Ubuntu 24.04 上安装 OpenStack Swift-详细内容

文章内容

2025/11/5 1:24:22,作者: 黄兵

Ubuntu 24.04 上安装 OpenStack Swift

好的！我给您提供直接在 Ubuntu 24.04 上安装 OpenStack Swift 的完整步骤。

10GB 的硬盘我们可以分成 4 个分区来模拟多节点环境。

第一步：准备硬盘 sdb (10GB)

# 查看硬盘信息
lsblk
sudo fdisk -l /dev/sdb

# 创建 4 个分区（每个约 2.5GB）
sudo parted /dev/sdb mklabel gpt
sudo parted /dev/sdb mkpart primary xfs 0% 25%
sudo parted /dev/sdb mkpart primary xfs 25% 50%
sudo parted /dev/sdb mkpart primary xfs 50% 75%
sudo parted /dev/sdb mkpart primary xfs 75% 100%

# 查看分区结果
lsblk /dev/sdb

# 格式化为 XFS 文件系统（Swift 推荐）
sudo mkfs.xfs -f /dev/sdb1
sudo mkfs.xfs -f /dev/sdb2
sudo mkfs.xfs -f /dev/sdb3
sudo mkfs.xfs -f /dev/sdb4

# 创建挂载点
sudo mkdir -p /srv/node/sdb1
sudo mkdir -p /srv/node/sdb2
sudo mkdir -p /srv/node/sdb3
sudo mkdir -p /srv/node/sdb4

# 配置自动挂载
for i in {1..4}; do
    UUID=$(sudo blkid -s UUID -o value /dev/sdb${i})
    echo "UUID=${UUID} /srv/node/sdb${i} xfs noatime 0 2" | sudo tee -a /etc/fstab
done

# 挂载所有分区
sudo mount -a

# 验证挂载
df -h | grep sdb

第二步：安装系统依赖

# 更新系统
sudo apt-get update
sudo apt-get upgrade -y

# 安装必要的包
sudo apt-get install -y curl gcc memcached rsync sqlite3 xfsprogs \
    git-core libffi-dev python3-setuptools liberasurecode-dev libssl-dev \
    python3-dev python3-pip

第三步：安装 OpenStack Swift

# 安装 Swift 及相关组件
sudo apt-get install -y swift swift-proxy swift-account swift-container swift-object \
    python3-swiftclient python3-keystoneclient python3-keystonemiddleware

# 验证安装
swift-proxy-server --version

第四步：配置存储目录权限

# 创建 swift 用户（如果不存在）
sudo useradd -r -s /bin/false swift 2>/dev/null || true

# 设置目录所有者
sudo chown -R swift:swift /srv/node

# 创建必要的目录
sudo mkdir -p /var/cache/swift /var/cache/swift2 /var/cache/swift3 /var/cache/swift4
sudo chown -R swift:swift /var/cache/swift*

sudo mkdir -p /var/run/swift
sudo chown -R swift:swift /var/run/swift

sudo mkdir -p /etc/swift/account-server /etc/swift/container-server \
    /etc/swift/object-server /etc/swift/proxy-server
sudo chown -R swift:swift /etc/swift

第五步：配置 rsync

# 创建 rsync 配置
sudo nano /etc/rsyncd.conf

粘贴以下内容：

uid = swift
gid = swift
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
address = 127.0.0.1

[account]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/account.lock

[container]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/container.lock

[object]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/object.lock

# 启用并启动 rsync
sudo systemctl enable rsync
sudo systemctl start rsync
sudo systemctl status rsync

第六步：配置 memcached

# 编辑 memcached 配置
sudo nano /etc/memcached.conf
```

确保有以下行（默认应该已经有）：
```
-l 127.0.0.1
-m 512

# 重启 memcached
sudo systemctl restart memcached
sudo systemctl enable memcached
sudo systemctl status memcached

第七步：创建 Swift 配置文件

1. 创建 swift.conf

sudo nano /etc/swift/swift.conf

内容：

[swift-hash]
# 生成随机字符串作为 hash 前缀和后缀
swift_hash_path_suffix = $(openssl rand -hex 10)
swift_hash_path_prefix = $(openssl rand -hex 10)

[storage-policy:0]
name = Policy-0
default = yes

注意：实际使用时，将 $(openssl rand -hex 10) 替换为实际生成的随机字符串：

# 生成随机字符串
openssl rand -hex 10
openssl rand -hex 10

然后手动填入配置文件。

2. 创建 proxy-server.conf

sudo nano /etc/swift/proxy-server.conf

内容：

[DEFAULT]
bind_port = 8080
user = swift
log_facility = LOG_LOCAL1
eventlet_debug = true

[pipeline:main]
pipeline = catch_errors gatekeeper healthcheck proxy-logging cache listing_formats tempauth proxy-logging proxy-server

[app:proxy-server]
use = egg:swift#proxy
account_autocreate = true
allow_account_management = true

[filter:tempauth]
use = egg:swift#tempauth
user_admin_admin = admin .admin .reseller_admin
user_test_tester = testing .admin
user_test2_tester2 = testing2 .admin
user_test_tester3 = testing3

[filter:healthcheck]
use = egg:swift#healthcheck

[filter:cache]
use = egg:swift#memcache
memcache_servers = 127.0.0.1:11211

[filter:proxy-logging]
use = egg:swift#proxy_logging

[filter:catch_errors]
use = egg:swift#catch_errors

[filter:gatekeeper]
use = egg:swift#gatekeeper

[filter:listing_formats]
use = egg:swift#listing_formats

3. 创建 account-server.conf

sudo nano /etc/swift/proxy-server.conf

内容：

[DEFAULT]
bind_port = 8080
user = swift
log_facility = LOG_LOCAL1
eventlet_debug = true

[pipeline:main]
pipeline = catch_errors gatekeeper healthcheck proxy-logging cache listing_formats tempauth proxy-logging proxy-server

[app:proxy-server]
use = egg:swift#proxy
account_autocreate = true
allow_account_management = true

[filter:tempauth]
use = egg:swift#tempauth
user_admin_admin = admin .admin .reseller_admin
user_test_tester = testing .admin
user_test2_tester2 = testing2 .admin
user_test_tester3 = testing3

[filter:healthcheck]
use = egg:swift#healthcheck

[filter:cache]
use = egg:swift#memcache
memcache_servers = 127.0.0.1:11211

[filter:proxy-logging]
use = egg:swift#proxy_logging

[filter:catch_errors]
use = egg:swift#catch_errors

[filter:gatekeeper]
use = egg:swift#gatekeeper

[filter:listing_formats]
use = egg:swift#listing_formats

4. 创建 container-server.conf

sudo nano /etc/swift/account-server.conf

内容：

[DEFAULT]
bind_ip = 0.0.0.0
bind_port = 6202
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = false

[pipeline:main]
pipeline = healthcheck recon account-server

[app:account-server]
use = egg:swift#account

[filter:healthcheck]
use = egg:swift#healthcheck

[filter:recon]
use = egg:swift#recon
recon_cache_path = /var/cache/swift

[account-replicator]

[account-auditor]

[account-reaper]

5. 创建 object-server.conf

sudo nano /etc/swift/account-server.conf

内容：

[DEFAULT]
bind_ip = 0.0.0.0
bind_port = 6202
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = false

[pipeline:main]
pipeline = healthcheck recon account-server

[app:account-server]
use = egg:swift#account

[filter:healthcheck]
use = egg:swift#healthcheck

[filter:recon]
use = egg:swift#recon
recon_cache_path = /var/cache/swift

[account-replicator]

[account-auditor]

[account-reaper]

第八步：创建 Ring 文件

cd /etc/swift

# 创建 account ring
sudo -u swift swift-ring-builder account.builder create 10 3 1
sudo -u swift swift-ring-builder account.builder add --region 1 --zone 1 --ip 127.0.0.1 --port 6202 --device sdb1 --weight 100
sudo -u swift swift-ring-builder account.builder add --region 1 --zone 2 --ip 127.0.0.1 --port 6202 --device sdb2 --weight 100
sudo -u swift swift-ring-builder account.builder add --region 1 --zone 3 --ip 127.0.0.1 --port 6202 --device sdb3 --weight 100
sudo -u swift swift-ring-builder account.builder add --region 1 --zone 4 --ip 127.0.0.1 --port 6202 --device sdb4 --weight 100
sudo -u swift swift-ring-builder account.builder rebalance

# 创建 container ring
sudo -u swift swift-ring-builder container.builder create 10 3 1
sudo -u swift swift-ring-builder container.builder add --region 1 --zone 1 --ip 127.0.0.1 --port 6201 --device sdb1 --weight 100
sudo -u swift swift-ring-builder container.builder add --region 1 --zone 2 --ip 127.0.0.1 --port 6201 --device sdb2 --weight 100
sudo -u swift swift-ring-builder container.builder add --region 1 --zone 3 --ip 127.0.0.1 --port 6201 --device sdb3 --weight 100
sudo -u swift swift-ring-builder container.builder add --region 1 --zone 4 --ip 127.0.0.1 --port 6201 --device sdb4 --weight 100
sudo -u swift swift-ring-builder container.builder rebalance

# 创建 object ring
sudo -u swift swift-ring-builder object.builder create 10 3 1
sudo -u swift swift-ring-builder object.builder add --region 1 --zone 1 --ip 127.0.0.1 --port 6200 --device sdb1 --weight 100
sudo -u swift swift-ring-builder object.builder add --region 1 --zone 2 --ip 127.0.0.1 --port 6200 --device sdb2 --weight 100
sudo -u swift swift-ring-builder object.builder add --region 1 --zone 3 --ip 127.0.0.1 --port 6200 --device sdb3 --weight 100
sudo -u swift swift-ring-builder object.builder add --region 1 --zone 4 --ip 127.0.0.1 --port 6200 --device sdb4 --weight 100
sudo -u swift swift-ring-builder object.builder rebalance

# 验证 ring
sudo -u swift swift-ring-builder account.builder
sudo -u swift swift-ring-builder container.builder
sudo -u swift swift-ring-builder object.builder

第九步：设置配置文件权限

sudo chown -R swift:swift /etc/swift
sudo find /etc/swift -type f -name "*.conf" -exec chmod 640 {} \;
sudo find /etc/swift -type f -name "*.gz" -exec chmod 644 {} \;
sudo find /etc/swift -type f -name "*.builder" -exec chmod 644 {} \;

第十步：启动 Swift 服务

# 启动所有服务
sudo swift-init all start

# 或者单独启动每个服务
sudo systemctl start swift-proxy
sudo systemctl start swift-account
sudo systemctl start swift-account-auditor
sudo systemctl start swift-account-reaper
sudo systemctl start swift-account-replicator
sudo systemctl start swift-container
sudo systemctl start swift-container-auditor
sudo systemctl start swift-container-replicator
sudo systemctl start swift-container-updater
sudo systemctl start swift-object
sudo systemctl start swift-object-auditor
sudo systemctl start swift-object-replicator
sudo systemctl start swift-object-updater

# 设置开机自启
sudo systemctl enable swift-proxy
sudo systemctl enable swift-account
sudo systemctl enable swift-account-auditor
sudo systemctl enable swift-account-reaper
sudo systemctl enable swift-account-replicator
sudo systemctl enable swift-container
sudo systemctl enable swift-container-auditor
sudo systemctl enable swift-container-replicator
sudo systemctl enable swift-container-updater
sudo systemctl enable swift-object
sudo systemctl enable swift-object-auditor
sudo systemctl enable swift-object-replicator
sudo systemctl enable swift-object-updater

# 检查服务状态
sudo swift-init all status

第十一步：验证安装

# 1. 检查 Swift 状态
curl http://localhost:8080/info

# 2. 获取认证令牌
curl -v -H "X-Auth-User: test:tester" \
     -H "X-Auth-Key: testing" \
     http://localhost:8080/auth/v1.0

# 保存返回的 X-Auth-Token 和 X-Storage-Url
# 例如：
# X-Auth-Token: AUTH_tk1234567890abcdef
# X-Storage-Url: http://localhost:8080/v1/AUTH_test

# 3. 创建容器（替换 {token} 为上面获取的令牌）
curl -X PUT -H "X-Auth-Token: {token}" \
     http://localhost:8080/v1/AUTH_test/mycontainer

# 4. 上传文件
echo "Hello Swift!" > test.txt
curl -X PUT -T test.txt \
     -H "X-Auth-Token: {token}" \
     http://localhost:8080/v1/AUTH_test/mycontainer/test.txt

# 5. 列出容器内容
curl -H "X-Auth-Token: {token}" \
     http://localhost:8080/v1/AUTH_test/mycontainer

# 6. 下载文件
curl -H "X-Auth-Token: {token}" \
     http://localhost:8080/v1/AUTH_test/mycontainer/test.txt

# 7. 查看账户信息
curl -i -H "X-Auth-Token: {token}" \
     http://localhost:8080/v1/AUTH_test

第十二步：配置 Swift 客户端

# 设置环境变量
cat >> ~/.bashrc << 'EOF'

# OpenStack Swift 环境变量
export ST_AUTH=http://localhost:8080/auth/v1.0
export ST_USER=test:tester
export ST_KEY=testing
EOF

source ~/.bashrc

# 使用 Swift 命令行工具
swift stat
swift list
swift upload mycontainer test.txt
swift list mycontainer
swift download mycontainer test.txt

第十三步：创建管理脚本

1. 状态检查脚本

sudo nano /usr/local/bin/swift-status

内容：

#!/bin/bash

echo "=== Swift 服务状态 ==="
swift-init all status

echo -e "\n=== 监听端口 ==="
sudo netstat -tlnp | grep -E ":(8080|6200|6201|6202)"

echo -e "\n=== 存储使用情况 ==="
df -h | grep sdb

echo -e "\n=== Ring 信息 ==="
swift-ring-builder /etc/swift/account.builder
swift-ring-builder /etc/swift/container.builder
swift-ring-builder /etc/swift/object.builder

echo -e "\n=== 最近错误日志 ==="
sudo tail -20 /var/log/syslog | grep swift

sudo chmod +x /usr/local/bin/swift-status

2. 获取令牌脚本

sudo nano /usr/local/bin/swift-token

内容：

#!/bin/bash

RESPONSE=$(curl -s -i -H "X-Auth-User: test:tester" \
                      -H "X-Auth-Key: testing" \
                      http://localhost:8080/auth/v1.0)

TOKEN=$(echo "$RESPONSE" | grep -i "X-Auth-Token:" | awk '{print $2}' | tr -d '\r')
STORAGE_URL=$(echo "$RESPONSE" | grep -i "X-Storage-Url:" | awk '{print $2}' | tr -d '\r')

echo "Token: $TOKEN"
echo "Storage URL: $STORAGE_URL"
echo ""
echo "使用示例："
echo "export SWIFT_TOKEN='$TOKEN'"
echo "export SWIFT_URL='$STORAGE_URL'"
echo ""
echo "curl -H \"X-Auth-Token: \$SWIFT_TOKEN\" \$SWIFT_URL"

sudo chmod +x /usr/local/bin/swift-token

第十四步：配置防火墙（如需外部访问）

# 安装 UFW
sudo apt-get install -y ufw

# 允许 SSH
sudo ufw allow 22/tcp

# 允许 Swift 端口
sudo ufw allow 8080/tcp

# 启用防火墙
sudo ufw --force enable

# 查看状态
sudo ufw status

第十五步：完整测试

# 创建测试脚本
cat > /tmp/test-swift.sh << 'EOF'
#!/bin/bash
set -e

echo "=== OpenStack Swift 完整测试 ==="

# 获取令牌
echo "1. 获取认证令牌..."
RESPONSE=$(curl -s -i -H "X-Auth-User: test:tester" \
                      -H "X-Auth-Key: testing" \
                      http://localhost:8080/auth/v1.0)

TOKEN=$(echo "$RESPONSE" | grep -i "X-Auth-Token:" | awk '{print $2}' | tr -d '\r')
STORAGE_URL=$(echo "$RESPONSE" | grep -i "X-Storage-Url:" | awk '{print $2}' | tr -d '\r')

if [ -z "$TOKEN" ]; then
    echo "❌ 错误: 无法获取令牌"
    exit 1
fi
echo "✓ 令牌获取成功"

# 创建容器
echo "2. 创建容器..."
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" -X PUT \
    -H "X-Auth-Token: $TOKEN" \
    "$STORAGE_URL/test-container")
if [ "$HTTP_CODE" -eq 201 ] || [ "$HTTP_CODE" -eq 202 ]; then
    echo "✓ 容器创建成功 (HTTP $HTTP_CODE)"
else
    echo "❌ 容器创建失败 (HTTP $HTTP_CODE)"
    exit 1
fi

# 上传文件
echo "3. 上传测试文件..."
echo "Swift 测试内容 - $(date)" > /tmp/swift-test.txt
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" -X PUT -T /tmp/swift-test.txt \
    -H "X-Auth-Token: $TOKEN" \
    "$STORAGE_URL/test-container/test.txt")
if [ "$HTTP_CODE" -eq 201 ]; then
    echo "✓ 文件上传成功 (HTTP $HTTP_CODE)"
else
    echo "❌ 文件上传失败 (HTTP $HTTP_CODE)"
    exit 1
fi

# 列出容器
echo "4. 列出容器内容..."
OBJECTS=$(curl -s -H "X-Auth-Token: $TOKEN" "$STORAGE_URL/test-container")
echo "$OBJECTS"
if echo "$OBJECTS" | grep -q "test.txt"; then
    echo "✓ 文件列表正确"
else
    echo "❌ 文件列表不包含上传的文件"
    exit 1
fi

# 下载文件
echo "5. 下载并验证文件..."
curl -s -H "X-Auth-Token: $TOKEN" \
    "$STORAGE_URL/test-container/test.txt" -o /tmp/swift-download.txt
if diff /tmp/swift-test.txt /tmp/swift-download.txt > /dev/null; then
    echo "✓ 文件下载成功，内容一致"
else
    echo "❌ 下载的文件内容不一致"
    exit 1
fi

# 删除文件
echo "6. 删除文件..."
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" -X DELETE \
    -H "X-Auth-Token: $TOKEN" \
    "$STORAGE_URL/test-container/test.txt")
if [ "$HTTP_CODE" -eq 204 ]; then
    echo "✓ 文件删除成功 (HTTP $HTTP_CODE)"
else
    echo "❌ 文件删除失败 (HTTP $HTTP_CODE)"
fi

# 删除容器
echo "7. 删除容器..."
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" -X DELETE \
    -H "X-Auth-Token: $TOKEN" \
    "$STORAGE_URL/test-container")
if [ "$HTTP_CODE" -eq 204 ]; then
    echo "✓ 容器删除成功 (HTTP $HTTP_CODE)"
else
    echo "❌ 容器删除失败 (HTTP $HTTP_CODE)"
fi

echo -e "\n=== ✅ 所有测试通过！ ==="
echo "Storage URL: $STORAGE_URL"
echo "使用以下命令获取新令牌: swift-token"

# 清理
rm -f /tmp/swift-test.txt /tmp/swift-download.txt
EOF

chmod +x /tmp/test-swift.sh
/tmp/test-swift.sh

常用管理命令

# 查看所有服务状态
swift-status

# 获取认证令牌
swift-token

# 重启所有服务
sudo swift-init all restart

# 停止所有服务
sudo swift-init all stop

# 启动所有服务
sudo swift-init all start

# 查看日志
sudo tail -f /var/log/syslog | grep swift

# 使用 Swift 客户端
swift stat                          # 查看账户信息
swift list                          # 列出所有容器
swift upload container file.txt    # 上传文件
swift download container file.txt  # 下载文件
swift delete container file.txt    # 删除文件

故障排查

如果遇到问题：

# 1. 检查服务状态
sudo swift-init all status

# 2. 查看详细日志
sudo journalctl -u swift-proxy -n 100
sudo tail -100 /var/log/syslog | grep swift

# 3. 检查端口监听
sudo netstat -tlnp | grep -E ":(8080|6200|6201|6202)"

# 4. 检查磁盘挂载
df -h | grep sdb

# 5. 测试 memcached
echo "stats" | nc 127.0.0.1 11211

# 6. 检查配置文件语法
sudo -u swift swift-proxy-server /etc/swift/proxy-server.conf -v

# 7. 重建 ring（如果 ring 损坏）
cd /etc/swift
sudo -u swift swift-ring-builder account.builder rebalance
sudo -u swift swift-ring-builder container.builder rebalance
sudo -u swift swift-ring-builder object.builder rebalance

完成！您的 OpenStack Swift 现在已经安装并运行在 Ubuntu 24.04 上了。

使用 swift-status 查看状态，使用 swift-token 获取访问令牌。

上一篇：我拒绝了 80% 返佣：揭秘加密货币“叠码仔”的黑幕与跟单交易的陷阱
下一篇：HTTP/3 (QUIC) 的 Stream QUIC 是什么

分享到：