Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Installing, Configuring, and Verifying Swift

Swift, the OpenStack object storage project, stores and retrieves random and unstructured data objects. It provides high fault tolerance due to features such as multi-copy storage and elastic scaling. Unlike the traditional data storage directory tree, objects and files are stored in multiple drives.

Configuring Name Resolution

Perform the following operations on controller nodes and storage nodes.

  1. In etc/swift/swift.con, set the hostname of the first storage node to object1.
    1
    		 
    hostnamectl set-hostname object1

    In this example, only one object storage node is used. If there are multiple object storage nodes, set this parameter to object2, object3, and so on.

  2. Run the vim /etc/hosts command to open the /etc/hosts file and ensure that the file contains the following:
    1
2
3
    		 
    172.168.201.11  controller
172.168.201.12  compute
172.168.201.13  object1
  3. Restart the system to make the change take effect.

Configuring the Environment (Controller Node)

Perform the following operations on controller nodes.

  1. Log in to the OpenStack CLI as the admin user.
    1
    		 
    source /etc/keystone/admin-openrc
  2. Create the Identity service credentials.
    1. Create the swift user. 
      1
      		 
      openstack user create --domain default --password-prompt swift

    2. Add the admin role to the swift user. 
      1
      		 
      openstack role add --project service --user swift admin
    3. Create the swift service entity. 
      1
      		 
      openstack service create --name swift --description "OpenStack Object Storage" object-store

  3. Create API endpoints for the object storage service.
    1
2
3
    		 
    openstack endpoint create --region RegionOne object-store public http://controller:8080/v1/AUTH_%\(project_id\)s
openstack endpoint create --region RegionOne object-store internal http://controller:8080/v1/AUTH_%\(project_id\)s
openstack endpoint create --region RegionOne object-store admin http://controller:8080/v1

Installing and configuring Components (Controller Node)

Perform the following operations on controller nodes.

  1. Install the packages.
    1
    		 
    yum -y install openstack-swift-proxy python-swiftclient python-keystoneclient python-keystonemiddleware memcached
  2. Obtain the proxy service configuration file from the object storage source repository.
    1
    		 
    curl -o /etc/swift/proxy-server.conf https://opendev.org/openstack/swift/raw/branch/stable/rocky/etc/proxy-server.conf-sample  --insecure

  3. Edit the etc/swift/proxy-server.conf file and make the following changes:
    1
    		 
    vim /etc/swift/proxy-server.conf
    1. Configure the port binding, user, and configuration directory. 
      1
2
3
4
      		 
      [DEFAULT]
bind_port = 8080
user = swift
swift_dir = /etc/swift
    2. In the [pipeline:main] section, delete tempurl and tempauth and add authtoken and keystoneauth. 
      1
2
      		 
      [pipeline:main]
pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk ratelimit authtoken keystoneauth container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server
    3. In the [app:proxy-server] section, enable automatic account creation. 
      1
2
3
      		 
      [app:proxy-server]
use = egg:swift#proxy
account_autocreate = True
    4. In the [filter:keystoneauth] section, configure the operator role. 
      1
2
3
      		 
      [filter:keystoneauth]
use = egg:swift#keystoneauth
operator_roles = admin,user
    5. In the [filter:authtoken] section, configure Identity service access (comment out or delete any other options in the [filter:authtoken] section). 
       1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
      		 
      [filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000/v3/
memcached_servers = controller:11211
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = swift
password = <PASSWORD>
delay_auth_decision = True

      In this document, all passwords are represented as <PASSWORD>. Use the actual password during the operation. The <PASSWORD> here is the password created for the swift user in Configuring the Environment (Controller Node).

    6. In the [filter:cache] section, configure the Memcached location. 
      1
2
3
      		 
      [filter:cache]
use = egg:swift#memcache
memcache_servers = controller:11211

Configuring the Environment (Storage Node)

Perform the following operations on storage nodes.

  1. Install the supporting utility package.
    1
    		 
    yum -y install xfsprogs rsync

  2. Format the /dev/sdb and /dev/sdc devices as XFS.
    1
2
    		 
    mkfs.xfs /dev/sdb
mkfs.xfs /dev/sdc

    sdb and sdc cannot be system drives. Use other drives as system drives.

  3. Create the mount point directory structure.
    1
2
    		 
    mkdir -p /srv/node/sdb
mkdir -p /srv/node/sdc
  4. Add the following to the /etc/fstab file:
    1
2
    		 
    /dev/sdb /srv/node/sdb xfs noatime,nodiratime,nobarrier,logbufs=8 0 2
/dev/sdc /srv/node/sdc xfs noatime,nodiratime,nobarrier,logbufs=8 0 2
  5. Mount the devices.
    1
2
    		 
    mount /dev/sdb /srv/node/sdb
mount /dev/sdc /srv/node/sdc
  6. Create or edit the /etc/rsyncd.conf file to include the following content:
     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
    		 
    uid = swift
gid = swift
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
address = 172.168.201.13
[account]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/account.lock
[container]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/container.lock
[object]
max connections = 2
path = /srv/node/
read only = False
lock file = /var/lock/object.lock

    address indicates the management network IP address of the storage node.

  7. Enable the rsyncd service and configure it to start as the system boots.
    1
2
    		 
    systemctl enable rsyncd.service
systemctl start rsyncd.service

Installing and configuring Components (Storage Node)

Perform the following operations on storage nodes.

  1. Install OpenStack Rocky if it has not been installed. Otherwise, the next step cannot be performed.
    1. Clear the Yum cache. 
      1
      		 
      yum clean all
    2. Install the OpenStack Rocky software package. 
      1
      		 
      yum -y install centos-release-openstack-rocky
  2. Install the Swift software package.
    1
2
    		 
    yum -y install openstack-swift-account openstack-swift-container \
openstack-swift-object
  3. Obtain the accounting, container, and object service configuration files from the Object Storage source repository.
    1
2
3
    		 
    curl -o /etc/swift/account-server.conf https://opendev.org/openstack/swift/raw/branch/stable/rocky/etc/account-server.conf-sample
curl -o /etc/swift/container-server.conf https://opendev.org/openstack/swift/raw/branch/stable/rocky/etc/container-server.conf-sample
curl -o /etc/swift/object-server.conf https://opendev.org/openstack/swift/raw/branch/stable/rocky/etc/object-server.conf-sample

  4. Edit the etc/swift/account-server.conf file and make the following changes:
    1
    		 
    vim /etc/swift/account-server.conf
    1. In the [DEFAULT] section, configure the bind IP address, bind port, user, configuration directory, and mount point directory. 
      1
2
3
4
5
6
7
      		 
      [DEFAULT]
bind_ip = 172.168.201.13
bind_port = 6202
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = True

      bind_ip indicates the management network IP address of the storage node.

    2. In the [pipeline:main] section, enable the corresponding modules. 
      1
2
      		 
      [pipeline:main]
pipeline = healthcheck recon account-server
    3. In the [filter:recon] section, configure the recon (meters) cache directory. 
      1
2
3
      		 
      [filter:recon]
use = egg:swift#recon
recon_cache_path = /var/cache/swift
  5. Edit the /etc/swift/container-server.conf file and make the following changes:
    1
    		 
    vim /etc/swift/container-server.conf
    1. In the [DEFAULT] section, configure the bind IP address, bind port, user, configuration directory, and mount point directory. 
      1
2
3
4
5
6
7
      		 
      [DEFAULT]
bind_ip = 172.168.201.13
bind_port = 6201
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = True

      bind_ip indicates the management network IP address of the storage node.

    2. In the [pipeline:main] section, enable the corresponding modules. 
      1
2
      		 
      [pipeline:main]
pipeline = healthcheck recon container-server
    3. In the [filter:recon] section, configure the recon cache directory. 
      1
2
3
      		 
      [filter:recon]
use = egg:swift#recon
recon_cache_path = /var/cache/swift
  6. Edit the /etc/swift/object-server.conf file and make the following changes:
    1
    		 
    vim /etc/swift/object-server.conf
    1. In the [DEFAULT] section, configure the bind IP address, bind port, user, configuration directory, and mount point directory. 
      1
2
3
4
5
6
7
      		 
      [DEFAULT]
bind_ip = 172.168.201.13
bind_port = 6200
user = swift
swift_dir = /etc/swift
devices = /srv/node
mount_check = True

      bind_ip indicates the management network IP address of the storage node.

    2. In the [pipeline:main] section, enable the corresponding modules. 
      1
2
      		 
      [pipeline:main]
pipeline = healthcheck recon object-server
    3. In the [filter:recon] section, configure the recon (meters) cache and lock directories. 
      1
2
3
4
      		 
      [filter:recon]
use = egg:swift#recon
recon_cache_path = /var/cache/swift
recon_lock_path = /var/lock
    4. Ensure proper ownership of the mount point directory structure. 
      1
2
      		 
      chown -R swift:swift /srv/node
sudo restorecon -R /srv
    5. Create the recon directory and assign proper ownership. 
      1
2
3
      		 
      mkdir -p /var/cache/swift
chown -R root:swift /var/cache/swift
chmod -R 775 /var/cache/swift

Creating an Account Ring

Perform the following operations on controller nodes.

  1. Switch to the /etc/swift directory.
    1
    		 
    cd /etc/swift
  2. Create the base account.builder file.
    1
    		 
    swift-ring-builder account.builder create 10 2 1
  3. Add each storage node to the ring.
    1
2
    		 
    swift-ring-builder account.builder add --region 1 --zone 1 --ip 172.168.201.13 --port 6202 --device sdb --weight 100
swift-ring-builder account.builder add --region 1 --zone 1 --ip 172.168.201.13 --port 6202 --device sdc --weight 100

    The value following --ip is the management IP address of the storage node.

  4. Verify the account ring content.
    1
    		 
    swift-ring-builder account.builder
  5. Rebalance the ring.
    1
    		 
    swift-ring-builder account.builder rebalance

Creating a Container Ring

Perform the following operations on controller nodes.

  1. Switch to the /etc/swift directory.
    1
    		 
    cd /etc/swift
  2. Create the base container.builder file.
    1
    		 
    swift-ring-builder container.builder create 10 2 1
  3. Add each storage node to the ring.
    1
2
    		 
    swift-ring-builder container.builder add --region 1 --zone 1 --ip 172.168.201.13 --port 6201 --device sdb --weight 100
swift-ring-builder container.builder add --region 1 --zone 1 --ip 172.168.201.13 --port 6201 --device sdc --weight 100

    The value following --ip is the management IP address of the storage node.

  4. Verify the container ring content.
    1
    		 
    swift-ring-builder container.builder
  5. Rebalance the ring.
    1
    		 
    swift-ring-builder container.builder rebalance

Creating an Object Ring

Perform the following operations on controller nodes.

  1. Switch to the /etc/swift directory.
    1
    		 
    cd /etc/swift
  2. Create the base object.builder file.
    1
    		 
    swift-ring-builder object.builder create 10 2 1
  3. Add each storage node to the ring.
    1
2
    		 
    swift-ring-builder object.builder add --region 1 --zone 1 --ip 172.168.201.13 --port 6200 --device sdb --weight 100
swift-ring-builder object.builder add --region 1 --zone 1 --ip 172.168.201.13 --port 6200 --device sdc --weight 100

    The value following --ip is the management IP address of the storage node.

  4. Verify the object ring content.
    1
    		 
    swift-ring-builder object.builder
  5. Rebalance the ring.
    1
    		 
    swift-ring-builder object.builder rebalance

Distributing Ring Configuration Files

Perform the following operations on controller nodes.

Copy the generated account.ring.gz, container.ring.gz, and object.ring.gz files to the /etc/swift directory on each storage node and any other node running the proxy service.

1
2
 
cd /etc/swift/
scp -r ./*.gz root@object1:/etc/swift/

Modifying Configuration

Perform the following operations on controller nodes.

  1. Obtain /etc/swift/swift.conf file from the Object Storage source repository.
    1
    		 
    curl -o /etc/swift/swift.conf \https://opendev.org/openstack/swift/raw/branch/stable/rocky/etc/swift.conf-sample
  2. Edit the /etc/swift/swift.conf file and make the following changes:
    1
    		 
    vim /etc/swift/swift.conf
    1. In the [swift-hash] section, configure the hash path prefix and suffix for your environment. 
      1
2
3
      		 
      [swift-hash]
swift_hash_path_suffix = <PASSWORD>
swift_hash_path_prefix = <PASSWORD>

      Set the two parameters to unique strings of any characters.

    2. In the [storage-policy:0] section, set the default storage policy. 
      1
2
3
      		 
      [storage-policy:0]
name = Policy-0
default = yes
  3. Copy the swift.conf file to the /etc/swift directory on each storage node. If there are multiple controller nodes, copy the file to the /etc/swift directory on other controller nodes.

Starting the Services

Perform the following operations on controller nodes and storage nodes.

  1. Ensure correct ownership of the configuration directory on all nodes.
    1
    		 
    chown -R root:swift /etc/swift
  2. On the controller node and any other node running the proxy service, start the object storage agent service (including its dependencies) and configure it to start as the system boots.
    1
2
    		 
    systemctl enable openstack-swift-proxy.service memcached.service
systemctl start openstack-swift-proxy.service memcached.service
  3. On the storage node, enable the object storage service and configure it to start as the system boots.
     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
    		 
    systemctl enable openstack-swift-account.service openstack-swift-account-auditor.service \
openstack-swift-account-reaper.service openstack-swift-account-replicator.service
systemctl start openstack-swift-account.service openstack-swift-account-auditor.service \
openstack-swift-account-reaper.service openstack-swift-account-replicator.service
systemctl status openstack-swift-account.service openstack-swift-account-auditor.service \
openstack-swift-account-reaper.service openstack-swift-account-replicator.service

systemctl enable openstack-swift-container.service \
openstack-swift-container-auditor.service openstack-swift-container-replicator.service \
openstack-swift-container-updater.service
systemctl start openstack-swift-container.service \
openstack-swift-container-auditor.service openstack-swift-container-replicator.service \
openstack-swift-container-updater.service
systemctl status openstack-swift-container.service \
openstack-swift-container-auditor.service openstack-swift-container-replicator.service \
openstack-swift-container-updater.service

systemctl enable openstack-swift-object.service openstack-swift-object-auditor.service \
openstack-swift-object-replicator.service openstack-swift-object-updater.service
systemctl start openstack-swift-object.service openstack-swift-object-auditor.service \
openstack-swift-object-replicator.service openstack-swift-object-updater.service
systemctl status openstack-swift-object.service openstack-swift-object-auditor.service \
openstack-swift-object-replicator.service openstack-swift-object-updater.service

Verifying Swift

Perform the following operations on controller nodes.

  1. Log in to the OpenStack CLI as the admin user.
    1
    		 
    source /etc/keystone/admin-openrc
  2. Check service status.
    1
    		 
    swift stat

  3. Create the container1 container.
    1
    		 
    openstack container create container1
  4. Upload the test file to container1.
    1
    		 
    openstack object create container1 FILE
  5. List the files in container1.
    1
    		 
    openstack object list container1

  6. Download the test file from container1.
    1
    		 
    openstack object save container1 FILE

Common Swift Commands

Command

Description

swift stat

Displays the Swift service status.

openstack container create container1

Creates a storage container.

openstack object create container1 FILE

Uploads a file to a container.

openstack container delete container1

Deletes a storage container.

openstack object list container1

Lists the files in a container.

openstack object save container1 FILE

Downloads files from a container.