一、对象存储

1.1 介绍

通过对象存储,将数据存储为对象,每个对象除了包含数据,还包含数据自身的元数据

对象通过Object ID来检索,无法通过普通文件系统操作来直接访问对象,只能通过API来访问,或者第三方客户端(实际上也是对API的封装)

对象存储中的对象不整理到目录树中,而是存储在扁平的命名空间中,Amazon S3将这个扁平命名空间称为bucket。而swift则将其称为容器

无论是bucket还是容器,都不能嵌套

bucket需要被授权才能访问到,一个帐户可以对多个bucket授权,而权限可以不同

对象存储的优点:易扩展、快速检索

1.2 Rados网关介绍

RADOS网关也称为Ceph对象网关、RADOSGW、RGW,是一种服务,使客户端能够利用标准对象存储API来访问Ceph集群。它支持S3和Swift API

rgw运行于librados之上,事实上就是一个称之为Civetweb的web服务器来响应api请求

客户端使用标准api与rgw通信,而rgw则使用librados与ceph集群通信

rgw客户端通过s3或者swift api使用rgw用户进行身份验证。然后rgw网关代表用户利用cephx与ceph存储进行身份验证

二、RADOS网关部署

2.1 配置radosgw

[root@ceph5 ~]#  ceph auth get-or-create client.rgw.ceph5  mon 'allow rwx' osd 'allow rwx' -o /etc/ceph/backup.client.rgw.ceph5.keyring --cluster backup

[root@ceph5 ~]# vim /etc/ceph/backup.conf

fsid = 51dda18c--4edb-8ba9-27330ead81a7
mon_initial_members = ceph5
mon_host = 172.25.250.14 auth_cluster_required = cephx
auth_service_required = cephx
auth_client_required = cephx public_network = 172.25.250.0/
cluster_network = 172.25.250.0/ [mgr]
mgr modules = dashboard [client.rgw.ceph5]
host = ceph5
keyring = /etc/ceph/backup.client.rgw.ceph5.keyring
rgw_frontends = civetweb port=

[root@ceph5 ~]# systemctl restart ceph-radosgw@rgw.ceph5

[root@ceph5 ~]# ps -ef|grep rados

root             : ?        :: /usr/bin/radosgw -f --cluster backup --name client.rgw.ceph5 --setuser ceph --setgroup ceph

[root@ceph5 ~]# netstat -ntlp|grep 80

tcp               0.0.0.0:              0.0.0.0:*               LISTEN      /radosgw

[root@ceph5 ~]# ceph osd pool ls

[root@ceph5 ~]# ceph -s

[root@ceph5 ~]# ceph osd pool application enable rbd rbd

[root@ceph5 ~]# ceph osd pool application enable rbdmirror rbd

[root@ceph5 ~]# ceph -s

[root@ceph5 ~]#  cat /usr/lib/systemd/system/ceph-radosgw@.service

[Unit]
Description=Ceph rados gateway
After=network-online.target local-fs.target time-sync.target
Wants=network-online.target local-fs.target time-sync.target
PartOf=ceph-radosgw.target [Service]
LimitNOFILE=
LimitNPROC=
EnvironmentFile=-/etc/sysconfig/ceph
Environment=CLUSTER=ceph
ExecStart=/usr/bin/radosgw -f --cluster ${CLUSTER} --name client.%i --setuser ceph --setgroup ceph
PrivateDevices=yes
ProtectHome=true
ProtectSystem=full
PrivateTmp=true
TasksMax=infinity
Restart=on-failure
StartLimitInterval=30s
StartLimitBurst= [Install]
WantedBy=ceph-radosgw.target

2.2 定义监听的线程数

[root@ceph5 ~]# vim /etc/ceph/backup.conf

[client.rgw.ceph5]
host = ceph5
keyring = /etc/ceph/backup.client.rgw.ceph5.keyring
rgw_frontends = civetweb port= num_threads=
log = /var/log/ceph/$cluster.$name.log

[root@ceph5 ~]# systemctl restart ceph-radosgw@rgw.ceph5

[root@ceph5 ~]# ps -ef|grep rados

ceph    : ? :: /usr/bin/radosgw -f --cluster backup --name client.rgw.ceph5 --setuser ceph --setgroup ceph

2.3 访问rados网关

[root@ceph5 ~]# curl http://ceph5

<?xml version="1.0" encoding="UTF-8"?><ListAllMyBucketsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Owner><ID>anonymous</ID><DisplayName></DisplayName></Owner><Buckets></Buckets></ListAllMyBucketsResult>

三、S3对象存储

3.1 S3简介

S3由Amazon于2006年推出,全称为Simple Storage Service

S3定义了对象存储,是对象存储事实上的标准,从某种意义上说,S3就是对象存储,对象存储就是S3

S3是对象存储市场的霸主,后续的对象存储都是对S3的模仿

3.2 用户以及权限设置

创建radosgw的用户

[root@ceph5 ~]#  radosgw-admin user create --uid joy --display-name 'Joy Ning'

{
"user_id": "joy",
"display_name": "Joy Ning",
"email": "",
"suspended": ,
"max_buckets": ,
"auid": ,
"subusers": [],
"keys": [
{
"user": "joy",
"access_key": "X0CVIF04TAJVTN9D29UL",
"secret_key": "vMmPqPap0FC0IRC5J3t9AIPgXNoiw1H9TOWELd5B"
}
],
"swift_keys": [],
"caps": [],
"op_mask": "read, write, delete",
"default_placement": "",
"placement_tags": [],
"bucket_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -,
"max_size_kb": ,
"max_objects": -
},
"user_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -,
"max_size_kb": ,
"max_objects": -
},
"temp_url_keys": [],
"type": "rgw"
}

"Joy Ning"

修改信息

[root@ceph5 ~]# radosgw-admin user modify --uid joy --display-name 'joy Ningrui'  --max_buckets 2000

禁用suspend

[root@ceph5 ~]# radosgw-admin user suspend --uid joy

启用

[root@ceph5 ~]# radosgw-admin user enable --uid joy

列出用户

[root@ceph5 ~]# radosgw-admin user list

删除用户

[root@ceph5 ~]# radosgw-admin user rm --uid joy

[root@ceph5 ~]# radosgw-admin user list

[root@ceph5 ~]#  radosgw-admin user create --uid joy --display-name 'Joy Ning'

{
"user_id": "joy",
"display_name": "Joy Ning",
"email": "",
"suspended": ,
"max_buckets": ,
"auid": ,
"subusers": [],
"keys": [
{
"user": "joy",
"access_key": "5XCV68WUQJFFJPVM3UHK",
"secret_key": "xhaA2YB1CA3xH54xLbmwPcglqjDyuFez36F8XGuG"
}
],
"swift_keys": [],
"caps": [],
"op_mask": "read, write, delete",
"default_placement": "",
"placement_tags": [],
"bucket_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -,
"max_size_kb": ,
"max_objects": -
},
"user_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -,
"max_size_kb": ,
"max_objects": -
},
"temp_url_keys": [],
"type": "rgw"
}

[root@ceph5 ~]# radosgw-admin key create --uid joy --display-name 'Joy Ning' --key-type=s3  --gen-access-key --gen-secret

删除key

[root@ceph5 ~]# radosgw-admin key rm --uid joy --display-name 'Joy Ning' --key-type=s3 --access-key HPT1SBAXCXW46ZACKPY0

3.3 设置配额

基于用户的配额

[root@ceph5 ~]# radosgw-admin quota set --quota-scope=user --uid=joy --max-size 1

[root@ceph5 ~]# radosgw-admin user info --uid joy

开启配额

[root@ceph5 ~]# radosgw-admin quota enable --quota-scope=user --uid joy

[root@ceph5 ~]# radosgw-admin user info --uid joy

[root@ceph5 ~]# radosgw-admin quota set --quota-scope=bucket --uid=joy --max-size 1

[root@ceph5 ~]# radosgw-admin quota enable --quota-scope=bucket --uid=joy

[root@ceph5 ~]# radosgw-admin user info --uid joy

注:如果两个都进行配置,则那个先到,使用哪一个

关闭配额

可以disable

[root@ceph5 ~]# radosgw-admin quota disable  --quota-scope=bucket --uid=joy

也可以参数设为1

[root@ceph5 ~]# radosgw-admin quota set --quota-scope=user --uid joy --max-size -1

[root@ceph5 ~]# radosgw-admin user info --uid joy

3.4 统计数据

统计所有

[root@ceph5 ~]# radosgw-admin usage show --uid joy

[root@ceph5 ~]# radosgw-admin usage show --uid joy --start-date 2019-03-19 21:00:00 --end-date 2019-03-19 22:00:00

3.5 利用rados网关来访问s3对象

[root@ceph5 ~]#  vim /etc/ceph/backup.conf

[root@ceph5 ~]# systemctl restart ceph-radosgw@rgw.ceph5
[root@ceph5 ~]# ps -ef|grep rados

ceph             : ?        :: /usr/bin/radosgw -f --cluster backup --name client.rgw.ceph5 --setuser ceph --setgroup ceph

四 验证配置

4.1 配置s3cmd

[root@ceph1 ceph]# yum -y install s3cmd

[root@ceph1 ceph]# s3cmd --configure

root@ceph6's password:
Permission denied, please try again.
root@ceph6's password:
hosts % .6MB/s :
[root@ceph1 ceph]# s3cmd --configure Enter new values or accept defaults in brackets with Enter.
Refer to user manual for detailed description of all options. Access key and Secret key are your identifiers for Amazon S3. Leave them empty for using the env variables.
Access Key: 5XCV68WUQJFFJPVM3UHK
Secret Key: xhaA2YB1CA3xH54xLbmwPcglqjDyuFez36F8XGuG
Default Region [US]: Encryption password is used to protect your files from reading
by unauthorized persons while in transfer to S3
Encryption password: redhat
Path to GPG program [/usr/bin/gpg]: When using secure HTTPS protocol all communication with Amazon S3
servers is protected from 3rd party eavesdropping. This method is
slower than plain HTTP, and can only be proxied with Python 2.7 or newer
Use HTTPS protocol [Yes]: no On some networks all internet access must go through a HTTP proxy.
Try setting it here if you can't connect to S3 directly
HTTP Proxy server name: ceph5.lab.example.com
HTTP Proxy server port []: New settings:
Access Key: 5XCV68WUQJFFJPVM3UHK
Secret Key: xhaA2YB1CA3xH54xLbmwPcglqjDyuFez36F8XGuG
Default Region: US
Encryption password: redhat
Path to GPG program: /usr/bin/gpg
Use HTTPS protocol: False
HTTP Proxy server name: ceph5.lab.example.com
HTTP Proxy server port: Test access with supplied credentials? [Y/n] n Save settings? [y/N] y
Configuration saved to '/root/.s3cfg'

[root@ceph1 ceph]# vim /root/.s3cfg

host_base = ceph5
host_bucket = %(bucket)s.ceph5.lab.example.com
cloudfront_host = cloudfront.amazonaws.com
website_endpoint = http://%(bucket)s.ceph5.lab.example.com/

4.2 创建bucket

[root@ceph1 ceph]# s3cmd mb s3://test

4.3 传送数据

[root@ceph1 ceph]# echo 11111 >/tmp/demoobject

[root@ceph1 ceph]# s3cmd put --acl-public /tmp/demoobject s3://test/demoobject

[root@ceph1 ceph]# vim /etc/hosts

172.25.250.10  ceph1    ceph1.lab.example.com servera
172.25.250.11 ceph2 ceph2.lab.example.com serverb
172.25.250.12 ceph3 ceph3.lab.example.com serverc
172.25.250.13 ceph4 ceph4.lab.example.com serverd
172.25.250.14 ceph5 ceph5.lab.example.com servere test.ceph5.lab.example.com

4.4 访问bucket

[root@ceph1 ceph]# curl http://test.ceph5.lab.example.com/demoobject

4.5 查看bucket

到服务端看

[root@ceph5 ~]# radosgw-admin bucket list

[root@ceph5 ~]# radosgw-admin bucket stats --bucket=test

{
"bucket": "test",
"zonegroup": "e80133e1-a513-44f5-ba90-e25b6c987b26",
"placement_rule": "default-placement",
"explicit_placement": {
"data_pool": "",
"data_extra_pool": "",
"index_pool": ""
},
"id": "1b85c5b1-19d2-48a1-bb45-3ac75895aeed.4235.1",
"marker": "1b85c5b1-19d2-48a1-bb45-3ac75895aeed.4235.1",
"index_type": "Normal",
"owner": "joy",
"ver": "0#3",
"master_ver": "0#0",
"mtime": "2019-03-19 22:02:50.726716",
"max_marker": "0#",
"usage": {
"rgw.main": {
"size": ,
"size_actual": ,
"size_utilized": ,
"size_kb": ,
"size_kb_actual": ,
"size_kb_utilized": ,
"num_objects":
}
},
"bucket_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -,
"max_size_kb": ,
"max_objects": -
}
}

[root@ceph5 ~]# radosgw-admin bucket check --bucket=test

删除

[root@ceph5 ~]# radosgw-admin bucket rm --bucket=test

[root@ceph1 ceph]# s3cmd put --acl-public  /etc/ceph/ceph.conf  s3://test/ceph

upload: '/etc/ceph/ceph.conf' -> 's3://test/ceph'  [ of ]
of % in 0s 20.96 kB/s done
Public URL of the object is: http://test.ceph5/ceph

[root@ceph1 ceph]# curl http://test.ceph5.lab.example.com/ceph

# Please do not change this file directly since it is managed by Ansible and will be overwritten

[global]
fsid = 35a91e48--4e96-a7ee-980ab989d20d mon initial members = ceph2,ceph3,ceph4
mon host = 172.25.250.11,172.25.250.12,172.25.250.13 public network = 172.25.250.0/
cluster network = 172.25.250.0/ auth_cluster_required = cephx
auth_service_required = cephx
auth_client_required = cephx [osd]
osd mkfs type = xfs
osd mkfs options xfs = -f -i size=
osd mount options xfs = noatime,largeio,inode64,swalloc
osd journal size = [mon]
mon_allow_pool_delete = true

[root@ceph1 ceph]# s3cmd get s3://test/demoobject ./demoobject

download: 's3://test/demoobject' -> './demoobject' [ of ]
of % in 0s 1346.20 B/s done

[root@ceph1 ceph]# cat ./demoobject

4.6 查看底层数据

[root@ceph5 ~]# ceph osd pool ls
rbd
rbdmirror
.rgw.root
default.rgw.control
default.rgw.meta
default.rgw.log
default.rgw.buckets.index
default.rgw.buckets.data
[root@ceph5 ~]# rados -p default.rgw.buckets.index ls --cluster backup
.dir.1b85c5b1-19d2-48a1-bb45-3ac75895aeed.4235.1
[root@ceph5 ~]# rados -p default.rgw.buckets.data ls
error opening pool default.rgw.buckets.data: () No such file or directory
[root@ceph5 ~]# rados -p default.rgw.buckets.data ls --cluster backup
1b85c5b1-19d2-48a1-bb45-3ac75895aeed..1_demoobject
1b85c5b1-19d2-48a1-bb45-3ac75895aeed..1_ceph

实验完成


博主声明:本文的内容来源主要来自誉天教育晏威老师,由本人实验完成操作验证,需要的博友请联系誉天教育(http://www.yutianedu.com/),获得官方同意或者晏老师(https://www.cnblogs.com/breezey/)本人同意即可转载,谢谢!

010 Ceph RGW对象存储的更多相关文章

  1. Ceph之对象存储网关RADOS Gateway(RGW)

    一.Ceph整体架构及RGW在Ceph中的位置 1.Ceph的整体架构 Ceph是一个统一的.分布式的的存储系统,具有优秀的性能.可靠性和可扩展性.Ceph支持对象存储(RADOSGW).块存储(RB ...

  2. CEPH-4:ceph RadowGW对象存储功能详解

    ceph RadosGW对象存储使用详解 一个完整的ceph集群,可以提供块存储.文件系统和对象存储. 本节主要介绍对象存储RadosGw功能如何灵活的使用,集群背景: $ ceph -s clust ...

  3. 一篇文章让你理解Ceph的三种存储接口(块设备、文件系统、对象存储)

    “Ceph是一个开源的.统一的.分布式的存储系统”,这是我们宣传Ceph时常说的一句话,其中“统一”是说Ceph可以一套存储系统同时提供块设备存储.文件系统存储和对象存储三种存储功能.一听这句话,具有 ...

  4. 趣解 ceph rgw multisite data sync 机制

    multisite是ceph rgw对象数据异地容灾备份的一个有效方案,笔者希望深入理解该技术,并应用于生产环境中,然而rgw的这部分代码晦涩难懂,笔者多次尝试阅读,仍云里雾里不解其意,最终流着泪咬着 ...

  5. ceph 007 双向池同步 rgw对象网关配置 s3对象存储

    增量导入导出要基于快照 导出的过程当中害怕镜像被修改所以打快照.快照的数据是不会变化的 镜像级别的双向同步 镜像主到备,备到主.一对一 就算是池模式的双向同步,镜像也具有主备关系 双向同步,池模式 [ ...

  6. Ceph对象存储网关中的索引工作原理<转>

    Ceph 对象存储网关允许你通过 Swift 及 S3 API 访问 Ceph .它将这些 API 请求转化为 librados 请求.Librados 是一个非常出色的对象存储(库)但是它无法高效的 ...

  7. 腾讯云存储专家深度解读基于Ceph对象存储的混合云机制

    背景 毫无疑问,乘着云计算发展的东风,Ceph已经是当今最火热的软件定义存储开源项目.如下图所示,它在同一底层平台之上可以对外提供三种存储接口,分别是文件存储.对象存储以及块存储,本文主要关注的是对象 ...

  8. 006.Ceph对象存储基础使用

    一 Ceph文件系统 1.1 概述 Ceph 对象网关是一个构建在 librados 之上的对象存储接口,它为应用程序访问Ceph 存储集群提供了一个 RESTful 风格的网关 . Ceph 对象存 ...

  9. ceph 对象存储跨机房容灾

    场景分析 每个机房的Ceph都是独立的cluster,彼此之间没有任何关系. 多个机房都独立的提供对象存储功能,每个Ceph Radosgw都有自己独立的命名空间和存储空间. 这样带来两个问题: 针对 ...

随机推荐

  1. 如何将英文PDF文献翻译成中文

    方法一:利用Google的本地文档翻译功能 这种方法比较简单,打开Google翻译首页http://translate.google.cn/, 选择"上传文档" 选择文件,开始翻译 ...

  2. 阿里云BaaS:降低区块链应用门槛,用技术构建商业互信

    5月8日,阿里云召开区块链服务(BaaS)商业化发布会,会上对BaaS产品.业务应用场景及生态策略进行了全面解读. 对于广大IT服务商和开发者而言,构建区块链应用存在三大痛点问题:成本高,研发投入大. ...

  3. oracle函数 INSTR(C1,C2[,I[,J]])

    [功能]在一个字符串中搜索指定的字符,返回发现指定的字符的位置; [说明]多字节符(汉字.全角符等),按1个字符计算 [参数] C1    被搜索的字符串 C2    希望搜索的字符串 I     搜 ...

  4. JQuery完整验证&密码的显示与隐藏&验证码

    HTML <link href="bootstrap.css" rel="stylesheet"> <link href="gloa ...

  5. H3C路由器SSH服务配置命令

  6. @noi.ac - 442@ 牛羊被他抢了

    目录 @description@ @solution@ @accepted code@ @details@ @description@ 众所周知小G热衷于搏弈,有一天他来到你的大草原上,抢走了你所有的 ...

  7. 模块化Vs组件化

    模块化&组件化 原因 图解 模块化Module 概念 使用 目的 依赖 架构定位 内容:组件内的Script 组件化 概念 使用 目的:复用,解耦 依赖 架构定位 内容:template.st ...

  8. hdu 3374 String Problem (字符串最小最大表示 + KMP求循环节)

    Problem - 3374   KMP求循环节. http://www.cnblogs.com/wuyiqi/archive/2012/01/06/2314078.html   循环节推导的证明相当 ...

  9. H3C 常见ISDN连接方式

  10. H3C PPP MP简介