#!/bin/bash
source /etc/xiandian/openrc.sh
source /etc/keystone/admin-openrc.sh
yum install openstack-swift-proxy python-swiftclient python-keystoneclient python-keystonemiddleware memcached -y
openstack user create --domain $DOMAIN_NAME --password $SWIFT_PASS swift
openstack role add --project service --user swift admin
openstack service create --name swift --description "OpenStack Object Storage" object-store
openstack endpoint create --region RegionOne object-store public http://$HOST_NAME:8080/v1/AUTH_%\(tenant_id\)s
openstack endpoint create --region RegionOne object-store internal http://$HOST_NAME:8080/v1/AUTH_%\(tenant_id\)s
openstack endpoint create --region RegionOne object-store admin http://$HOST_NAME:8080/v1
cat <<EOF > /etc/swift/proxy-server.conf
[DEFAULT]
bind_port = 8080
#配置对象存储服务组件使用的端口
swift_dir = /etc/swift
#配置对象存储服务组件使用的路径
user = swift
#配置对象存储服务组件使用的用户
[pipeline:main]
pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk ratelimit authtoken keystoneauth container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server
# 启用相应的模块
[app:proxy-server]
use = egg:swift#proxy
account_autocreate = True
# 用法
# 启用自动账户创建
[filter:tempauth]
use = egg:swift#tempauth
user_admin_admin = admin .admin .reseller_admin
#配置角色
user_test_tester = testing .admin
user_test2_tester2 = testing2 .admin
user_test_tester3 = testing3
user_test5_tester5 = testing5 service
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
auth_uri = http://$HOST_NAME:5000
auth_url = http://$HOST_NAME:35357
memcached_servers = $HOST_NAME:11211
auth_type = password
project_domain_name = $DOMAIN_NAME
user_domain_name = $DOMAIN_NAME
project_name = service
username = swift
password = $SWIFT_PASS
delay_auth_decision = True
[filter:keystoneauth]
use = egg:swift#keystoneauth
operator_roles = admin,user
[filter:healthcheck]
use = egg:swift#healthcheck
[filter:cache]
memcache_servers = $HOST_NAME:11211
# 配置memcached的访问路径
use = egg:swift#memcache
[filter:ratelimit]
use = egg:swift#ratelimit
[filter:domain_remap]
use = egg:swift#domain_remap
[filter:catch_errors]
use = egg:swift#catch_errors
[filter:cname_lookup]
use = egg:swift#cname_lookup
[filter:staticweb]
use = egg:swift#staticweb
[filter:tempurl]
use = egg:swift#tempurl
[filter:formpost]
use = egg:swift#formpost
[filter:name_check]
use = egg:swift#name_check
[filter:list-endpoints]
use = egg:swift#list_endpoints
[filter:proxy-logging]
use = egg:swift#proxy_logging
[filter:bulk]
use = egg:swift#bulk
[filter:slo]
use = egg:swift#slo
[filter:dlo]
use = egg:swift#dlo
[filter:container-quotas]
use = egg:swift#container_quotas
[filter:account-quotas]
use = egg:swift#account_quotas
[filter:gatekeeper]
use = egg:swift#gatekeeper
[filter:container_sync]
use = egg:swift#container_sync
[filter:xprofile]
use = egg:swift#xprofile
[filter:versioned_writes]
use = egg:swift#versioned_writes
EOF
pushd /etc/swift
swift-ring-builder account.builder create 18 1 1
# 创建/etc/swift/account.builder文件
swift-ring-builder account.builder add --region 1 --zone 1 --ip $STORAGE_LOCAL_NET_IP --port 6002 --device $OBJECT_DISK --weight 100
# 为 account ring 添加存储节点
swift-ring-builder account.builder
# 确认ring的内容
swift-ring-builder account.builder rebalance
# 重平衡ring
swift-ring-builder container.builder create 10 1 1
# 创建/etc/swift/container.builder文件
swift-ring-builder container.builder add --region 1 --zone 1 --ip $STORAGE_LOCAL_NET_IP --port 6001 --device $OBJECT_DISK --weight 100
# 为 container ring 添加存储节点
swift-ring-builder container.builder
# 确认ring的内容
swift-ring-builder container.builder rebalance
# 重平衡ring
swift-ring-builder object.builder create 10 1 1
# 创建/etc/swift/object.builder文件
swift-ring-builder object.builder add --region 1 --zone 1 --ip $STORAGE_LOCAL_NET_IP --port 6000 --device $OBJECT_DISK --weight 100
# 为 object.builder添加存储节点
swift-ring-builder object.builder
# 确认ring的内容
swift-ring-builder object.builder rebalance
# 重平衡ring
popd
#---------------
cat << EOF > /etc/swift/swift.conf
[swift-hash]
swift_hash_path_suffix = changeme
swift_hash_path_prefix = changeme
# 配置hash路径的后缀
# 配置hash路径的前缀
[storage-policy:0]
name = Policy-0
default = yes
aliases = yellow, orange
# 配置默认存储策略的名字
# 开启默认存储策略
#
[swift-constraints]
EOF
chown -R root:swift /etc/swift
systemctl enable openstack-swift-proxy.service memcached.service
systemctl restart openstack-swift-proxy.service memcached.service
(2017真题)编写 shell 脚本文件 swift-muli.sh,实现 swift 云存储账号的批量创建和容器的批量删除,要求如下:
(1)使用命令“/bin/bash swift-muli.sh create keystoneuser.txt”批量创建用户账号,账号名称及密码读取自附件文件 keystoneuser.txt,文件中第一列为 keystone云存储账号,第二列为对应的密码。云存储账号的项目名与账号名称相同,账号在项目中拥有“user”权限,并使用云存储账号名创建容器。
(2)使用命令“/bin/bash swift-muli.sh delete container keystoneuser.txt”批量删除用户容器,删除 keystoneuser.txt 中云存储账号名下的所有容器。提交shell脚本swift-muli.sh的全部文本内容及执行批量创建用户后查询用户列表的截图到答题框。
#!/bin/bash
source /etc/xiandian/openrc.sh
yum install xfsprogs rsync openstack-swift-account openstack-swift-container openstack-swift-object -y
mkfs.xfs -i size=1024 -f /dev/$OBJECT_DISK
sed -i '/nodiratime/d' /etc/fstab
echo "/dev/$OBJECT_DISK /swift/node xfs loop,noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab
mkdir -p /swift/node
mount /dev/$OBJECT_DISK /swift/node
scp $HOST_NAME:/etc/swift/*.ring.gz /etc/swift/
cat <<EOF > /etc/rsyncd.conf
pid file = /var/run/rsyncd.pid
log file = /var/log/rsyncd.log
# 配置同步服务器
# pip文件路径
# 日志文件路径
uid = swift
gid = swift
address = 127.0.0.1
[account]
path = /swift/node
read only = false
write only = no
list = yes
incoming chmod = 0644
outgoing chmod = 0644
max connections = 25
lock file = /var/lock/account.lock
[container]
path = /swift/node
read only = false
write only = no
list = yes
incoming chmod = 0644
outgoing chmod = 0644
max connections = 25
lock file = /var/lock/container.lock
[object]
path = /swift/node
read only = false
write only = no
list = yes
incoming chmod = 0644
outgoing chmod = 0644
max connections = 25
lock file = /var/lock/object.lock
[swift_server]
path = /etc/swift
read only = true
write only = no
list = yes
incoming chmod = 0644
outgoing chmod = 0644
max connections = 5
lock file = /var/lock/swift_server.lock
EOF
systemctl enable rsyncd.service
systemctl restart rsyncd.service
cat <<EOF > /etc/swift/account-server.conf
[DEFAULT]
bind_port = 6002
user = swift
swift_dir = /etc/swift
devices = /swift/node
mount_check = false
[pipeline:main]
pipeline = healthcheck recon account-server
[app:account-server]
use = egg:swift#account
[filter:healthcheck]
use = egg:swift#healthcheck
[filter:recon]
use = egg:swift#recon
recon_cache_path = /var/cache/swift
[account-replicator]
[account-auditor]
[account-reaper]
[filter:xprofile]
use = egg:swift#xprofile
EOF
cat <<EOF > /etc/swift/container-server.conf
[DEFAULT]
bind_port = 6001
user = swift
swift_dir = /etc/swift
devices = /swift/node
mount_check = false
# 配置account 使用的端口
# 配置account使用的用户
# 配置路径
# 配置挂载点
[pipeline:main]
pipeline = healthcheck recon container-server
# 启用相关模块
[app:container-server]
use = egg:swift#container
[filter:healthcheck]
use = egg:swift#healthcheck
[filter:recon]
use = egg:swift#recon
recon_cache_path = /var/cache/swift
# 配置rcon缓存目录
[container-replicator]
[container-updater]
[container-auditor]
[container-sync]
[filter:xprofile]
use = egg:swift#xprofile
EOF
cat <<EOF > /etc/swift/object-server.conf
[DEFAULT]
bind_port = 6000
user = swift
swift_dir = /etc/swift
devices = /swift/node
mount_check = false
[pipeline:main]
pipeline = healthcheck recon object-server
[app:object-server]
use = egg:swift#object
[filter:healthcheck]
use = egg:swift#healthcheck
[filter:recon]
use = egg:swift#recon
recon_cache_path = /var/cache/swift
recon_lock_path = /var/lock
# 配置rcon缓存目录
# 配置lock路径
[object-replicator]
[object-reconstructor]
[object-updater]
[object-auditor]
[filter:xprofile]
use = egg:swift#xprofile
EOF
cat <<EOF > /etc/swift/swift.conf
[swift-hash]
swift_hash_path_suffix = changeme
swift_hash_path_prefix = changeme
[storage-policy:0]
name = Policy-0
default = yes
aliases = yellow, orange
[swift-constraints]
EOF
chown -R swift:swift /swift/node
mkdir -p /var/cache/swift
chown -R root:swift /var/cache/swift
# 设置挂载点的属主
# 创建rcon目录
# 设置rcon目录的属组
chmod -R 775 /var/cache/swift
chown -R root:swift /etc/swift
systemctl enable openstack-swift-account.service openstack-swift-account-auditor.service openstack-swift-account-reaper.service openstack-swift-account-replicator.service
systemctl restart openstack-swift-account.service openstack-swift-account-auditor.service openstack-swift-account-reaper.service openstack-swift-account-replicator.service
systemctl enable openstack-swift-container.service openstack-swift-container-auditor.service openstack-swift-container-replicator.service openstack-swift-container-updater.service
systemctl restart openstack-swift-container.service openstack-swift-container-auditor.service openstack-swift-container-replicator.service openstack-swift-container-updater.service
systemctl enable openstack-swift-object.service openstack-swift-object-auditor.service openstack-swift-object-replicator.service openstack-swift-object-updater.service
systemctl restart openstack-swift-object.service openstack-swift-object-auditor.service openstack-swift-object-replicator.service openstack-swift-object-updater.service
[root@controller ~]# cat swift-muli.sh
#!/bin/bash
source /etc/keystone/admin-openrc.sh
if [[ $1 = "create" ]];
then
cat $2 | while read line
do
user=$(echo $line | awk '{print $1}')
pass=$(echo $line | awk '{print $2}')
openstack user create --password $pass --domain demo $user
openstack project create --domain demo $user
openstack role add --user $user --project $user user
swift --os-auth-url http://controller:5000/v3 --auth-version 3 --os-project-name $user
--os-project-domain-name demo --os-username $user --os-user-domain-name demo
--os-password $pass post $user
done
elif [[ $1 = "deletecontainer" ]];
then
cat $2 | while read line
do
user=$(echo $line | awk '{print $1}')
pass=$(echo $line | awk '{print $2}')
swift --os-auth-url http://controller:5000/v3 --auth-version 3 --os-project-name $user
--os-project-domain-name demo --os-username $user --os-user-domain-name demo
--os-password $pass delete --all
done
else
echo "Error:Please use create/deletecontainer to create/delete user's container !"
fi
1、脚本存在 create 和 deletecontainer 的判断语句得 0.5 分
2、脚本存在对外部文件的读取方面的语句得 0.5 分
3、脚本存在创建账号和容器的命令得 0.5 分
4、脚本存在删除容器的命令得 0.5 分
5、截图中包含 testuser1、user001、user002、adminuser 且表格格式相同得 1 分
链接: 先电Openstack 脚本解读(环境准备).
链接: 先电Openstack 脚本解读(MySQL).
链接: 先电Openstack 脚本解读(Keystone).
链接: 先电Openstack 脚本解读(Glance).
链接: 先电Openstack 脚本解读(Nova).
链接: 先电Openstack 脚本解读(neutron,gre,vlan,flat).
链接: 先电Openstack 脚本解读(Dashboard).
链接: 先电Openstack 脚本解读(cinder).
链接: 先电Openstack 脚本解读(swift).
链接: 先电Openstack 脚本解读(Trove).
链接: 先电Openstack 脚本解读(Heat).
链接: 先电Openstack 脚本解读(ceilometer).
链接: 先电Openstack 脚本解读(alarm).
链接: 先电Openstack 脚本解读(uninstall-all).
链接: openstack pike 单机 一键安装脚本.