1 of 28

Ceph Object Storage

2 of 28

3 of 28

What is RADOSGW

  • radosgw 是 Ceph 的一個 Component, 是以 daemon 的形式存在於系統. 提供 S3/Swift RESTful gateway 功能. Application 透過 radosgw 經由 librados 存取 Ceph Storage Clusters

4 of 28

在 ceph.conf 裡面的 [client.radosgw.gateway]

/etc/ceph/ceph.conf

user

keyring

host

5 of 28

如何取得 Swift 相關的重要資訊?

Command

#swift stat -v

6 of 28

Swift 到底把 object 放在哪裡?

/var/lib/glance/ndoe

Control node

(node-7,8, 9)

Compute node

(node-10)

7 of 28

CloudBerry online backup

(Keystone user authorization)

8 of 28

CloudBerry online Backup

Tenant: user tenant

User: keystone user

Api key: password

Endpoint: Keystone Identity Endpoint URL

Keystone version: 2

9 of 28

Ceph-based Object Storage

Access Demo

10 of 28

11 of 28

Ceph Object Storage User Admin

Ceph Object Storage service 的使用者管理, 提供兩種 user 型態

  • user: a user of the S3 interface
  • subuser: a user of the Swift inter. A subuser is associated to a user

12 of 28

We are here!

13 of 28

Create S3 User and Swift User 範例

# S3 user

radosgw-admin user create --uid=jing --display-name="tom Jing" --email="tom_jing@compal.com"

# Swift user

radosgw-admin subuser create --uid=abc --subuser=jing:swift --display-name="tom Jing" --email="tom_jing@compal.com" --access=full

14 of 28

radosgw-admin user info --uid= <user-name>

15 of 28

更多的操作

  • 新增 user /刪除 user / 修改 user info
  • Enable user/ Disable user
  • 建立 key/ 刪除 key/
  • 新增 capacity: read/write/...
  • 設定 quota: 可以限制最大/最小 object 數
  • 查詢某個 user 從 4/1 ~4/30 的活動

--purge-data: 相關的資料也會被刪除

16 of 28

Swift Explorer Demo

(KeyStone user authority)

17 of 28

Swift Explorer (installation)

Tenant: user tenant

User: Keystone user

Password: user password

18 of 28

CyberDucker

(Keystone user authority)

19 of 28

Cyberduck (OpenStack Swift HTTP)

Tenant: user tenant

Tenant ID:Access Key: Keystone user

Secret Key: user password

20 of 28

CloudBerry Online Backup Demo

(radosgw Swift user authority)

21 of 28

CloudBerry online Backup

User: Radosgw swift user

Api Key: secret key

Endpoint: object store endpoint

22 of 28

CloudBerry Explorer Demo

(S3 user)

23 of 28

CloudBerry Explorer

Service point: S3 endpoint

Access key: S3 user access key

Secret key: S3 user secret key

24 of 28

CloudBerry Explorer for OpenStack Demo (Failure)

download

25 of 28

References

  • Ceph Admin Guide, http://docs.ceph.com/docs/master/radosgw/admin/

26 of 28

Appendix

27 of 28

radosgw-admin user create --uid=jing --display-name="tom Jing" --email="tom_jing@compal.com"

163 radosgw-admin subuser create --uid=jing-swift --subuser=jing:swift --display-name="tom Jing" --email="tom_jing@compal.com"

164 radosgw-admin subuser create --uid=abc --subuser=jing:swift --display-name="tom Jing" --email="tom_jing@compal.com" --access=full

165 radosgw-admin user info --uid=jing

166 radosgw-admin subuser modify --uid=jing:swift --access=full

167 radosgw-admin subuser modify --uid=jing-swift --access=full

168 radosgw-admin subuser modify --uid=jing:swift --access=full

169 radosgw-admin user rm --uid=jing

170 radosgw-admin user info --uid=jing

171 radosgw-admin user create --uid=jing --display-name="tom Jing" --email="tom_jing@compal.com"

172 radosgw-admin subuser create --uid=abc --subuser=jing:swift --display-name="tom Jing" --email="tom_jing@compal.com" --access=full

173 radosgw-admin subuser modify --uid=jing:swift --access=full

174 radosgw-admin subuser modify --subuser=jing:swift --access=full

175 radosgw-admin key create --uid=jing --key-type=s3 --gen-access-key --gen-secret

176 radosgw-admin key create --subuser=jing:swift --key-type=swift --gen-access-key --gen-secret

177 radosgw-admin caps add --uid=jing --caps="[users|buckets|metadata|usage|zone]=[*|read|write|read, write]"

28 of 28