and configure the proxy service that +handles requests for the account, container, and object services operating +on the storage nodes. For simplicity, this guide installs and configures +the proxy service on the controller node. However, you can run the proxy +service on any node with network connectivity to the storage nodes. +Additionally, you can install and configure the proxy service on multiple +nodes to increase performance and redundancy. For more information, see the +`Deployment Guide `__. + +This section applies to Ubuntu 14.04 (LTS). + +.. include:: controller-common_prerequisites.txt + +Install and configure components +-------------------------------- + +.. note:: + + Default configuration files vary by distribution. You might need + to add these sections and options rather than modifying existing + sections and options. Also, an ellipsis (``...``) in the configuration + snippets indicates potential default configuration options that you + should retain. + +#. Install the packages: + + .. code-block:: console + + # apt-get install swift swift-proxy python-swiftclient \ + python-keystoneclient python-keystonemiddleware \ + memcached + + .. note:: + + Complete OpenStack environments already include some of these + packages. + + 2. Create the ``/etc/swift`` directory. + + 3. Obtain the proxy service configuration file from the Object Storage + source repository: + + .. code-block:: console + + # curl -o /etc/swift/proxy-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/proxy-server.conf-sample?h=stable/mitaka + + 4. .. include:: controller-include.txt diff --git a/install-guide/source/controller-install.rst b/install-guide/source/controller-install.rst new file mode 100644 index 0000000000..f33faaf596 --- /dev/null +++ b/install-guide/source/controller-install.rst @@ -0,0 +1,18 @@ +.. _controller: + +Install and configure the controller node +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This section describes how to install and configure the proxy service that +handles requests for the account, container, and object services operating +on the storage nodes. + +Note that installation and configuration vary by distribution. + +.. toctree:: + :maxdepth: 1 + + controller-install-obs.rst + controller-install-rdo.rst + controller-install-ubuntu.rst + controller-install-debian.rst diff --git a/install-guide/source/finalize-installation-obs.rst b/install-guide/source/finalize-installation-obs.rst new file mode 100644 index 0000000000..2d45407217 --- /dev/null +++ b/install-guide/source/finalize-installation-obs.rst @@ -0,0 +1,80 @@ +.. _finalize-obs: + +Finalize installation for openSUSE and SUSE Linux Enterprise +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +.. note:: + + Default configuration files vary by distribution. You might need + to add these sections and options rather than modifying existing + sections and options. Also, an ellipsis (``...``) in the configuration + snippets indicates potential default configuration options that you + should retain. + +This section applies to openSUSE Leap 42.1 and SUSE Linux Enterprise Server +12 SP1. + +#. Edit the ``/etc/swift/swift.conf`` file and complete the following + actions: + + * In the ``[swift-hash]`` section, configure the hash path prefix and + suffix for your environment. + + .. code-block:: none + + [swift-hash] + ... + swift_hash_path_suffix = HASH_PATH_SUFFIX + swift_hash_path_prefix = HASH_PATH_PREFIX + + Replace HASH_PATH_PREFIX and HASH_PATH_SUFFIX with unique values. + + .. warning:: + + Keep these values secret and do not change or lose them. + + * In the ``[storage-policy:0]`` section, configure the default + storage policy: + + .. code-block:: none + + [storage-policy:0] + ... + name = Policy-0 + default = yes + +#. Copy the ``swift.conf`` file to the ``/etc/swift`` directory on + each storage node and any additional nodes running the proxy service. + +3. On all nodes, ensure proper ownership of the configuration directory: + + .. code-block:: console + + # chown -R root:swift /etc/swift + +4. On the controller node and any other nodes running the proxy service, + start the Object Storage proxy service including its dependencies and + configure them to start when the system boots: + + .. code-block:: console + + # systemctl enable openstack-swift-proxy.service memcached.service + # systemctl start openstack-swift-proxy.service memcached.service + +5. On the storage nodes, start the Object Storage services and configure + them to start when the system boots: + + .. code-block:: console + + # systemctl enable openstack-swift-account.service openstack-swift-account-auditor.service \ + openstack-swift-account-reaper.service openstack-swift-account-replicator.service + # systemctl start openstack-swift-account.service openstack-swift-account-auditor.service \ + openstack-swift-account-reaper.service openstack-swift-account-replicator.service + # systemctl enable openstack-swift-container.service openstack-swift-container-auditor.service \ + openstack-swift-container-replicator.service openstack-swift-container-updater.service + # systemctl start openstack-swift-container.service openstack-swift-container-auditor.service \ + openstack-swift-container-replicator.service openstack-swift-container-updater.service + # systemctl enable openstack-swift-object.service openstack-swift-object-auditor.service \ + openstack-swift-object-replicator.service openstack-swift-object-updater.service + # systemctl start openstack-swift-object.service openstack-swift-object-auditor.service \ + openstack-swift-object-replicator.service openstack-swift-object-updater.service diff --git a/install-guide/source/finalize-installation-rdo.rst b/install-guide/source/finalize-installation-rdo.rst new file mode 100644 index 0000000000..fd4f3e68bd --- /dev/null +++ b/install-guide/source/finalize-installation-rdo.rst @@ -0,0 +1,89 @@ +.. _finalize-rdo: + +Finalize installation for Red Hat Enterprise Linux and CentOS +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +.. note:: + + Default configuration files vary by distribution. You might need + to add these sections and options rather than modifying existing + sections and options. Also, an ellipsis (``...``) in the configuration + snippets indicates potential default configuration options that you + should retain. + +This section applies to Red Hat Enterprise Linux 7 and CentOS 7. + +#. Obtain the ``/etc/swift/swift.conf`` file from the Object + Storage source repository: + + .. code-block:: console + + # curl -o /etc/swift/swift.conf \ + https://git.openstack.org/cgit/openstack/swift/plain/etc/swift.conf-sample?h=stable/mitaka + +#. Edit the ``/etc/swift/swift.conf`` file and complete the following + actions: + + * In the ``[swift-hash]`` section, configure the hash path prefix and + suffix for your environment. + + .. code-block:: none + + [swift-hash] + ... + swift_hash_path_suffix = HASH_PATH_SUFFIX + swift_hash_path_prefix = HASH_PATH_PREFIX + + Replace HASH_PATH_PREFIX and HASH_PATH_SUFFIX with unique values. + + .. warning:: + + Keep these values secret and do not change or lose them. + + * In the ``[storage-policy:0]`` section, configure the default + storage policy: + + .. code-block:: none + + [storage-policy:0] + ... + name = Policy-0 + default = yes + +#. Copy the ``swift.conf`` file to the ``/etc/swift`` directory on + each storage node and any additional nodes running the proxy service. + +4. On all nodes, ensure proper ownership of the configuration directory: + + .. code-block:: console + + # chown -R root:swift /etc/swift + +5. On the controller node and any other nodes running the proxy service, + start the Object Storage proxy service including its dependencies and + configure them to start when the system boots: + + .. code-block:: console + + # systemctl enable openstack-swift-proxy.service memcached.service + # systemctl start openstack-swift-proxy.service memcached.service + +6. On the storage nodes, start the Object Storage services and configure + them to start when the system boots: + + .. code-block:: console + + # systemctl enable openstack-swift-account.service openstack-swift-account-auditor.service \ + openstack-swift-account-reaper.service openstack-swift-account-replicator.service + # systemctl start openstack-swift-account.service openstack-swift-account-auditor.service \ + openstack-swift-account-reaper.service openstack-swift-account-replicator.service + # systemctl enable openstack-swift-container.service \ + openstack-swift-container-auditor.service openstack-swift-container-replicator.service \ + openstack-swift-container-updater.service + # systemctl start openstack-swift-container.service \ + openstack-swift-container-auditor.service openstack-swift-container-replicator.service \ + openstack-swift-container-updater.service + # systemctl enable openstack-swift-object.service openstack-swift-object-auditor.service \ + openstack-swift-object-replicator.service openstack-swift-object-updater.service + # systemctl start openstack-swift-object.service openstack-swift-object-auditor.service \ + openstack-swift-object-replicator.service openstack-swift-object-updater.service diff --git a/install-guide/source/finalize-installation-ubuntu-debian.rst b/install-guide/source/finalize-installation-ubuntu-debian.rst new file mode 100644 index 0000000000..ca4dde8f26 --- /dev/null +++ b/install-guide/source/finalize-installation-ubuntu-debian.rst @@ -0,0 +1,80 @@ +.. _finalize-ubuntu-debian: + +Finalize installation for Ubuntu and Debian +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +.. note:: + + Default configuration files vary by distribution. You might need + to add these sections and options rather than modifying existing + sections and options. Also, an ellipsis (``...``) in the configuration + snippets indicates potential default configuration options that you + should retain. + +This section applies to Ubuntu 14.04 (LTS) and Debian. + +#. Obtain the ``/etc/swift/swift.conf`` file from the Object + Storage source repository: + + .. code-block:: console + + # curl -o /etc/swift/swift.conf \ + https://git.openstack.org/cgit/openstack/swift/plain/etc/swift.conf-sample?h=stable/mitaka + +#. Edit the ``/etc/swift/swift.conf`` file and complete the following + actions: + + * In the ``[swift-hash]`` section, configure the hash path prefix and + suffix for your environment. + + .. code-block:: none + + [swift-hash] + ... + swift_hash_path_suffix = HASH_PATH_SUFFIX + swift_hash_path_prefix = HASH_PATH_PREFIX + + Replace HASH_PATH_PREFIX and HASH_PATH_SUFFIX with unique values. + + .. warning:: + + Keep these values secret and do not change or lose them. + + * In the ``[storage-policy:0]`` section, configure the default + storage policy: + + .. code-block:: none + + [storage-policy:0] + ... + name = Policy-0 + default = yes + +#. Copy the ``swift.conf`` file to the ``/etc/swift`` directory on + each storage node and any additional nodes running the proxy service. + +4. On all nodes, ensure proper ownership of the configuration directory: + + .. code-block:: console + + # chown -R root:swift /etc/swift + +5. On the controller node and any other nodes running the proxy service, + restart the Object Storage proxy service including its dependencies: + + .. code-block:: console + + # service memcached restart + # service swift-proxy restart + +6. On the storage nodes, start the Object Storage services: + + .. code-block:: console + + # swift-init all start + + .. note:: + + The storage node runs many Object Storage services and the + :command:`swift-init` command makes them easier to manage. + You can ignore errors from services not running on the storage node. diff --git a/install-guide/source/finalize-installation.rst b/install-guide/source/finalize-installation.rst new file mode 100644 index 0000000000..cdd168a4ac --- /dev/null +++ b/install-guide/source/finalize-installation.rst @@ -0,0 +1,13 @@ +.. _finalize: + +Finalize installation +~~~~~~~~~~~~~~~~~~~~~ + +Finalizing installation varies by distribution. + +.. toctree:: + :maxdepth: 1 + + finalize-installation-obs.rst + finalize-installation-rdo.rst + finalize-installation-ubuntu-debian.rst diff --git a/install-guide/source/get_started.rst b/install-guide/source/get_started.rst new file mode 100644 index 0000000000..301f6a2ebd --- /dev/null +++ b/install-guide/source/get_started.rst @@ -0,0 +1,51 @@ +=============================== +Object Storage service overview +=============================== + +The OpenStack Object Storage is a multi-tenant object storage system. It +is highly scalable and can manage large amounts of unstructured data at +low cost through a RESTful HTTP API. + +It includes the following components: + +Proxy servers (swift-proxy-server) + Accepts OpenStack Object Storage API and raw HTTP requests to upload + files, modify metadata, and create containers. It also serves file + or container listings to web browsers. To improve performance, the + proxy server can use an optional cache that is usually deployed with + memcache. + +Account servers (swift-account-server) + Manages accounts defined with Object Storage. + +Container servers (swift-container-server) + Manages the mapping of containers or folders, within Object Storage. + +Object servers (swift-object-server) + Manages actual objects, such as files, on the storage nodes. + +Various periodic processes + Performs housekeeping tasks on the large data store. The replication + services ensure consistency and availability through the cluster. + Other periodic processes include auditors, updaters, and reapers. + +WSGI middleware + Handles authentication and is usually OpenStack Identity. + +swift client + Enables users to submit commands to the REST API through a + command-line client authorized as either a admin user, reseller + user, or swift user. + +swift-init + Script that initializes the building of the ring file, takes daemon + names as parameter and offers commands. Documented in + http://docs.openstack.org/developer/swift/admin_guide.html#managing-services. + +swift-recon + A cli tool used to retrieve various metrics and telemetry information + about a cluster that has been collected by the swift-recon middleware. + +swift-ring-builder + Storage ring build and rebalance utility. Documented in + http://docs.openstack.org/developer/swift/admin_guide.html#managing-the-rings. diff --git a/install-guide/source/index.rst b/install-guide/source/index.rst new file mode 100644 index 0000000000..7869e05f0c --- /dev/null +++ b/install-guide/source/index.rst @@ -0,0 +1,23 @@ +====================== +Object Storage service +====================== + +.. toctree:: + :maxdepth: 2 + + get_started.rst + controller-install.rst + storage-install.rst + initial-rings.rst + finalize-installation.rst + verify.rst + next-steps.rst + +The Object Storage services (swift) work together to provide +object storage and retrieval through a REST API. + +This chapter assumes a working setup of OpenStack following the +`OpenStack Installation Tutorial `_. + +Your environment must at least include the Identity service (keystone) +prior to deploying Object Storage. diff --git a/install-guide/source/initial-rings.rst b/install-guide/source/initial-rings.rst new file mode 100644 index 0000000000..37ae3b17fd --- /dev/null +++ b/install-guide/source/initial-rings.rst @@ -0,0 +1,253 @@ +Create and distribute initial rings +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Before starting the Object Storage services, you must create the initial +account, container, and object rings. The ring builder creates configuration +files that each node uses to determine and deploy the storage architecture. +For simplicity, this guide uses one region and two zones with 2^10 (1024) +maximum partitions, 3 replicas of each object, and 1 hour minimum time between +moving a partition more than once. For Object Storage, a partition indicates a +directory on a storage device rather than a conventional partition table. +For more information, see the +`Deployment Guide `__. + +.. note:: + Perform these steps on the controller node. + +Create account ring +------------------- + +The account server uses the account ring to maintain lists of containers. + +#. Change to the ``/etc/swift`` directory. + +#. Create the base ``account.builder`` file: + + .. code-block:: console + + # swift-ring-builder account.builder create 10 3 1 + + .. note:: + + This command provides no output. + +#. Add each storage node to the ring: + + .. code-block:: console + + # swift-ring-builder account.builder \ + add --region 1 --zone 1 --ip STORAGE_NODE_MANAGEMENT_INTERFACE_IP_ADDRESS --port 6002 \ + --device DEVICE_NAME --weight DEVICE_WEIGHT + + Replace ``STORAGE_NODE_MANAGEMENT_INTERFACE_IP_ADDRESS`` with the IP address + of the management network on the storage node. Replace ``DEVICE_NAME`` with a + storage device name on the same storage node. For example, using the first + storage node in :ref:`storage` with the ``/dev/sdb`` storage + device and weight of 100: + + .. code-block:: console + + # swift-ring-builder account.builder add \ + --region 1 --zone 1 --ip 10.0.0.51 --port 6002 --device sdb --weight 100 + + Repeat this command for each storage device on each storage node. In the + example architecture, use the command in four variations: + + .. code-block:: console + + # swift-ring-builder account.builder add \ + --region 1 --zone 1 --ip 10.0.0.51 --port 6002 --device sdb --weight 100 + Device d0r1z1-10.0.0.51:6002R10.0.0.51:6002/sdb_"" with 100.0 weight got id 0 + # swift-ring-builder account.builder add \ + --region 1 --zone 1 --ip 10.0.0.51 --port 6002 --device sdc --weight 100 + Device d1r1z2-10.0.0.51:6002R10.0.0.51:6002/sdc_"" with 100.0 weight got id 1 + # swift-ring-builder account.builder add \ + --region 1 --zone 2 --ip 10.0.0.52 --port 6002 --device sdb --weight 100 + Device d2r1z3-10.0.0.52:6002R10.0.0.52:6002/sdb_"" with 100.0 weight got id 2 + # swift-ring-builder account.builder add \ + --region 1 --zone 2 --ip 10.0.0.52 --port 6002 --device sdc --weight 100 + Device d3r1z4-10.0.0.52:6002R10.0.0.52:6002/sdc_"" with 100.0 weight got id 3 + +#. Verify the ring contents: + + .. code-block:: console + + # swift-ring-builder account.builder + account.builder, build version 4 + 1024 partitions, 3.000000 replicas, 1 regions, 2 zones, 4 devices, 100.00 balance, 0.00 dispersion + The minimum number of hours before a partition can be reassigned is 1 + The overload factor is 0.00% (0.000000) + Devices: id region zone ip address port replication ip replication port name weight partitions balance meta + 0 1 1 10.0.0.51 6002 10.0.0.51 6002 sdb 100.00 0 -100.00 + 1 1 1 10.0.0.51 6002 10.0.0.51 6002 sdc 100.00 0 -100.00 + 2 1 2 10.0.0.52 6002 10.0.0.52 6002 sdb 100.00 0 -100.00 + 3 1 2 10.0.0.52 6002 10.0.0.52 6002 sdc 100.00 0 -100.00 + +#. Rebalance the ring: + + .. code-block:: console + + # swift-ring-builder account.builder rebalance + Reassigned 1024 (100.00%) partitions. Balance is now 0.00. Dispersion is now 0.00 + +Create container ring +--------------------- + +The container server uses the container ring to maintain lists of objects. +However, it does not track object locations. + +#. Change to the ``/etc/swift`` directory. + +#. Create the base ``container.builder`` file: + + .. code-block:: console + + # swift-ring-builder container.builder create 10 3 1 + + .. note:: + + This command provides no output. + +#. Add each storage node to the ring: + + .. code-block:: console + + # swift-ring-builder container.builder \ + add --region 1 --zone 1 --ip STORAGE_NODE_MANAGEMENT_INTERFACE_IP_ADDRESS --port 6001 \ + --device DEVICE_NAME --weight DEVICE_WEIGHT + + Replace ``STORAGE_NODE_MANAGEMENT_INTERFACE_IP_ADDRESS`` with the IP address + of the management network on the storage node. Replace ``DEVICE_NAME`` with a + storage device name on the same storage node. For example, using the first + storage node in :ref:`storage` with the ``/dev/sdb`` + storage device and weight of 100: + + .. code-block:: console + + # swift-ring-builder container.builder add \ + --region 1 --zone 1 --ip 10.0.0.51 --port 6001 --device sdb --weight 100 + + Repeat this command for each storage device on each storage node. In the + example architecture, use the command in four variations: + + .. code-block:: console + + # swift-ring-builder container.builder add \ + --region 1 --zone 1 --ip 10.0.0.51 --port 6001 --device sdb --weight 100 + Device d0r1z1-10.0.0.51:6001R10.0.0.51:6001/sdb_"" with 100.0 weight got id 0 + # swift-ring-builder container.builder add \ + --region 1 --zone 1 --ip 10.0.0.51 --port 6001 --device sdc --weight 100 + Device d1r1z2-10.0.0.51:6001R10.0.0.51:6001/sdc_"" with 100.0 weight got id 1 + # swift-ring-builder container.builder add \ + --region 1 --zone 2 --ip 10.0.0.52 --port 6001 --device sdb --weight 100 + Device d2r1z3-10.0.0.52:6001R10.0.0.52:6001/sdb_"" with 100.0 weight got id 2 + # swift-ring-builder container.builder add \ + --region 1 --zone 2 --ip 10.0.0.52 --port 6001 --device sdc --weight 100 + Device d3r1z4-10.0.0.52:6001R10.0.0.52:6001/sdc_"" with 100.0 weight got id 3 + +#. Verify the ring contents: + + .. code-block:: console + + # swift-ring-builder container.builder + container.builder, build version 4 + 1024 partitions, 3.000000 replicas, 1 regions, 2 zones, 4 devices, 100.00 balance, 0.00 dispersion + The minimum number of hours before a partition can be reassigned is 1 + The overload factor is 0.00% (0.000000) + Devices: id region zone ip address port replication ip replication port name weight partitions balance meta + 0 1 1 10.0.0.51 6001 10.0.0.51 6001 sdb 100.00 0 -100.00 + 1 1 1 10.0.0.51 6001 10.0.0.51 6001 sdc 100.00 0 -100.00 + 2 1 2 10.0.0.52 6001 10.0.0.52 6001 sdb 100.00 0 -100.00 + 3 1 2 10.0.0.52 6001 10.0.0.52 6001 sdc 100.00 0 -100.00 + +#. Rebalance the ring: + + .. code-block:: console + + # swift-ring-builder container.builder rebalance + Reassigned 1024 (100.00%) partitions. Balance is now 0.00. Dispersion is now 0.00 + +Create object ring +------------------ + +The object server uses the object ring to maintain lists of object locations +on local devices. + +#. Change to the ``/etc/swift`` directory. + +#. Create the base ``object.builder`` file: + + .. code-block:: console + + # swift-ring-builder object.builder create 10 3 1 + + .. note:: + + This command provides no output. + +#. Add each storage node to the ring: + + .. code-block:: console + + # swift-ring-builder object.builder \ + add --region 1 --zone 1 --ip STORAGE_NODE_MANAGEMENT_INTERFACE_IP_ADDRESS --port 6000 \ + --device DEVICE_NAME --weight DEVICE_WEIGHT + + Replace ``STORAGE_NODE_MANAGEMENT_INTERFACE_IP_ADDRESS`` with the IP address + of the management network on the storage node. Replace ``DEVICE_NAME`` with + a storage device name on the same storage node. For example, using the first + storage node in :ref:`storage` with the ``/dev/sdb`` storage + device and weight of 100: + + .. code-block:: console + + # swift-ring-builder object.builder add \ + --region 1 --zone 1 --ip 10.0.0.51 --port 6000 --device sdb --weight 100 + + Repeat this command for each storage device on each storage node. In the + example architecture, use the command in four variations: + + .. code-block:: console + + # swift-ring-builder object.builder add \ + --region 1 --zone 1 --ip 10.0.0.51 --port 6000 --device sdb --weight 100 + Device d0r1z1-10.0.0.51:6000R10.0.0.51:6000/sdb_"" with 100.0 weight got id 0 + # swift-ring-builder object.builder add \ + --region 1 --zone 1 --ip 10.0.0.51 --port 6000 --device sdc --weight 100 + Device d1r1z2-10.0.0.51:6000R10.0.0.51:6000/sdc_"" with 100.0 weight got id 1 + # swift-ring-builder object.builder add \ + --region 1 --zone 2 --ip 10.0.0.52 --port 6000 --device sdb --weight 100 + Device d2r1z3-10.0.0.52:6000R10.0.0.52:6000/sdb_"" with 100.0 weight got id 2 + # swift-ring-builder object.builder add \ + --region 1 --zone 2 --ip 10.0.0.52 --port 6000 --device sdc --weight 100 + Device d3r1z4-10.0.0.52:6000R10.0.0.52:6000/sdc_"" with 100.0 weight got id 3 + +#. Verify the ring contents: + + .. code-block:: console + + # swift-ring-builder object.builder + object.builder, build version 4 + 1024 partitions, 3.000000 replicas, 1 regions, 2 zones, 4 devices, 100.00 balance, 0.00 dispersion + The minimum number of hours before a partition can be reassigned is 1 + The overload factor is 0.00% (0.000000) + Devices: id region zone ip address port replication ip replication port name weight partitions balance meta + 0 1 1 10.0.0.51 6000 10.0.0.51 6000 sdb 100.00 0 -100.00 + 1 1 1 10.0.0.51 6000 10.0.0.51 6000 sdc 100.00 0 -100.00 + 2 1 2 10.0.0.52 6000 10.0.0.52 6000 sdb 100.00 0 -100.00 + 3 1 2 10.0.0.52 6000 10.0.0.52 6000 sdc 100.00 0 -100.00 + +#. Rebalance the ring: + + .. code-block:: console + + # swift-ring-builder object.builder rebalance + Reassigned 1024 (100.00%) partitions. Balance is now 0.00. Dispersion is now 0.00 + +Distribute ring configuration files +----------------------------------- + +* Copy the ``account.ring.gz``, ``container.ring.gz``, and + ``object.ring.gz`` files to the ``/etc/swift`` directory + on each storage node and any additional nodes running the + proxy service. diff --git a/install-guide/source/next-steps.rst b/install-guide/source/next-steps.rst new file mode 100644 index 0000000000..de8f150460 --- /dev/null +++ b/install-guide/source/next-steps.rst @@ -0,0 +1,10 @@ +.. _next-steps: + +========== +Next steps +========== + +Your OpenStack environment now includes Object Storage. + +To add more services, see the +`additional documentation on installing OpenStack `_ . diff --git a/install-guide/source/storage-include1.txt b/install-guide/source/storage-include1.txt new file mode 100644 index 0000000000..3f25351856 --- /dev/null +++ b/install-guide/source/storage-include1.txt @@ -0,0 +1,41 @@ +Edit the ``/etc/swift/account-server.conf`` file and complete the +following actions: + +* In the ``[DEFAULT]`` section, configure the bind IP address, bind port, + user, configuration directory, and mount point directory: + + .. code-block:: none + + [DEFAULT] + ... + bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS + bind_port = 6002 + user = swift + swift_dir = /etc/swift + devices = /srv/node + mount_check = True + + Replace ``MANAGEMENT_INTERFACE_IP_ADDRESS`` with the IP address of the + management network on the storage node. + +* In the ``[pipeline:main]`` section, enable the appropriate modules: + + .. code-block:: none + + [pipeline:main] + pipeline = healthcheck recon account-server + + .. note:: + + For more information on other modules that enable additional features, + see the `Deployment Guide `__. + +* In the ``[filter:recon]`` section, configure the recon (meters) cache + directory: + + .. code-block:: none + + [filter:recon] + use = egg:swift#recon + ... + recon_cache_path = /var/cache/swift diff --git a/install-guide/source/storage-include2.txt b/install-guide/source/storage-include2.txt new file mode 100644 index 0000000000..835e9b2878 --- /dev/null +++ b/install-guide/source/storage-include2.txt @@ -0,0 +1,41 @@ +Edit the ``/etc/swift/container-server.conf`` file and complete the +following actions: + +* In the ``[DEFAULT]`` section, configure the bind IP address, bind port, + user, configuration directory, and mount point directory: + + .. code-block:: none + + [DEFAULT] + ... + bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS + bind_port = 6001 + user = swift + swift_dir = /etc/swift + devices = /srv/node + mount_check = True + + Replace ``MANAGEMENT_INTERFACE_IP_ADDRESS`` with the IP address of the + management network on the storage node. + +* In the ``[pipeline:main]`` section, enable the appropriate modules: + + .. code-block:: none + + [pipeline:main] + pipeline = healthcheck recon container-server + + .. note:: + + For more information on other modules that enable additional features, + see the `Deployment Guide `__. + +* In the ``[filter:recon]`` section, configure the recon (meters) cache + directory: + + .. code-block:: none + + [filter:recon] + use = egg:swift#recon + ... + recon_cache_path = /var/cache/swift diff --git a/install-guide/source/storage-include3.txt b/install-guide/source/storage-include3.txt new file mode 100644 index 0000000000..cd89acd392 --- /dev/null +++ b/install-guide/source/storage-include3.txt @@ -0,0 +1,42 @@ +Edit the ``/etc/swift/object-server.conf`` file and complete the +following actions: + +* In the ``[DEFAULT]`` section, configure the bind IP address, bind port, + user, configuration directory, and mount point directory: + + .. code-block:: none + + [DEFAULT] + ... + bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS + bind_port = 6000 + user = swift + swift_dir = /etc/swift + devices = /srv/node + mount_check = True + + Replace ``MANAGEMENT_INTERFACE_IP_ADDRESS`` with the IP address of the + management network on the storage node. + +* In the ``[pipeline:main]`` section, enable the appropriate modules: + + .. code-block:: none + + [pipeline:main] + pipeline = healthcheck recon object-server + + .. note:: + + For more information on other modules that enable additional features, + see the `Deployment Guide `__. + +* In the ``[filter:recon]`` section, configure the recon (meters) cache + and lock directories: + + .. code-block:: none + + [filter:recon] + use = egg:swift#recon + ... + recon_cache_path = /var/cache/swift + recon_lock_path = /var/lock diff --git a/install-guide/source/storage-install-obs.rst b/install-guide/source/storage-install-obs.rst new file mode 100644 index 0000000000..df88b83afb --- /dev/null +++ b/install-guide/source/storage-install-obs.rst @@ -0,0 +1,139 @@ +.. _storage-obs: + +Install and configure the storage nodes for openSUSE and SUSE Linux Enterprise +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This section describes how to install and configure storage nodes +that operate the account, container, and object services. For +simplicity, this configuration references two storage nodes, each +containing two empty local block storage devices. The instructions +use ``/dev/sdb`` and ``/dev/sdc``, but you can substitute different +values for your particular nodes. + +Although Object Storage supports any file system with +extended attributes (xattr), testing and benchmarking +indicate the best performance and reliability on XFS. For +more information on horizontally scaling your environment, see the +`Deployment Guide `_. + +This section applies to openSUSE Leap 42.1 and SUSE Linux Enterprise Server +12 SP1. + +Prerequisites +------------- + +Before you install and configure the Object Storage service on the +storage nodes, you must prepare the storage devices. + +.. note:: + + Perform these steps on each storage node. + +#. Install the supporting utility packages: + + .. code-block:: console + + # zypper install xfsprogs rsync + +#. Format the ``/dev/sdb`` and ``/dev/sdc`` devices as XFS: + + .. code-block:: console + + # mkfs.xfs /dev/sdb + # mkfs.xfs /dev/sdc + +#. Create the mount point directory structure: + + .. code-block:: console + + # mkdir -p /srv/node/sdb + # mkdir -p /srv/node/sdc + +#. Edit the ``/etc/fstab`` file and add the following to it: + + .. code-block:: none + + /dev/sdb /srv/node/sdb xfs noatime,nodiratime,nobarrier,logbufs=8 0 2 + /dev/sdc /srv/node/sdc xfs noatime,nodiratime,nobarrier,logbufs=8 0 2 + +#. Mount the devices: + + .. code-block:: console + + # mount /srv/node/sdb + # mount /srv/node/sdc + +#. Create or edit the ``/etc/rsyncd.conf`` file to contain the following: + + .. code-block:: none + + uid = swift + gid = swift + log file = /var/log/rsyncd.log + pid file = /var/run/rsyncd.pid + address = MANAGEMENT_INTERFACE_IP_ADDRESS + + [account] + max connections = 2 + path = /srv/node/ + read only = False + lock file = /var/lock/account.lock + + [container] + max connections = 2 + path = /srv/node/ + read only = False + lock file = /var/lock/container.lock + + [object] + max connections = 2 + path = /srv/node/ + read only = False + lock file = /var/lock/object.lock + + Replace ``MANAGEMENT_INTERFACE_IP_ADDRESS`` with the IP address of the + management network on the storage node. + + .. note:: + + The ``rsync`` service requires no authentication, so consider running + it on a private network in production environments. + +7. Start the ``rsyncd`` service and configure it to start when the + system boots: + + .. code-block:: console + + # systemctl enable rsyncd.service + # systemctl start rsyncd.service + +Install and configure components +-------------------------------- + +.. note:: + + Default configuration files vary by distribution. You might need + to add these sections and options rather than modifying existing + sections and options. Also, an ellipsis (``...``) in the configuration + snippets indicates potential default configuration options that you + should retain. + +.. note:: + + Perform these steps on each storage node. + +#. Install the packages: + + .. code-block:: console + + # zypper install openstack-swift-account \ + openstack-swift-container openstack-swift-object python-xml + +2. .. include:: storage-include1.txt +3. .. include:: storage-include2.txt +4. .. include:: storage-include3.txt +5. Ensure proper ownership of the mount point directory structure: + + .. code-block:: console + + # chown -R swift:swift /srv/node diff --git a/install-guide/source/storage-install-rdo.rst b/install-guide/source/storage-install-rdo.rst new file mode 100644 index 0000000000..3e2e379efb --- /dev/null +++ b/install-guide/source/storage-install-rdo.rst @@ -0,0 +1,155 @@ +.. _storage-rdo: + +Install and configure the storage nodes for Red Hat Enterprise Linux and CentOS +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This section describes how to install and configure storage nodes +that operate the account, container, and object services. For +simplicity, this configuration references two storage nodes, each +containing two empty local block storage devices. The instructions +use ``/dev/sdb`` and ``/dev/sdc``, but you can substitute different +values for your particular nodes. + +Although Object Storage supports any file system with +extended attributes (xattr), testing and benchmarking +indicate the best performance and reliability on XFS. For +more information on horizontally scaling your environment, see the +`Deployment Guide `_. + +This section applies to Red Hat Enterprise Linux 7 and CentOS 7. + +Prerequisites +------------- + +Before you install and configure the Object Storage service on the +storage nodes, you must prepare the storage devices. + +.. note:: + + Perform these steps on each storage node. + +#. Install the supporting utility packages: + + .. code-block:: console + + # yum install xfsprogs rsync + +#. Format the ``/dev/sdb`` and ``/dev/sdc`` devices as XFS: + + .. code-block:: console + + # mkfs.xfs /dev/sdb + # mkfs.xfs /dev/sdc + +#. Create the mount point directory structure: + + .. code-block:: console + + # mkdir -p /srv/node/sdb + # mkdir -p /srv/node/sdc + +#. Edit the ``/etc/fstab`` file and add the following to it: + + .. code-block:: none + + /dev/sdb /srv/node/sdb xfs noatime,nodiratime,nobarrier,logbufs=8 0 2 + /dev/sdc /srv/node/sdc xfs noatime,nodiratime,nobarrier,logbufs=8 0 2 + +#. Mount the devices: + + .. code-block:: console + + # mount /srv/node/sdb + # mount /srv/node/sdc + +#. Create or edit the ``/etc/rsyncd.conf`` file to contain the following: + + .. code-block:: none + + uid = swift + gid = swift + log file = /var/log/rsyncd.log + pid file = /var/run/rsyncd.pid + address = MANAGEMENT_INTERFACE_IP_ADDRESS + + [account] + max connections = 2 + path = /srv/node/ + read only = False + lock file = /var/lock/account.lock + + [container] + max connections = 2 + path = /srv/node/ + read only = False + lock file = /var/lock/container.lock + + [object] + max connections = 2 + path = /srv/node/ + read only = False + lock file = /var/lock/object.lock + + Replace ``MANAGEMENT_INTERFACE_IP_ADDRESS`` with the IP address of the + management network on the storage node. + + .. note:: + + The ``rsync`` service requires no authentication, so consider running + it on a private network in production environments. + +7. Start the ``rsyncd`` service and configure it to start when the + system boots: + + .. code-block:: console + + # systemctl enable rsyncd.service + # systemctl start rsyncd.service + +Install and configure components +-------------------------------- + +.. note:: + + Default configuration files vary by distribution. You might need + to add these sections and options rather than modifying existing + sections and options. Also, an ellipsis (``...``) in the configuration + snippets indicates potential default configuration options that you + should retain. + +.. note:: + + Perform these steps on each storage node. + +#. Install the packages: + + .. code-block:: console + + # yum install openstack-swift-account openstack-swift-container \ + openstack-swift-object + +2. Obtain the accounting, container, and object service configuration + files from the Object Storage source repository: + + .. code-block:: console + + # curl -o /etc/swift/account-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/account-server.conf-sample?h=stable/mitaka + # curl -o /etc/swift/container-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/container-server.conf-sample?h=stable/mitaka + # curl -o /etc/swift/object-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/object-server.conf-sample?h=stable/mitaka + +3. .. include:: storage-include1.txt +4. .. include:: storage-include2.txt +5. .. include:: storage-include3.txt +6. Ensure proper ownership of the mount point directory structure: + + .. code-block:: console + + # chown -R swift:swift /srv/node + +7. Create the ``recon`` directory and ensure proper ownership of it: + + .. code-block:: console + + # mkdir -p /var/cache/swift + # chown -R root:swift /var/cache/swift + # chmod -R 775 /var/cache/swift diff --git a/install-guide/source/storage-install-ubuntu-debian.rst b/install-guide/source/storage-install-ubuntu-debian.rst new file mode 100644 index 0000000000..a429989dd2 --- /dev/null +++ b/install-guide/source/storage-install-ubuntu-debian.rst @@ -0,0 +1,159 @@ +.. _storage-ubuntu-debian: + +Install and configure the storage nodes for Ubuntu and Debian +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This section describes how to install and configure storage nodes +that operate the account, container, and object services. For +simplicity, this configuration references two storage nodes, each +containing two empty local block storage devices. The instructions +use ``/dev/sdb`` and ``/dev/sdc``, but you can substitute different +values for your particular nodes. + +Although Object Storage supports any file system with +extended attributes (xattr), testing and benchmarking +indicate the best performance and reliability on XFS. For +more information on horizontally scaling your environment, see the +`Deployment Guide `_. + +This section applies to Ubuntu 14.04 (LTS) and Debian. + +Prerequisites +------------- + +Before you install and configure the Object Storage service on the +storage nodes, you must prepare the storage devices. + +.. note:: + + Perform these steps on each storage node. + +#. Install the supporting utility packages: + + .. code-block:: console + + # apt-get install xfsprogs rsync + +#. Format the ``/dev/sdb`` and ``/dev/sdc`` devices as XFS: + + .. code-block:: console + + # mkfs.xfs /dev/sdb + # mkfs.xfs /dev/sdc + +#. Create the mount point directory structure: + + .. code-block:: console + + # mkdir -p /srv/node/sdb + # mkdir -p /srv/node/sdc + +#. Edit the ``/etc/fstab`` file and add the following to it: + + .. code-block:: none + + /dev/sdb /srv/node/sdb xfs noatime,nodiratime,nobarrier,logbufs=8 0 2 + /dev/sdc /srv/node/sdc xfs noatime,nodiratime,nobarrier,logbufs=8 0 2 + +#. Mount the devices: + + .. code-block:: console + + # mount /srv/node/sdb + # mount /srv/node/sdc + +#. Create or edit the ``/etc/rsyncd.conf`` file to contain the following: + + .. code-block:: none + + uid = swift + gid = swift + log file = /var/log/rsyncd.log + pid file = /var/run/rsyncd.pid + address = MANAGEMENT_INTERFACE_IP_ADDRESS + + [account] + max connections = 2 + path = /srv/node/ + read only = False + lock file = /var/lock/account.lock + + [container] + max connections = 2 + path = /srv/node/ + read only = False + lock file = /var/lock/container.lock + + [object] + max connections = 2 + path = /srv/node/ + read only = False + lock file = /var/lock/object.lock + + Replace ``MANAGEMENT_INTERFACE_IP_ADDRESS`` with the IP address of the + management network on the storage node. + + .. note:: + + The ``rsync`` service requires no authentication, so consider running + it on a private network in production environments. + +7. Edit the ``/etc/default/rsync`` file and enable the ``rsync`` + service: + + .. code-block:: none + + RSYNC_ENABLE=true + +8. Start the ``rsync`` service: + + .. code-block:: console + + # service rsync start + +Install and configure components +-------------------------------- + +.. note:: + + Default configuration files vary by distribution. You might need + to add these sections and options rather than modifying existing + sections and options. Also, an ellipsis (``...``) in the configuration + snippets indicates potential default configuration options that you + should retain. + +.. note:: + + Perform these steps on each storage node. + +#. Install the packages: + + .. code-block:: console + + # apt-get install swift swift-account swift-container swift-object + +2. Obtain the accounting, container, and object service configuration + files from the Object Storage source repository: + + .. code-block:: console + + # curl -o /etc/swift/account-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/account-server.conf-sample?h=stable/mitaka + # curl -o /etc/swift/container-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/container-server.conf-sample?h=stable/mitaka + # curl -o /etc/swift/object-server.conf https://git.openstack.org/cgit/openstack/swift/plain/etc/object-server.conf-sample?h=stable/mitaka + +3. .. include:: storage-include1.txt +4. .. include:: storage-include2.txt +5. .. include:: storage-include3.txt +6. Ensure proper ownership of the mount point directory structure: + + .. code-block:: console + + # chown -R swift:swift /srv/node + +7. Create the ``recon`` directory and ensure proper ownership of it: + + .. code-block:: console + + # mkdir -p /var/cache/swift + # chown -R root:swift /var/cache/swift + # chmod -R 775 /var/cache/swift diff --git a/install-guide/source/storage-install.rst b/install-guide/source/storage-install.rst new file mode 100644 index 0000000000..38f2b6875e --- /dev/null +++ b/install-guide/source/storage-install.rst @@ -0,0 +1,16 @@ +.. _storage: + +Install and configure the storage nodes +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This section describes how to install and configure storage nodes +that operate the account, container, and object services. + +Note that installation and configuration vary by distribution. + +.. toctree:: + :maxdepth: 1 + + storage-install-obs.rst + storage-install-rdo.rst + storage-install-ubuntu-debian.rst diff --git a/install-guide/source/verify.rst b/install-guide/source/verify.rst new file mode 100644 index 0000000000..7b29e6d1db --- /dev/null +++ b/install-guide/source/verify.rst @@ -0,0 +1,96 @@ +.. _verify: + +Verify operation +~~~~~~~~~~~~~~~~ + +Verify operation of the Object Storage service. + +.. note:: + + Perform these steps on the controller node. + +.. warning:: + + If you are using Red Hat Enterprise Linux 7 or CentOS 7 and one or more of + these steps do not work, check the ``/var/log/audit/audit.log`` file for + SELinux messages indicating denial of actions for the ``swift`` processes. + If present, change the security context of the ``/srv/node`` directory to + the lowest security level (s0) for the ``swift_data_t`` type, ``object_r`` + role and the ``system_u`` user: + + .. code-block:: console + + # chcon -R system_u:object_r:swift_data_t:s0 /srv/node + +#. Source the ``demo`` credentials: + + .. code-block:: console + + $ . demo-openrc + +#. Show the service status: + + .. code-block:: console + + $ swift stat + Account: AUTH_ed0b60bf607743088218b0a533d5943f + Containers: 0 + Objects: 0 + Bytes: 0 + Containers in policy "policy-0": 0 + Objects in policy "policy-0": 0 + Bytes in policy "policy-0": 0 + X-Account-Project-Domain-Id: default + X-Timestamp: 1444143887.71539 + X-Trans-Id: tx1396aeaf17254e94beb34-0056143bde + Content-Type: text/plain; charset=utf-8 + Accept-Ranges: bytes + +#. Create ``container1`` container: + + .. code-block:: console + + $ openstack container create container1 + +---------------------------------------+------------+------------------------------------+ + | account | container | x-trans-id | + +---------------------------------------+------------+------------------------------------+ + | AUTH_ed0b60bf607743088218b0a533d5943f | container1 | tx8c4034dc306c44dd8cd68-0056f00a4a | + +---------------------------------------+------------+------------------------------------+ + +#. Upload a test file to the ``container1`` container: + + .. code-block:: console + + $ openstack object create container1 FILE + +--------+------------+----------------------------------+ + | object | container | etag | + +--------+------------+----------------------------------+ + | FILE | container1 | ee1eca47dc88f4879d8a229cc70a07c6 | + +--------+------------+----------------------------------+ + + Replace ``FILE`` with the name of a local file to upload to the + ``container1`` container. + +#. List files in the ``container1`` container: + + .. code-block:: console + + $ openstack object list container1 + +------+ + | Name | + +------+ + | FILE | + +------+ + +#. Download a test file from the ``container1`` container: + + .. code-block:: console + + $ openstack object save container1 FILE + + Replace ``FILE`` with the name of the file uploaded to the + ``container1`` container. + + .. note:: + + This command provides no output. diff --git a/test-requirements.txt b/test-requirements.txt index 6f237978d3..933bc68cae 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -8,6 +8,7 @@ coverage nose nosexcover nosehtmloutput +openstackdocstheme>=1.0.3 # Apache-2.0 oslosphinx sphinx>=1.1.2,!=1.2.0,!=1.3b1,<1.3 # BSD os-api-ref>=0.1.0 # Apache-2.0 diff --git a/tox.ini b/tox.ini index 5becdf2a9e..54cbf1c0b9 100644 --- a/tox.ini +++ b/tox.ini @@ -74,6 +74,12 @@ commands = rm -rf api-ref/build sphinx-build -W -b html -d api-ref/build/doctrees api-ref/source api-ref/build/html +[testenv:install-guide] +# NOTE(jaegerandi): this target does not use constraints because +# upstream infra does not yet support it. Once that's fixed, we can +# drop the install_command. +install_command = pip install -U --force-reinstall {opts} {packages} +commands = sphinx-build -a -E -W -d install-guide/build/doctrees -b html install-guide/source install-guide/build/html [testenv:bandit] deps = -r{toxinidir}/test-requirements.txt