浏览此站
联系我们相册切换到窄版 Language

 找回密码
 注册
易陆发现论坛»论坛 云计算开源区 ceph分布式存储 ceph-deploy之配置安装使用对象存储
返回列表 发新帖
查看: 1497|回复: 1

ceph-deploy之配置安装使用对象存储

[复制链接]
admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
发表于 2022-2-9 09:58:36 | 显示全部楼层 |阅读模式
eph存储显著的简化了安装和配置Ceph Object Gateway,
Gateway进程嵌入到Civetweb,所以你需要安装一个web服务,或者配置FastCGI," p  n& f. w- ]9 q6 i0 K3 H
另外,ceph-deploy可以安装gateway包,生成key,配置数据目录,创建gateway实例。
( D. k( s) R5 N. _  xTip:Civetweb默认使用7480端口,您必须打开端口7480,或将端口设置为Ceph配置文件中的首选端口(例如端口80)。* |+ |& U! {5 [) o6 P# d+ q  V  y3 Q
安装Ceph Object Gateway1、保证开启端口
8 B4 u6 e8 ?9 I/ E# y- w( Q( v2、在admin节点安装Ceph Object Gateway包到client-node节点/ W2 l' h1 R, b6 \, q' D; r
ceph-deploy install --rgw <client-node> [<client-node>...]5 p* T8 e$ T3 S% `2 ?2 ^" [
例子:' Y# D% l1 o) s' D. s6 x; T3 P
ceph-deploy install --rgw cephhost1 cephhost2
1 l3 E/ L7 w; D& N. N* z" S8 a5 ]创建Ceph Object Gateway实例 ceph-deploy rgw create <client-node>  例子:5 K9 m/ P# C; F) u* F
ceph-deploy rgw create cephhost1
) R9 }2 y0 H% u% Z4 \$ Z4 I3 O
/ V" L9 ^& P* J$ z5 l0 a$ |* s$ ?9 O1 E% v
一旦gateway运行,你可以访问它的7480端口(例如:http://cephhost1:7480)+ c3 H* z* N* {; a" D! a! a9 v
配置Ceph Object Gateway实例1、通过修改ceph.conf配置文件修改默认端口,添加标题为 [client.rgw.<client-node>]的部分,
6 e. Z; {$ S! }8 K2 B& s% O用ceph client节点hostname(hostname -s)替换<client-node>.& v/ B. h4 E4 S  B

' u( C. Y  a7 I; ~8 O如果节点name是cephhost1,那么在[global]部分之后,添加如下:# \5 w6 V' A) Y1 Z7 g  ~8 U
[: p6 i, P/ G0 E+ G' Q
rgw_frontends = "civetweb port=80"3 B1 R9 h( _4 b  S; b8 ?0 t
注意:
1 I: n2 \/ i+ U3 A: s$ r确保在rgw_frontends键/值对中的 端口=端口号 之间不留空白,0 ]- a* o7 n& z4 Y3 Q1 f9 o
如果您打算使用端口80,请确保Apache服务器未运行,否则将与Civetweb发生冲突。在这种情况下,我们建议删除Apache。
, y/ Z, y( G3 D( t7 c) J3 `  N# @" g$ w3 H! K/ C% ?
2、重启使新配置端口生效
6 n: {& _9 g% o2 r& y systemctl restart ceph-radosgw.service7 _, @0 H! m5 `& q
3、如果开启了防火墙,检查端口在防火墙中打开。如果未打开,添加端口重载firewall生效
% V0 W* r2 }' j  V5 U( cfirewall-cmd --list-all
' y) R" Y7 S4 t% ~firewall-cmd --zone=public --add-port 80/tcp --permanent; n7 c, Z, G/ E8 w5 Q3 C$ a: }
firewall-cmd --reload( M" o- z7 r3 z6 Y2 S* A, r
4、现在可以发起一个未认证请求,并且返回一个结果
" ^5 u) @) S/ J' D! ?+ L#request% }' C: `4 A& B: H
curl http://<client-node>:805 T0 f1 G1 z9 T" {: H' |+ l
#result- D- Y9 C$ Q7 l
<?xml version="1.0" encoding="UTF-8"?>
& P- P7 U: [  ^& y<ListAllMyBucketsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
' i9 B! o% N: B+ G7 E! e; {# B<Owner>
. Z% g# m8 v. a4 I9 C<ID>anonymous</ID>; d) Q# B2 |$ C, M+ P# }0 ]3 k& I9 Z
<DisplayName></DisplayName>. S+ W8 u8 _9 w4 G  |! [1 F$ y) Q! f
</Owner>" _5 I3 E2 ]+ [) F& s
<Buckets>1 T6 V9 e- B% }
</Buckets>
( ?) K  u. \  E% X  n; g- ?1 e</ListAllMyBucketsResult>
. L' P% W/ L/ g2 {4 z! M6 I8 n6 ?; Q. X
) F$ V: y0 w# [0 g$ M  s4 a
$ P8 T5 |6 j1 |
. S2 T9 N8 r: y6 \$ F

# T  Z/ h4 L- |  ]+ G3 c# s
! }9 x9 D6 k. ~  C6 r7 m, |
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2022-2-9 10:04:03 | 显示全部楼层
ceph对象存储
6 c$ a+ Z: I' T9 D- N顾名思义,对象存储以对象方式管理数据。每一个对象存储数据、元数据以及一个唯一的标识符。对象存储不能直接被操作系统当成本地或者远程文件系统访问。它只能在应用程序级别通过API访问。ceph提供的对象存储接口是RADOS网关,它建立在ceph RADOS层之上。RADOS网关为应用程序提供兼容S3或者Swift的RESTful API接口,以便将数据以对象方式存储到ceph集群中。
! N) N8 B! r) F2 R5 y) \0 F5 w在生产环境中,如果你在ceph对象存储上有大量的工作负载,则你应该使用专用的物理服务器来配置RADOS网关,另外你可以考虑将所有的monitor节点配置成RADOS网关。( j9 j6 ]+ U$ p' F; R# D& d3 M

% `3 ^# I* r* W2 n. B) I$ ?$ D; o& [安装radosgw相关包1 E" a: B9 h: S0 w7 K
yum -y install ceph-radosgw ceph; Y4 M5 S' y( [; I
1' w4 K( @* u) s0 ]. }9 V* S% ~
创建用户4 w- U2 b/ k1 U- }' m
为ceph创建rados网关用户及密钥环,登录任意一台ceph monitor节点上,并执行下列命令
7 ~3 `, k. N8 i3 u3 ?9 B. C! l创建密钥环
! y: h3 `7 ]  O1 X3 B$ N4 y! q6 Q
ceph-authtool --create-keyring /etc/ceph/ceph.client.radosgw.keyring
: d/ `$ ]1 e' \1 N! S: d输出1 S4 p9 f. x8 R
creating /etc/ceph/ceph.client.radosgw.keyring3 t* U. E; ^& a$ B4 {
1: e9 K  c& @! M) b$ h
2
7 A3 k5 @, ?4 v$ O3
3 ]7 @  ~+ m4 ]8 uchmod +r /etc/ceph/ceph.client.radosgw.keyring
5 G/ w$ X9 B# t3 x: A1
7 I) [' x: ^+ p8 A2 n这时候/etc/ceph/ceph.client.radosgw.keyring 文件还是空的# m: o3 W4 b/ I3 o
为RADOS网关实例生成网关用户以及密钥,这里的RADOS网关实例名是gateway1 \, o) D2 K2 [, m- x# X

! ?" h4 B( l! a$ I6 Z' r0 p* Q' rceph-authtool /etc/ceph/ceph.client.radosgw.keyring -n client.radosgw.gateway --gen-key- v: u. P9 f5 x) N9 X) ]) `
14 E8 n: Z- G% K; y% D: a2 N; }! i
cat /etc/ceph/ceph.client.radosgw.keyring
) q7 p+ z5 J" ~+ x" d3 J[client.radosgw.gateway]
: c8 N: r' l! V3 @  u' e        key = AQBWuqBf5apFDxAAAbqsG0NTx8lehGoNpcPVJQ==0 V1 ^$ l: P& l: B0 W5 m& L4 F
1" u* z4 L1 m6 n3 E/ Q' t2 {
2
$ F: |* O  W! {8 ?0 Q3
) H: A# z2 y' x3 i4 A/ d为密钥增加功能
* {' f8 p. g* Q  S% D/ W3 \2 O. I6 `9 O5 h( A, J
ceph-authtool -n client.radosgw.gateway --cap osd 'allow rwx' --cap mon 'allow rwx' /etc/ceph/ceph.client.radosgw.keyring6 W6 p( ?6 I  q, \  {- N3 r0 V; f
16 h% z$ R% ?  J
cat /etc/ceph/ceph.client.radosgw.keyring 6 [8 p$ P% k3 A# n( _4 g
[client.radosgw.gateway]# M7 _9 Q1 B. K8 A% B: x
        key = AQBWuqBf5apFDxAAAbqsG0NTx8lehGoNpcPVJQ==
- G- V, y: _4 y) G% p        caps mon = "allow rw"- n! q. w9 W) |8 M0 D
        caps osd = "allow rwx"! P( y" M* U9 I' f4 \& n
1
( p* ~9 a% u7 ?" ?: \0 D. N2( ]2 q8 |. }  l
3% U  {% U6 F3 h; u% @( p3 g( |
40 [. ?+ M& b% Q, L" ~0 ?9 V  H- P
5
+ A: ~4 Y. y) ?" m2 g. ~将密钥添加到ceph集群中; O$ `2 B. _2 M' q; C$ \

7 X$ z- |7 B1 X/ D2 nceph -k /etc/ceph/ceph.client.admin.keyring auth add client.radosgw.gateway -i /etc/ceph/ceph.client.radosgw.keyring 6 Y9 a5 O8 o# w+ ]. U6 y) J+ k% {
输出
3 E8 o0 C4 }4 P1 Ladded key for client.radosgw.gateway
6 s; V! E. y5 `+ G' v% G12 A, D( ?0 s$ e& X( r; e& S
2/ R) q# q: q  x. C
3
: H- _# q- J8 I4 H  L3 B! C分发密钥到ceph rados网关节点上/ V7 P: w2 I& z8 a9 r
& t2 E8 m6 n: b& P
scp /etc/ceph/ceph.client.radosgw.keyring radosgw节点的hostname:/etc/ceph/ceph.client.radosgw.keyring 6 d; j! h8 V8 q& Q$ u8 b6 c! n
1
" {4 I3 {8 I$ v9 S由于这里的rados网关节点和monitor节点在一台机器上,所以不必分发。
! \+ o% M* S8 n) ]- F! x+ r
$ m& n2 G& z7 t/ Q2 t' D2 w为rados网关创建池4 k: c$ N+ E2 E/ ?. A6 r# l, a
ceph osd pool create .rgw 128 128: Q, H: n( U& \5 z2 Y) `, r+ y
1
$ k9 ~" L! Z7 t4 X( Q. W创建radosgw网关数据目录) s5 P! Q/ s# n- v
mkdir -p /var/lib/ceph/radosgw/ceph-ceph01.gateway
9 i( [: ?: L' l+ ]1
1 I( j& e* I' F) A; ?Civetweb方式配置rgw
' X/ U3 ^' }$ U增加配置
3 l: B$ j1 R* l+ O" i1 s3 c给ceph添加一个网关配置,添加如下配置到ceph monitor节点的ceph.conf文件中, 并将该文件移动到RADOS网关节点。确保主机名是RADOS网关的主机名。2 f9 w+ N1 X5 Y

& Z: m* o8 x" p$ t[client.radosgw.gateway]7 I* M% |! I9 e) \. N9 E9 n2 C
host=ceph01; P) U$ }& U7 E2 @. ]6 m
keyring=/etc/ceph/ceph.client.radosgw.keyring( y' h( p$ q) G. w  Q  g
log file=/var/log/ceph/client.radosgw.gateway.log) A0 Z' G1 \2 ~4 |
rgw_frontends = civetweb port=80
8 h& d6 y% s1 L- x/ ]0 N1* E* G6 I1 z* J
2$ w- A2 T2 ^' i# L+ w* P" t6 ~
34 S8 I& @8 A: p' O- n7 I- B' L
4- p, l; m. D: n; G8 F
5
3 X3 S8 o( C) qcivetweb默认监听在7480端口,上述的配置中显示指定监听端口为80(port=80)4 h+ \# [  b* |! a
复制配置文件到rgw节点,这里rgw节点在ceph节点上,不必复制。% d. {: {0 {# h8 z
5 _3 R  [9 c6 L* {' A. C( }: @
scp  /etc/ceph/ceph.conf radosgw节点的hostname:/etc/ceph/ceph.conf
  X/ t& Q$ F) c0 W- O3 P1
/ [% L- w" ]& s8 L0 W启动rgw实例! u( s: I6 s% t/ `3 V: a* T* U2 d
systemctl start ceph-radosgw@radosgw.gateway.service% [7 k& l" q3 \! `$ u# A( u6 h
1( e. x! o7 F. M# J& d
说明:ceph-radosgw@radosgw.gateway.service中gateway为具体的实例名,这个实例名要和ceph.conf中配置的一致。! T  ^+ q& S! v2 C7 c0 G; j+ V

$ {: \# Q0 z8 Q6 @+ E8 r9 Q2 t, K5 j验证. N& j9 l% W' r- h
rgw节点curl1 E5 H$ h" W# }  r9 L
* y6 N+ \1 l2 v3 }: U0 s/ n$ r& G
curl localhost:80
( ^* ^2 n3 |0 x6 \; O* C0 y正确输出
3 x5 U9 e+ G8 Q1 h' ], P<?xml version="1.0" encoding="UTF-8"?><ListAllMyBucketsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Owner><ID>anonymous</ID><DisplayName></DisplayName></Owner><Buckets></Buckets></ListAllMyBucketsResult>[root@ceph01 ceph]# ) B5 q+ c/ K2 D) S. u$ Z
1
6 [! ]4 ?: |3 g  `+ ^1 v2
4 v# d& C0 |6 W2 i& t+ X2 n34 L  J8 a! Z4 b4 E( }- D  a7 k
或者浏览器输入rgw节点ip
1 j7 j8 w* y4 w+ l) h  i8 L( K正确输出如下7 n+ O2 N0 _* y/ B6 c* r9 k

7 P) ^  `8 \) J2 N9 i3 Q
! H/ D, B. z6 U) A. Wapache fastcgi方式配置rgw(方法1简单)! a- D% ^3 }% p6 ?% x  t# e
安装httpd
: ~9 ^' ]4 T+ m% I3 A9 yyum -y install httpd0 h# M) }# Q6 h  n6 M
1
" a) w" B4 \/ T+ |4 n' y配置httpd+ }+ R8 u$ g1 S7 ^& i1 ~, Z; C
cat > /etc/httpd/conf.d/rgw.conf << EOF
0 Z1 S3 R5 z1 A+ A, J# ]<VirtualHost *:80>" s1 o7 E/ G) X2 K- n
ServerName localhost
! q* T  y- Z) H5 v# N$ QDocumentRoot /var/www/html5 X2 u4 h- }+ s/ L% m9 N

8 F: X. l+ F- |9 u; g" ?' C/ j4 u* EErrorLog /var/log/httpd/rgw_error.log
) n$ n( V5 B; C4 [: QCustomLog /var/log/httpd/rgw_access.log combined
$ S4 t, l0 c7 Q2 b& m7 H. v; g
0 c% N9 I( s5 y7 a$ J3 K# LogLevel debug
; R2 U" w* Y0 J$ m# u& G5 {: B, O. C0 g3 _8 P$ K  O, P
RewriteEngine On4 o9 b4 A2 `- B; {
! P. d1 K; I+ B+ H& b2 f
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
* b% D, c5 S% \  @  V: B1 z9 g3 F% P
) A& G( w/ L% P$ G# zSetEnv proxy-nokeepalive 13 g4 K4 i" Y9 P
& U: i. v2 B) L! e  m/ s$ [
ProxyPass / fcgi://localhost:9000/
# ^& c( q2 u/ X% V0 k- w& [' r, t0 {7 x% b7 N* |6 ]
</VirtualHost>
. [1 C; h* r* u3 G  L/ bEOF: v) j1 j. r) d; c8 P( Q2 n+ K
13 j. k7 @0 e! I) Q- ?
2
2 o" s, z; l% P9 g/ p3. J; }, G- c4 R
4
7 ]- I" f% P! M- n5
  M3 T$ W( G  N% B6
; i! F( P  k( V, b; S0 K1 ]7
2 [" s; m& Y5 h8
+ Q% ~' Y/ x  u2 S6 q9 y9( M8 `: |+ w: r3 A! h; O+ B
10- \' S7 x' i1 K' N. A* S4 m2 l
11
, C; r; ~2 J' ?  _" ~& e12
( @( ?* ~  [; C9 {- J131 K: ]" T2 E% G$ @! U8 L
14
! P6 O7 ?6 {6 t' O8 m2 k' I15; |1 o# k2 k2 f$ G6 \  s, c3 l
16
  L# N- q6 c9 ]3 g3 P17
* w7 s  _' [- H  g% Z0 `18: R5 A4 v6 ~1 r- B  D
19. w3 \9 f- p$ c, k( j- A9 ~9 c: o
20
# B; N8 v  Q4 {" S! p) V配置ceph
' i: w: F$ x0 x( e* s& R[client.radosgw.gateway]. C% I/ ~# J8 ~8 f5 q( T5 K
host=ceph01
3 }! v0 A: I" e4 w9 N: Ikeyring=/etc/ceph/ceph.client.radosgw.keyring
6 y0 D1 W' f% s3 h9 ]* E+ a  Y. Wrgw_socket_path=/var/run/ceph/ceph.radosgw.gateway.fastcgi.sock
$ g$ Q1 B0 w$ T3 s+ h6 }4 |log file=/var/log/ceph/client.radosgw.gateway.log
8 ~' t( a* |# y/ _* |/ e: _1 M) jrgw frontends = fastcgi socket_port=9000 socket_host=0.0.0.0
- x9 V0 B2 u5 `* p- I( T$ u#rgw dns name = ceph-rgw.objectstore.com" H# D3 J4 i5 F+ R/ r$ E
rgw print continue=false
% [- t0 p) z  \( e5 J' p1" p' H6 u2 C& V6 ~2 w' C  F
2& }( J+ M6 L- B9 z- _- F
3
  f- E& p, u- W& Y2 K1 R4
, Z" d9 I5 Y2 @* v* [  m5
& I% l& w& T! x' I. |6
% I$ `" |5 Y: U; r7
5 N4 g  G: l9 d1 L8
% _, T$ ^/ K5 ]& W7 A. j+ ^启动httpd
# G1 w0 U) C" p+ P, `' u* a/ ~4 ?systemctl start httpd9 Z; j* N$ Q1 `- i7 z1 E) R; c3 k
1* ^* }# r4 u9 }9 q& Z" s; w
启动ceph-radosgw.target服务
( o/ [: J2 m! I7 Y% R- ?$ usystemctl start ceph-radosgw@radosgw.gateway.service$ x% W" i+ |, B0 K
1
" d6 z8 _7 n' D, F+ H验证$ {' s9 Z0 \, K3 ~0 M6 X
curl http://ceph01
! K' e! v5 w. J% ?* p<?xml version="1.0" encoding="UTF-8"?><ListAllMyBucketsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Owner><ID>anonymous</ID><DisplayName></DisplayName></Owner><Buckets></Buckets></ListAllMyBucketsResult>[root@ceph01 yum.repos.d]#
+ z  t( b+ F* A& D) y, w1
$ ^' {1 E% }- ?; ?/ Q" n# s# F$ |& U2
! v/ c. x4 C0 q或者浏览器输入rgw节点ip
. o8 a0 I  j' ~: D正确输出如下
" o, c: w. B% v' D2 p* w$ O. n1 a' B0 q$ k) G

8 Q& [4 v/ ~( a8 e# a/ _; x7 Iapache fastcgi方式配置rgw(方法2复杂)
- q) h  F5 I$ _8 @7 V安装yum-plugin-priorities
; H# `3 n+ V; h1 ~yum -y install yum-plugin-priorities: [4 B: v$ g$ {9 ^! u0 v
1/ |: ^# a0 l! u+ u% t: v
配置mod_fastcgi的yum源5 Q2 M8 l3 A& ]1 k9 H0 v$ v7 Y
cat > /etc/yum.repos.d/ceph-fastcgi.repo <<EOF8 ^* Q# _) {; }
[fastcgi-ceph-basearch]
; Z9 h2 D: ?8 F8 S' S0 rname=FastCGI basearch packages for Ceph: b$ J; D$ l, M  {
baseurl=http://gitbuilder.ceph.com/mod_fastcgi-rpm-centos7-x86_64-basic/ref/master/
# h" s, e1 f# S. t9 c# d. K2 `enabled=1
: G( @8 W  R+ \1 K7 Rpriority=2- s6 @, C5 ?6 o; c% s' A
gpgcheck=13 X) T8 }* F1 ^( Q1 e& |+ S
type=rpm-md
. j/ x9 V4 H2 }" pgpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/autobuild.asc
8 j6 d; r5 @8 \: C. K  }- e7 `0 Z- V* ^8 u" x7 b
[fastcgi-ceph-noarch]5 X( m9 i& ^7 @9 f
name=FastCGI noarch packages for Ceph  E0 a/ H" h  A; e; N2 V4 ?' `
baseurl=http://gitbuilder.ceph.com/mod_fastcgi-rpm-centos7-x86_64-basic/ref/master/* A9 y  E- f/ B( i
enabled=1
& p7 t+ M3 C8 |8 b) \$ qpriority=2& k0 ~+ L9 y, _$ B# H: t
gpgcheck=1. U, k* a7 t6 h4 N7 r) A% s! N
type=rpm-md) @' _, e9 m' R' c' M4 i% m, S* H
gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/autobuild.asc, s: [" I- [  S* r6 y

2 V$ y- ?4 m; N6 Y[fastcgi-ceph-basearch]" C* j4 Q2 G4 Y7 o  r, W
name=FastCGI source packages for Ceph
# M" Q7 z4 J0 _& S. H" z3 |5 Mbaseurl=http://gitbuilder.ceph.com/mod_fastcgi-rpm-centos7-x86_64-basic/ref/master/* |& v; d% t$ i
enabled=1
% ?; h: H3 d, npriority=23 E2 S, I, W6 S! P1 Q/ |. f
gpgcheck=1! |: J& a, d, h/ Z: W0 n4 P
type=rpm-md' {' i- ]* d/ _, H9 M
gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/autobuild.asc
( K! _; Y2 U9 l: R) fEOF9 ]# V3 Z! e8 c- j( [9 ^
1; b9 F5 K; y7 n& j9 \8 U
23 S6 S% v. e" N) J
3
7 h( ^9 f  _+ [8 q: m% d2 i$ x  n44 p' g0 E* T! r4 B1 x. r* V
5
% [# P3 _  x/ C, \5 ?6
5 h/ I9 r: ?" |! c( S% @" ~7
6 D3 }- H2 W2 V! f1 s8& _) t8 o6 M- r: n
9" S% q& }9 x- D1 G: ]8 @
10
0 w2 V% k% A" r  H7 ?! P$ A11
) }7 Y) N, _$ e& P, Z  }! ^127 q+ |- |8 h: B5 B$ H7 {
13
3 T( q/ U  E& {" w0 O0 C14
; k1 N; c% n7 w* \9 _$ Q: u9 x15
; G* Y' O. F. F" u" F# K8 p( Q7 H164 }4 m4 R  m2 r/ Z8 D
176 s% D6 R+ l$ S4 }
18% \1 \2 d" i4 f5 m! R% e
190 _: ^) z0 M4 Z8 V6 G3 c4 h, r
20
: W2 x6 H1 x# K/ u/ i  Z0 \21
% n$ L2 a+ }( X' C# ~8 c9 p221 T. Q$ }; f  r/ ?) ^
23$ k1 f4 P" j' v5 I. v8 a
24% o  Z  M9 H. n4 N5 I7 w
25
% l* P% U' A* G) _26
5 y! }9 ^2 l6 L9 H: b/ i27
1 X2 @0 |; E  D28
# F" e& Q" K) U  j' a  g4 m4 q安装相关包# P% e! v8 u. D
yum -y install httpd mod_fastcgi ceph-radosgw ceph' U5 k8 M. I% \
18 C3 F. p8 D: I$ r; T8 L2 P
配置rados网关
0 |9 C! U" g0 h+ `2 ?9 Srados网关的配置包括apache和fastcgi的配置以及ceph密钥的生成。4 r3 _& A3 N( ^5 {( `
编辑/etc/httpd/conf/httpd.conf文件以配置apache% l" H+ @3 Z  M- {4 |' d# `

) \0 B) ^4 W6 ~0 k+ ~/ \cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.bak
* r) z; K, ]9 ^' y8 s- w* v19 _' `# n  m) e
设置ServerName = 主机名- ~* F( Q( _6 S2 z
1- O! ?9 i! }$ h6 o
确保下面这行存在并且是非注释状态* b# A( D8 m# C( C' B( [9 i! f: S

% e2 @/ L& s( b) F* Q/ Hcat /etc/httpd/conf/httpd.conf|egrep "rgw|rewrite"
, r3 B6 n1 V! J2 j/ BLoadModule rewrite_module modules/mod_rewrite.so2 d& N( p2 e! c8 M% E- E/ `
1
1 J7 z4 r' b7 B  R9 B2
( B6 t* S, u/ h4 I4 [1 F3 z" S/ X: i编辑/etc/httpd/conf.d/fastcgi.conf文件以配置FastCGI
2 g! D( }; u  P$ F5 s& ~确保FastCGI模块开启6 O2 Q/ O8 Y$ q& b  e7 H" }

0 m3 k# ]1 c9 w- E' }' I& C* mcat  /etc/httpd/conf.d/fastcgi.conf |grep "fastcgi_module"# a8 Q- P$ \: F
LoadModule fastcgi_module modules/mod_fastcgi.so
' ^- F$ ~. ?2 q) f5 \( F6 T. L1
) c0 n" v  p* n4 u5 i20 D$ Z# m$ C1 c" q  g) @
关闭FastCgiWrapper) x% R3 v7 ?6 t/ y
8 m6 H* V. u, h$ E6 ?2 N2 X" a+ B
cat  /etc/httpd/conf.d/fastcgi.conf |grep -i "fastcgiwrapper"  _  D$ _/ l( p( d! J
FastCgiWrapper Off( E( ~6 k$ Z- n5 f
1
' Z* r6 C; i7 ^2 W& c) w' [% p+ F, l26 n; W5 _0 B# Z) k7 A" o8 B( H
设置对象网关脚本; H: x% l2 a+ A8 y2 r+ y' M
1 [4 p7 M7 s- c% O  c$ n
cat > /var/www/html/s3gw.fcgi <<
% Y. L! o) }/ [& i$ L8 Y" S8 r#!/bin/sh3 ^, ~, R8 G" f) A" v5 d, l# A4 k& [
exec /usr/bin/radosgw -c /etc/ceph/ceph.conf -n client.radosgw.gateway2 J" @: X8 d* P& U# A* H1 q7 Y7 _
EOF
. t8 X2 d8 {; Z1* a3 ]7 A" M% [1 t$ n# p
2
, d8 c2 E. x5 C8 w; m' z38 s- \- U( \, t/ C7 G0 _0 G9 I
48 l/ k/ p+ r" B/ F
授权脚本! J8 T) n, t, D9 y7 ]. t! b
chmod +x /var/www/html/s3gw.fcgi
6 n' w  A# {+ J% a3 u& Bchown apache.apache /var/www/html/s3gw.fcgi
1 a9 i6 N. Z! m: W. B7 T1
- n; _( y+ x7 G2
& T+ ^2 }7 z8 C! a# f在/etc/httpd/conf.d/目录下创建网关配置文件rgw.conf5 C1 w" j0 I3 K1 @5 f

' ]+ b& G8 F4 j; Y9 Y0 zcat >/etc/httpd/conf.d/rgw.conf<<EOF/ _7 T* }4 z" l( d
FastCgiExternalServer /var/www/html/s3gw.fcgi -socket /var/run/ceph/ceph.radosgw.gateway.fastcgi.sock% ?7 r2 F; _' I- A4 P5 g4 D  y$ U* x
<VirtualHost *:80>  i. g/ b) i" f+ A+ Z! s# g+ Y
ServerName ceph01
2 {" ?) W+ j( _  X5 I5 l7 gServerAdmin {zhanghao@ceicloud.com}7 o1 l. K  o. d: ^- u
DocumentRoot /var/www/html
# y  d7 Z( d: [9 ]# TRewriteEngine On
5 S$ q9 K. v; q0 U9 F# R9 o9 SRewriteRule ^/(.*) /s3gw.fcgi?%{QUERY_STRING}[E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]5 Y1 C% g" A  f4 Y; ~. r( }
<IfModule mod_fastcgi.c>
' Q. k/ Z8 C( g: `3 R' A% ^<Directory /var/www/html>1 g6 V/ ~9 Q, H2 M/ r- C2 k
Options +ExecCGI  U+ Z/ P' S5 S# `/ E3 M+ g
AllowOverride ALL
+ D$ C0 j* \+ ]2 @3 ySetHandler fastcgi-script
+ {7 `" H* ^# ~Order allow,deny
3 c* _7 ?3 ~% c' R# tAllow from all' x  a% ~' [& }8 x
AuthBasicAuthoritative Off
; V5 q, i" g" S</Directory>9 r$ W( o- k2 x" v3 R* i
</IfModule>
6 j! r& D7 i1 V- Y" ?  E9 nAllowEncodedSlashes On7 {% z* d: M% r! y5 s: ?( l
Errorlog /var/log/httpd/error.log
! Q7 {$ W$ S4 [* aCustomLog /var/log/httpd/access.log combined' M& b$ y- V9 O( n& H9 c8 m
ServerSignature Off
& O7 E! n4 s, N% _; {6 c</VirtualHost>6 r) S% n; C. x* N* z  n
EOF' G, F5 C1 b* v* E' F
1
1 Y* D, N4 O/ a( D: ?' j) g2& O3 C2 s- F: p/ E$ O$ G: Q
3
% D" f( G. K7 F, S* [- h5 V4& j4 O+ g  [2 w4 P  G+ |4 J
5
4 f* q0 [% C4 B$ }6; R* m' S% Y+ ^3 b
7$ Y" E8 `/ n: |, [
8
% t; I! c# w0 C) F: b. ~9/ M& [5 A* X7 x9 J
10
" A; A. V4 a: A' f* _11
6 Z& h& Z& h( Y: p3 s: n/ o. d+ l12# G3 K0 B: N: [3 a% o9 P  [
13
+ A1 F+ x* W8 _5 h# F! f  p' x14
" V4 |" J) t- P% y7 A2 \6 B$ ]- F6 l15
- Q- y: s$ L: x2 m$ B16
4 V! _( `" u/ j8 }/ p9 S2 k* n17
( x* A4 I: L. ], ^2 M, }181 l$ [5 z  x# H4 Z" i# p
19
$ \, t4 W  b: x. V% q3 H% k20
0 O- t# S4 q2 H7 X+ n21/ j& O& S: r; B0 o+ _: k" k) ?
22, g  m# }* b0 [% |
23
5 l, S& y5 n& `# Z24
  e4 y2 h% s+ C% m) O! R8 e$ |添加ceph配置8 G" `5 a4 L+ T' R9 E1 i
给ceph添加一个网关配置,添加如下配置到ceph monitor节点的ceph.conf文件中, 并将该文件移动到RADOS网关节点。确保主机名是RADOS网关的主机名。! N* H3 ^- `( F+ h$ F

; K" S0 H4 m' R: o  P1 Z) [: E. n[client.radosgw.gateway]
/ }. N; p+ `0 t" k/ E7 ~% _host=ceph01
9 \3 _1 ]2 T# G7 Jkeyring=/etc/ceph/ceph.client.radosgw.keyring% v& L; W' C' v  w/ r6 j
rgw socket path=/var/run/ceph/ceph.radosgw.gateway.fastcgi.sock
: T4 V# c! ], T: L+ [/ Rlog file=/var/log/ceph/client.radosgw.gateway.log6 u3 |0 o7 q, g+ d8 b
#rgw frontends = fastcgi socket_port=80 socket_host=0.0.0.0
- H& i4 G. w  @3 ?$ H) trgw dns name = ceph-rgw.objectstore.com7 M. a6 Y# c+ u; U4 M, h7 J
rgw print continue=false6 V4 I; }% V6 d# t" u9 O
1) Y- L, ], P0 K8 Y2 T/ p9 Y
2
  t7 _2 t& X' J9 @6 h' G: p" x3
- T% z3 Q9 a9 y! J# g3 b; ~' s4* [1 k$ }% Z! ^
5/ T7 ~7 a" g( _- O- g& D
6
4 p0 ]( ?9 F2 c! [* v7
, G) U$ }6 {' R8! ~$ ~+ I  r) h& j6 d; L, h
设置文件权限
  I" N+ U2 S' l' d调整RADOS网关节点上的/var/log/httpd、/var/run/ceph和/var/log/ceph这三个文件的所有权和权限,并设置SELinux为Permissive。- u) M$ q$ B/ d

+ {$ @; v- C5 w  o; A0 f4 t% m+ V  hchown apache:apache /var/log/httpd/2 H6 a! a- w* u
chown apache:apache /var/run/ceph/. j4 H( l. E" ~7 V
chown apache:apache /var/log/ceph/
% M6 f1 R: S* f1$ A5 S3 r/ [* c  h4 L
2! K1 T7 h; P2 Z
3
! A5 Z9 D7 V+ j/ Q8 H8 M启动Apache和ceph RADOS网关服务,忽略遇到的任何警告。9 T' p! h5 b7 J& W5 J. l
3 j" S8 Q: R, N8 C! i/ R% j* ~- h
启动httpd& {! a+ R# k" U3 ^
systemctl start httpd
# b- z/ N. ~9 U& `1
- N6 ^5 S  K$ A- s启动ceph-radosgw.target服务4 ^* j# X- q, v. A: ^: t
systemctl start ceph-radosgw@radosgw.gateway.service3 j8 e- C2 y% G5 b# n
1
! k3 H+ {2 M7 Q4 f! w8 k8 x  B验证
3 s: X1 Q" ^1 J( qcurl http://ceph014 c& x; [0 a! s6 ~
<?xml version="1.0" encoding="UTF-8"?><ListAllMyBucketsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Owner><ID>anonymous</ID><DisplayName></DisplayName></Owner><Buckets></Buckets></ListAllMyBucketsResult>[root@ceph01 yum.repos.d]#
& L1 P& i0 ^: z1 f# a/ C5 Z1" j- U# A, w9 q$ c: U1 H
2
: V4 t' j7 F6 N1 J$ {' X或者浏览器输入rgw节点ip! I4 N+ Y" g7 X6 k; Q  S: w; ~$ [
正确输出如下
, I0 R* T. ^7 R' Z# G2 T% K& E
. S/ g- H" Z$ S7 u; H0 S! \$ F. i9 H3 n  o
Nginx fastcgi方式配置rgw' g: u8 i0 u( n! ?+ J7 ^
添加ceph配置
2 p# |' h* S. l* ]7 k给ceph添加一个网关配置,添加如下配置到ceph monitor节点的ceph.conf文件中, 并将该文件移动到RADOS网关节点。确保主机名是RADOS网关的主机名。
' s) h0 E+ u% k9 T. v" y4 U9 v" `( C9 |. }$ I, m- I0 p9 l
[client.radosgw.gateway]$ ^+ s# a- o, G! U
host=ceph01
" M$ \$ K0 t: A2 ~& pkeyring=/etc/ceph/ceph.client.radosgw.keyring
6 K$ x0 o" B% j* @  F' ], X8 Vrgw_socket_path=/var/run/ceph/ceph.radosgw.gateway.fastcgi.sock* d& v$ z5 u8 Y2 I& V# c
log file=/var/log/ceph/client.radosgw.gateway.log+ H& M  K# n: x- V, }
rgw frontends = fastcgi
& ~' U6 D% Y7 v* P: Nrgw print continue=false
& z' u2 D8 `+ j6 ~1 z+ {rgw_content_length_compat = true7 Y& Y' ^# L7 j4 f: c5 v& y1 V
1$ W$ y7 K! F4 Y! A
2
7 r) z; q& _  X8 a3- S' {) O/ K3 g* j, q' i/ R9 O! W8 K: ^
4
/ q  I+ q2 i; u7 w% \$ H. q% X# @5
3 M0 d9 }4 U. R6
" S+ O' W  t$ e$ D+ S- K2 B3 l7
) L0 {9 K* T5 h4 v6 M2 Z8
* z* O0 c, c, M% w安装nginx
# O$ f2 s) p' p/ Z4 j/ _yum -y install epel-release9 X5 }) k5 H: U* q; e+ |; u* C
yum -y install nginx
4 w. Y0 F7 n0 }1 a. c+ A, Z  w1
! h  T2 _. e( ~- U5 u* ~21 k! o' e  t6 `9 f. J; P
配置nginx
3 S* Y! o, h! s9 }3 \) u# w8 N) r配置nginx服务,在/etc/nginx/nginx.conf文件的http段下添加如下内容:
$ f' ^/ ?8 ^- h% o2 k  G1 g4 S4 u9 A0 v$ \& y8 P
http {' S1 H5 x/ {8 r
server {
4 \# S/ a7 @3 c/ w- l        listen   80 default;
2 B+ E+ H8 t% S5 J: m5 f        server_name {hostname};+ z3 e& v& G& F8 q/ r
    location / {
) h# F# b" y6 S. L( X, H            fastcgi_pass_header Authorization;) N/ D) W$ g2 ?4 l3 M5 i+ T
            fastcgi_pass_request_headers on;
3 I0 E6 y1 n0 J2 S) f2 [            fastcgi_param QUERY_STRING  $query_string;
- O! O% L2 n$ |/ |8 ]            fastcgi_param REQUEST_METHOD $request_method;
% g; A8 a# r+ L5 P$ s- |            fastcgi_param CONTENT_LENGTH $content_length;
. u% p2 H# y( v& e/ a4 }, z) w! d- ^( ?            fastcgi_param CONTENT_LENGTH $content_length;0 k& j: b7 C( q. {! t: E

% X& t6 S. g) H5 A* Z0 ~" y            if ($request_method = PUT) {- G( N$ g! K( j) w/ i
                    rewrite ^ /PUT$request_uri;* Z8 h8 f3 w5 |8 @
            }: C" k" q/ F- d- E2 S3 U

7 A4 B' T& t+ ~1 H4 f            include fastcgi_params;  M5 @4 f- M! l' x( X8 U) {0 B. h
            fastcgi_pass unix:/var/run/ceph/ceph.radosgw.gateway.sock;
1 q( q9 L+ r  z" o7 f! I% V1 W        }
( {. K8 [! O  N  ?+ b
2 a  }- q0 d; J' `" W        location /PUT/ {
# E  F( h/ _+ L% b  p1 s! U6 l            internal;
% i: o8 g1 {5 v2 Q' t4 ]            fastcgi_pass_header Authorization;4 F) U; ~5 G3 c- o
            fastcgi_pass_request_headers on;2 p: R- v0 W# h
3 p8 ^) }# X; \# v) _4 _+ u: p
            include fastcgi_params;; i! f6 u' D: h2 x2 e. m6 |% S: h
            fastcgi_param QUERY_STRING  $query_string;3 q, [9 {6 C% E  V- O% o& O' n* \
            fastcgi_param REQUEST_METHOD $request_method;# l) K) E( R. }' V9 t- \
            fastcgi_param CONTENT_LENGTH $content_length;) J! W, C8 ^, _- A0 y
            fastcgi_param  CONTENT_TYPE $content_type;: S6 n+ e1 p) u7 Z" ]4 p
            fastcgi_pass unix:/var/run/ceph/ceph.radosgw.gateway.sock;5 e% \% p' a7 N# H# P4 }" `: N% u
        }% ^6 `6 ?4 x- N* L
}, Z4 V& [% \1 E( U# _, |
6 f& X0 f3 x8 y  Z1 S6 d

' _2 K) }! E% V0 @( l) Z注意: fastcgi_pass 指向的路径需要与ceph.conf中配置的路径一致。
# _4 s$ P# t) Q' v修改nginx启动用户
& o; Y3 ~) s9 O; f编辑/etc/nginx/nginx.conf文件,修改user为root: o- L7 W9 R( e3 i8 t/ |$ T; U

) {* R9 E! h) e" m+ r9 T# zuser root;( ~+ j. m9 x* s: z6 a7 |

% u% t& z4 N6 h8 `' y; V启动nginx
7 L7 f8 N5 D# V, i* R. p* a. P) [4 esystemctl start nginx
1 z& D/ R& x: K/ z2 M' C# Q* n. ^# e
cat /var/log/nginx/error.log
/ d" c5 X. X- I2020/11/03 15:19:09 [crit] 26789#0: *23 connect() to unix:/var/run/ceph/ceph.radosgw.gateway.fastcgi.sock failed (13: Permission denied) while connecting to upstream, client: 192.168.229.114, server: ceph01, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/var/run/ceph/ceph.radosgw.gateway.fastcgi.sock:", host: "ceph01"5 W, e# A* B5 ?. J
5 x( ?& ~. g! p% o$ Y
验证  R* v5 E& x$ E5 M: [
curl http://ceph01! [9 J9 ~( L3 h/ V/ p# t' |
<?xml version="1.0" encoding="UTF-8"?><ListAllMyBucketsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Owner><ID>anonymous</ID><DisplayName></DisplayName></Owner><Buckets></Buckets></ListAllMyBucketsResult>[root@ceph01 yum.repos.d]#
5 D  d: M9 B" N; }2 ]+ m' O, [
5 _5 n' D% S$ u* c" L: x  y9 n7 r6 Z或者浏览器输入rgw节点ip; r6 I6 Y5 r/ B  s% `0 S
正确输出如下
. _  t/ C' f& Y7 ]$ p1 X' }8 Y0 I& C( h1 J9 ~( M

  T9 k# m6 `- w" M' R2 U1 t报错* O2 |+ ~1 a6 n, s6 U7 m. `
配置nginx fastcgi rgw时候权限错误- E5 w8 @$ N+ i, \# f$ b; H& S
curl http://ceph011 H; B0 z, |: c0 t3 {4 [& }2 i- b
<html>7 y4 s" w9 D! m% Q& T$ l6 f/ m
<head><title>502 Bad Gateway</title></head>
) B8 f/ z/ H/ }" m$ }<body>% O+ U) a/ A, O4 c" i  ^% Z
<center><h1>502 Bad Gateway</h1></center>; p) n+ W  i0 @  c- k
<hr><center>nginx/1.16.1</center>
7 t9 l) r+ C1 E  A& r$ q% P! D1 b. u</body>1 y( A% H5 c! ~# U" B6 x3 Y
</html>: H; D0 Q0 D9 |5 J
- X+ A- e( U/ i4 Z6 L
nginx错误日志; w+ e% J1 ?  u% V% j
  n# ^8 f- L7 I+ F
2020/11/03 15:19:09 [crit] 26789#0: *23 connect() to unix:/var/run/ceph/ceph.radosgw.gateway.fastcgi.sock failed (13: Permission denied) while connecting to upstream, client: 192.168.229.114, server: ceph01, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/var/run/ceph/ceph.radosgw.gateway.fastcgi.sock:", host: "ceph01"& M* N  H: }4 u' P. X

. t3 A$ T9 c/ C4 q/ c# U解决
2 e" \# |$ y( T修改nginx启动用户
0 m2 l6 G7 p" v编辑/etc/nginx/nginx.conf文件,修改user为root
3 W+ F  s! q  [) P2 G5 m+ V/ I$ G2 H( ]# r. h' |
user root;
5 a+ E2 ]" Z0 q+ Y$ k' x9 _& g% I3 C6 M8 U3 J# v8 S: x! }6 U! p

. ]+ p  W  j( t! W+ {; ?% [重载nginx配置
! j, k5 `( a! V" G6 [$ X* ^# \" e+ u' U
nginx -s reload
: E, o/ a6 S/ Y: A: c& E! A7 z9 B, ?. b" j
apache fastcgi配置rgw(方法2复杂)报错
5 `: z; b7 V$ b) V3 Q. E" n0 pcurl http://ceph017 D! V1 A: Q' H# m% I
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
5 ^5 n6 H$ H9 o/ C; t' o% y<html><head>; ?3 x! ~# ?; O
<title>500 Internal Server Error</title>( q& M9 ^4 B* \6 A
</head><body>
& R0 f* Z# i; u' u<h1>Internal Server Error</h1>0 p' u8 D) I$ w/ I/ |
<p>The server encountered an internal error or
) R4 z+ d" }: H. q( M& Zmisconfiguration and was unable to complete3 s" H! @  `5 e* t; r
your request.</p>! M3 Z! D/ E3 t& x1 v% ]( A
<p>Please contact the server administrator at
& `# C- z4 N8 t9 z( H, \4 D1 X zhanghao@ceicloud.com to inform them of the time this error occurred,
/ e+ ]. ^  m) t' f and the actions you performed just before this error.</p>/ [7 p* }2 D/ e6 r3 S: ~
<p>More information about this error may be available
3 a9 V. ~9 B9 ~. U: Vin the server error log.</p>( B( R* w) |# @% ?  v8 Q
</body></html>
2 _2 X( T. D3 w( a2 U' {; u1 o% K2 b9 M9 @+ v& C  s9 E# i

9 I2 P+ O/ _* K0 O6 E[Tue Nov 03 15:31:06.955924 2020] [:error] [pid 28243] (13)Permission denied: [client 192.168.229.114:36712] FastCGI: failed to connect to server "/var/www/html/s3gw.fcgi": connect() failed
8 B9 E; s; s9 c' a2 g[Tue Nov 03 15:31:06.956045 2020] [:error] [pid 28243] [client 192.168.229.114:36712] FastCGI: incomplete headers (0 bytes) received from server "/var/www/html/s3gw.fcgi"
$ u7 z1 G) o: L) t# o; @6 r9 i" `6 n* i. ~: H( q
( t" q) l0 t7 G/ b, _: @
授权) p- n7 K# d) t9 Y$ d: j

; y$ n8 s: g) C+ hchmod 777 -R /var/run/ceph/2 Z& h( e+ c' O6 C6 n2 }% V

2 V; Y1 h( z! X# T  p换了报错,但还是权限的问题! @3 e7 O/ \, {( U& [; b; G
4 s  Y! h$ P7 F5 L
[Tue Nov 03 15:39:19.598498 2020] [:error] [pid 29128] (111)Connection refused: [client 192.168.229.114:36768] FastCGI: failed to connect to server "/var/www/html/s3gw.fcgi": connect() failed$ p: \+ `- |$ P  `* |5 ^
[Tue Nov 03 15:39:19.598595 2020] [:error] [pid 29128] [client 192.168.229.114:36768] FastCGI: incomplete headers (0 bytes) received from server "/var/www/html/s3gw.fcgi"! v4 c6 q: j% z9 c8 D

, u  }& }; m' J& B" O$ K5 T3 r: {& G2 p" V0 ^6 H
检查httpd的启动用户,发现启动用户不一致' Q3 h. T7 {1 V; O% ]# r$ p, U

4 M& C) t' C' i5 ~) \* k  h7 S- |0 p7 P[root@ceph01 yum.repos.d]# ps -ef|grep httpd
+ l! A( E5 L1 Z/ oroot     29125     1  0 15:38 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
% L. c( ^/ W: sapache   29127 29125  0 15:38 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
$ I# Y% k7 P. n8 E9 Wapache   29128 29125  0 15:38 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
" E6 \/ d; P$ M; z, x1 Fapache   29129 29125  0 15:38 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
4 @4 d4 ^3 S0 n3 V9 P- o7 Uapache   29130 29125  0 15:38 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
: Y/ Q  L3 E" S) _$ I4 {apache   29131 29125  0 15:38 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
7 l& X+ x3 b9 [3 Kroot     29414 12349  0 15:43 pts/3    00:00:00 grep --color=auto httpd' {, H+ o" R0 V. n

3 _9 h6 n$ x1 R& L( s4 F/ c4 r解决:
% |& r2 B8 R6 G/ ~0 J  `2 U* ]- E用root用户启动nginx: o$ O0 l2 s5 }5 m" L3 E
具体方法百度,但不是只改配置文件User Group那么简单。
0 A! y. j# O! f& L: s
, ^7 {0 t; v5 \# h" L创建rados网关用户5 W  |& B7 A; K, N% g/ j7 ~
要访问对象存储,需要为RADOS网关创建用户。这些用户的账户将由访问权限以及密钥标识,客户端可以使用这些账户来执行ceph对象存储操作。" Z. I8 x7 n" S+ y/ I
; R* [8 @5 K/ d, R
复制ceph密钥
% c  a, P) \" x从monitor节点复制admin的密钥到rados的网关节点
$ o* i3 a/ Y+ X: v% c6 n' r& }. H& b
0 v6 [, T7 O% b. E5 i  H5 p% _scp /etc/ceph/ceph.client.admin.keyring RADOS网关节点ip:/etc/ceph/
6 T. F% A- L4 |: _: I4 v
* w+ [7 N- N" G# }. W( `$ P7 S5 Z从rados网关节点执行命令确定集群可达
" M6 n5 I: L+ N: X  ~6 L7 i8 qceph -s
+ S  X0 a  x6 u
! I. L5 j5 ^; y! ~创建rados网关用户
( c+ k; I2 n5 `这是会生成该用户的access_key和secret_key,这两个密钥用于访问ceph对象存储。" j/ {& A+ w2 ^1 C8 A
( L2 C1 F4 V$ J: m7 M$ [
radosgw-admin user create --uid=mona --display-name='Monika Singh' --email=mona@example.com
* a$ O5 D4 {3 I" ]" L8 C7 V输出8 u) R. x. u2 u6 ?& `6 q$ r
{  b" _2 x; Q$ u
    "user_id": "mona",
+ k2 J: \2 [- V    "display_name": "Monika Singh",  j! g* [5 ~3 w; _
    "email": "mona@example.com",
' x  Q7 d( r8 N) F% C4 B0 a( G    "suspended": 0,
) X5 b2 W, S7 S& e, C; e! Z5 E    "max_buckets": 1000," x( r" r6 l( }3 a! i: a& E
    "auid": 0,
0 |+ N- k) x" m, |    "subusers": [],
( C9 m* D' E0 g7 P* e$ j    "keys": [
# E7 n$ O4 K* Q& |/ t        {( Q4 e$ L' w5 d8 [7 j) u; L
            "user": "mona",
9 e6 ?7 f: d/ h0 e* s. E            "access_key": "JDRTJS0766NOL89YXR8X",
5 y* O: {0 {  V            "secret_key": "Sg6QTkXMs79epxSUEvwFmjVNWgqvWI2Jkll4KiNQ"8 L( t1 a8 y( t" S0 \+ @4 W% x9 P
        }
  ^& w; q, X% Y: a) p& j    ],. |9 J$ g4 ~( ~8 c: u6 m
    "swift_keys": [],% ?3 ^2 C* J5 L  l8 Q, l8 u
    "caps": [],
- e, X; U! w1 P% o* i  `    "op_mask": "read, write, delete",
5 `" a8 {2 H1 M. Z. J+ ?    "default_placement": "",
6 e0 j8 k4 ?1 s0 S$ D, I    "placement_tags": []," }% n! l1 X. `' w( {6 C& W- `
    "bucket_quota": {6 ]- E# D: V: c1 J  a
        "enabled": false,. r: t; `4 Q- |3 J
        "max_size_kb": -1,. y$ W0 [8 [5 X! u8 }
        "max_objects": -1
8 O2 l' D( w, I4 ?  p$ }4 [    },& b) ]# f! Q- d. |4 ]
    "user_quota": {% a0 }$ B; a; s9 D. U8 h/ M
        "enabled": false,5 ~6 x' t0 N  _5 b% C+ k
        "max_size_kb": -1,
' C7 X- N$ {$ J( l        "max_objects": -1
2 N) Y# [" `, h. `7 r! r    },4 c) z/ C- ^- s& j9 C7 H% |3 g, _1 F
    "temp_url_keys": []$ D" M+ o$ w8 w, w6 z  a
}
% m0 X/ s* b! J
3 Y' K2 A' y; {2 o; I4 z  |( @" ^说明:执行这条命令之后会自动创建存储池,创建的存储池如下
( f. n! F- K( o0 t; }, o" l! W
5 T/ o5 @6 n) K$ g0 F# S$ K* _- dceph osd pool ls7 p2 r0 S( V  k6 w) N+ m" a" m4 f
.rgw.root2 f" S( ^3 \* U- J! J6 b) y
default.rgw.control3 |2 a' }3 V/ n* ?' N) Q" D! J- n
default.rgw.data.root4 Z0 A) d4 W7 @6 F* s
default.rgw.gc
" a" T+ F3 ~  ]0 n+ q$ `0 k5 [) Vdefault.rgw.log
: Z! i- E/ \3 L2 ~5 u  Zdefault.rgw.users.uid) {3 R4 c1 X8 e, x) i* r
default.rgw.users.email9 c2 W# U( {& \) t* u
default.rgw.users.keys/ x0 X- W9 [9 Q* k5 x

) ?( v: R. k- t$ ?, \8 e" M4 v创建一个mano的子用户用于swift访问
2 x; j4 [" d" hradosgw-admin subuser create --uid=mona --subuser=mona:swift --access=full --secret=secretkey --key-type=swift9 g. c1 o, D5 r( ]2 T  s2 Q
{
( [3 O3 l7 x6 w2 m4 s' Y    "user_id": "mona",# Y9 r8 d, V5 M" B6 H; o- F
    "display_name": "Monika Singh",
" B  m: D" |& x: x! M- ?( A    "email": "mona@example.com",' y+ x" M/ Z3 j- ^& u8 {8 y
    "suspended": 0,
0 a5 m! }" Q1 j  k4 [    "max_buckets": 1000,
( _* g( i0 G8 E" d    "auid": 0,
# |/ t6 f( M4 F, y" I    "subusers": [
, C+ S5 G7 d; E: Q! s3 Y        {2 X& ]8 I* \) l" ^4 W
            "id": "mona:swift",
# Q# y/ d$ o" _0 f; }- L5 ^  l            "permissions": "full-control"
1 s' p, v6 h  I) x* c3 W' F0 d6 G' C        }
, T8 b  p9 ]  d    ],2 b( b( j1 _6 U7 U9 A: G: J6 G
    "keys": [
% ~& q( }% o9 {/ C; U        {0 x5 [( ?: r- z/ p0 |7 U3 i# B
            "user": "mona",4 ?" j* v4 W2 X: h1 e
            "access_key": "JDRTJS0766NOL89YXR8X",
- H  [, Q  F- P            "secret_key": "Sg6QTkXMs79epxSUEvwFmjVNWgqvWI2Jkll4KiNQ"6 G# `8 I) L% f3 }3 V
        }
' A& D4 M' @( X- H; i    ],
: R! O+ p1 @$ R! J5 `" ^- k    "swift_keys": [( V: `" p& }( r" X# V
        {. Z3 L' P1 _. a# E3 Y' ~
            "user": "mona:swift",# J7 Q! h  U0 T- |
            "secret_key": "secretkey"6 v: f5 Z, |& N: ~0 t; k
        }) B- t+ w+ |4 `5 W5 k' O
    ],3 r, ?4 s7 j7 g# `8 o
    "caps": [
, W" z6 G6 c: Q$ w: i        {: x9 [3 i( [* K1 K- o% T4 H2 T$ a
            "type": "buckets",
' a  ?' ^9 _. q- D2 ]            "perm": "*"
0 {( G* n5 i" W5 `        },/ N1 x" @$ i8 \$ \
        {
) F0 q. u4 ]* E; y' c            "type": "metadata",2 T) F, ~. H0 O4 v
            "perm": "*"
: w$ B' r3 u7 `$ O        },
0 J9 U- ]1 F0 q& \        {5 m1 [( {( O1 d9 ~' T6 f* w
            "type": "users",
  \' m7 V4 l& e( i6 N) l9 w+ }            "perm": "*"; t: {2 H9 [$ y% i1 \
        },
- z2 _9 N4 Z$ |* ~; _' F        {7 J+ e- _6 w9 C
            "type": "zone",
8 ^4 V$ ]& _; ~            "perm": "*"
$ r1 ]7 s. X2 i  a+ {3 E        }; o( U, _& ?7 ~* W
    ],5 [% U) x3 N. n9 A, X
    "op_mask": "read, write, delete",1 x7 \) H$ @2 |: w/ |1 J
    "default_placement": "",+ D; U8 ~. P! @' [8 G. }
    "placement_tags": [],
1 [4 v7 k0 C( g2 X# k% V    "bucket_quota": {
; _( V) e* K' R; L2 [/ e        "enabled": false,4 a7 y" l1 y+ {/ I" s
        "max_size_kb": -1,( B+ ^* Q6 |7 z0 Y
        "max_objects": -1
$ O* O! s  {1 N8 E: N7 D    },
* g8 Y4 V/ J" R' z% {: k    "user_quota": {$ _" _: ]9 U/ h! r$ P
        "enabled": false,
$ A/ B8 Y' p  L& L7 n        "max_size_kb": -1,
( K8 [4 B8 ~. b: j. P2 L        "max_objects": -15 e- h8 g7 t1 h# _+ |( P$ }' J) o3 a
    },* h  ?- n4 ?' @
    "temp_url_keys": []
' c9 P- s" [; a0 z# _& q}
5 v! v- Q5 M* `9 V$ e* u
8 g2 t- Q5 M3 S( w为访问用户增加必要的能力( m- u" a& s2 D2 G8 K
radosgw-admin caps add --uid=mona --caps='zone=*'* \4 z- ]& b+ o* Z
输出
% T, w" |  m2 S9 O+ t; v6 Z{
0 p, `- |  w( s0 A* t% N    "user_id": "mona",
% }2 c: s; P) l: B    "display_name": "Monika Singh",4 i1 ^+ m2 g  z- [$ x. F/ _
    "email": "mona@example.com",: f: Y. _7 g3 B9 S6 R
    "suspended": 0,5 F) N8 g$ m  W: a  d% H
    "max_buckets": 1000,2 Y& Y8 ^# P- Y; |. {+ f, \0 h$ U
    "auid": 0,
6 r- g; V7 }0 d7 u! [7 [    "subusers": []," g5 m9 j: o0 K6 Q. W' o" z
    "keys": [' G* X' z; c# D
        {
8 {; B" N" @* S! o  `0 ?            "user": "mona",( }. m6 c# s( c$ h
            "access_key": "JDRTJS0766NOL89YXR8X",
' k) |, R5 a# H2 m            "secret_key": "Sg6QTkXMs79epxSUEvwFmjVNWgqvWI2Jkll4KiNQ"8 L* I8 w  o2 K1 ]0 N3 D( V  N
        }
  f! B. @, n" d9 b. E8 A& Q    ],
6 s% R2 m7 F/ Z# A    "swift_keys": [],
) p' T' ]( Z7 W( A( w6 q    "caps": [
( w( ]! q2 W2 D" R        {
0 m: f$ w0 ^. _$ n7 k            "type": "zone",* g' M+ }9 y# J* ~; a/ q
            "perm": "*"
5 m3 j9 X7 X7 O* I3 N        }7 y& p" x- I6 C* J; J
    ],
, V  ]$ Q3 u0 b! j4 I8 S    "op_mask": "read, write, delete",( V5 \) M- A7 U9 s1 t
    "default_placement": "",  ~& p: a2 H. y" h' q  G+ h/ R
    "placement_tags": [],
5 {( Y* C" H; G4 a8 L- {; w    "bucket_quota": {; B, w. e" @5 o8 F
        "enabled": false,' S1 a% w* k9 w$ @8 V6 c' @  v8 w
        "max_size_kb": -1,3 e% v( ?9 y' d! N
        "max_objects": -10 s: ]$ C8 J3 r4 }
    },0 v$ Y( K3 d- b. Y, Q2 Q8 L3 P
    "user_quota": {0 W5 j1 M  }+ U0 a6 p
        "enabled": false,, i% M  [: U& J; G0 Q! i
        "max_size_kb": -1,
! Q+ a8 d4 N' \0 v        "max_objects": -17 @% ]# V2 D6 s- ^/ E
    },, S+ A- ?" U; O( z4 d: G
    "temp_url_keys": []
! N& P7 w, |) t' m5 y. v) k# t}
# f1 X, Y$ C4 V) ?. r
  P! _7 J& ]% [* }% y& `2 Y' M& D5 @# M: [
访问对象存储(IP方式访问)3 P; ]( I: Z, d% ^  x: g' G
S3 API访问" V2 ?# P9 n% y! W; J
客户端安装s3cmd
# r$ Y6 D9 ^& A2 s% ]) |4 eyum -y install s3cmd4 l3 ^" }7 z8 e3 E+ c
  ?- A6 c% z! w
生成s3.cfg配置文件
/ E* b- H3 O4 A- us3cmd --configure. [9 v9 H1 i( D. v7 `
* n* u0 R/ [; S5 h7 K7 x+ G
Enter new values or accept defaults in brackets with Enter.: Z  \4 X8 U$ B. ]' Z
Refer to user manual for detailed description of all options.6 q+ \) g" l2 ^7 Q. o. G9 y

  A" h/ s1 `, @8 }1 m% DAccess key and Secret key are your identifiers for Amazon S3. Leave them empty for using the env variables.7 h3 K, i/ t3 C3 V, t3 D8 X
Access Key: 1F0D2GRLPRU9ENSB689J  # 粘贴服务端生成的Access Key
; X( Z0 F$ [, c# _5 w; n; zSecret Key: M5AmCuh8XcWnKXvBUJ8orE90z6508YGDtbvIA0h4  # 粘贴服务端生成的Secret Key6 v% R) s- ]! ^+ @) o# ^) @1 X9 `
Default Region [US]:  # 直接回车即可
" g$ l' i2 f/ D" }  o/ q: ~/ Y9 ], i/ d: b+ h% b
Use "s3.amazonaws.com" for S3 Endpoint and not modify it to the target Amazon S3.( A7 F' _$ o: S( \; c
S3 Endpoint [s3.amazonaws.com]: 192.168.229.114  # 输入对象存储的IP地址# T; a( ?: ?9 Z6 n2 f7 D7 E% ^* Q0 w7 P
% H5 N' T4 i- |0 m" H! S
Use "%(bucket)s.s3.amazonaws.com" to the target Amazon S3. "%(bucket)s" and "%(location)s" vars can be used$ U* H: r1 G3 W) x
if the target S3 system supports dns based buckets.
  K; C8 a$ @) R6 xDNS-style bucket+hostname:port template for accessing a bucket [%(bucket)s.s3.amazonaws.com]: %(bucket).192.168.229.114  # 输入对象存储的bucket地址
! u0 B4 w* t6 Z) D7 J) k" w. F, h# F/ B  j- {: K
Encryption password is used to protect your files from reading
8 Y( {* k: \$ |, y7 I7 {7 C0 hby unauthorized persons while in transfer to S3- ^  j4 P( ^3 b9 R
Encryption password:   # 空密码回车
9 d  K6 I7 g3 \, F' ZPath to GPG program [/usr/bin/gpg]:   # 回车: z$ S/ s" U$ t4 {

8 a% p6 ]2 i) V% ^* HWhen using secure HTTPS protocol all communication with Amazon S34 t4 e$ D$ J# q: ~  ]3 ]
servers is protected from 3rd party eavesdropping. This method is
- n$ H% w8 {, K8 L  Pslower than plain HTTP, and can only be proxied with Python 2.7 or newer2 O- N( G- ?) I0 C
Use HTTPS protocol [Yes]: No  # 是否使用https,选no9 `( D  D* [7 M! p% _4 E6 j
( E( e9 Q) f. r  {/ c
On some networks all internet access must go through a HTTP proxy.
: Q7 o) n" Y8 L3 qTry setting it here if you can't connect to S3 directly
# @6 x' |6 Y) B% Y; p$ s% Y5 n  QHTTP Proxy server name:    # 留空回车; g$ t: @% E' x
1 u0 `6 S  \% R+ \# f" R
New settings:
, z2 `9 P, ^; s- x& P  Access Key: 1F0D2GRLPRU9ENSB689J& R: f, x4 W% @5 @
  Secret Key: M5AmCuh8XcWnKXvBUJ8orE90z6508YGDtbvIA0h4
8 f5 e3 ~( Q# f0 R6 m, a  Default Region: US
7 v: B4 y2 C9 c: n$ |6 c) w4 W! i+ c6 Y  S3 Endpoint: 192.168.229.1148 H- T, f; K- B8 }5 }# O( Z
  DNS-style bucket+hostname:port template for accessing a bucket: %(bucket).192.168.229.114" I: }: n8 I% a1 i4 B: A6 R
  Encryption password:
8 h6 R/ ], E. c1 H" J  R# r  Path to GPG program: /usr/bin/gpg
4 b- C/ v: L. O  Use HTTPS protocol: False
- N- v. C/ W2 b. d0 j! g  HTTP Proxy server name: + R$ H4 g+ B. ]5 i
  HTTP Proxy server port: 0, F+ Q5 C5 [' d  H) }1 G& p. H
* o# ], H, W* `7 m% @7 E
Test access with supplied credentials? [Y/n] n  #输入n. h% Y0 b) ]- S

8 X$ q. ]# \& F% aSave settings? [y/N] y  # y 要保存配置文件5 ^1 j4 W0 Z  D, `
Configuration saved to '/root/.s3cfg'  # 最后配置文件保存的位置/root.s3cfg
# B% e. l; O3 [+ M/ r/ i
7 ]9 j; y, w) a) a$ {$ V: {7 B: ^- J; w4 \) h& L, Y  t8 I
生成的s3.cfg配置文件内容如下
! A  i) o" m; c3 d+ u* ]! f, Xcat /root/.s3cfg   l7 `+ d9 n* `2 O# t
[default]$ F2 \' U7 G; V% d
access_key = 1F0D2GRLPRU9ENSB689J
* ?; g0 ^* Z# d6 l) C% u/ E+ }5 h3 Yaccess_token =
: R  C8 J3 Q' m; J( U  D- c. n5 ]add_encoding_exts = 4 j8 i( ?' Q" b- T" F: U
add_headers =   [3 r* f: `3 n  U
bucket_location = US* d  B" d5 K/ N" F( }. `
ca_certs_file =
1 u7 k) D8 Z+ Ccache_file =
( c  ^' V& t; n. w: s+ u' ncheck_ssl_certificate = True
' e3 F6 m8 d) r$ lcheck_ssl_hostname = True  ^8 S. A% F3 V2 d$ e$ U# Q; Y7 @
cloudfront_host = cloudfront.amazonaws.com
7 ~- a+ T; d1 X& W1 iconnection_pooling = True9 ]8 v$ {0 l' G, [0 W
content_disposition = / E( p5 z( j2 y; ~& O0 g
content_type = ) b' f6 ]; Y+ y4 e* W& @/ i
default_mime_type = binary/octet-stream
2 S- K$ O* l6 Q$ k4 x/ i& W, zdelay_updates = False5 o0 K: m8 r1 k3 b+ K
delete_after = False
% P3 U' X& S( X2 }9 r5 i8 e2 rdelete_after_fetch = False3 Q* Q! L+ a! G
delete_removed = False  D' j5 J! M+ G3 k7 P: [; w
dry_run = False
2 l8 y$ N( L, L: Uenable_multipart = True6 M8 w+ w- g6 h! A: F, T4 @8 P& b
encrypt = False
! m! m1 h4 |1 mexpiry_date =
7 u6 f6 A5 X; I9 Y7 e. Rexpiry_days =
) W$ q8 n4 N6 }expiry_prefix =
4 @$ E/ ~: u% Y# q5 wfollow_symlinks = False
* _) y4 g  T' tforce = False# I! j" P! i$ J
get_continue = False
, l1 L! ^9 w2 X2 F8 L3 u% ~gpg_command = /usr/bin/gpg' s* T* I, B4 W; J
gpg_decrypt = %(gpg_command)s -d --verbose --no-use-agent --batch --yes --passphrase-fd %(passphrase_fd)s -o %(output_file)s %(input_file)s% ?! K7 E$ Y/ g8 y
gpg_encrypt = %(gpg_command)s -c --verbose --no-use-agent --batch --yes --passphrase-fd %(passphrase_fd)s -o %(output_file)s %(input_file)s
+ x0 V6 l; L% x6 t# K$ V. Ugpg_passphrase = ( T3 n" ^" m9 q: y6 H" g9 z
guess_mime_type = True
% N  M9 K: e$ A) A/ q0 N' Q% }host_base = 192.168.229.1140 B* n1 }  z0 G8 Z* v# P2 V2 {
host_bucket = %(bucket).192.168.229.114
3 u- s4 a& h& ohuman_readable_sizes = False' `' o/ V" M  Y2 v
invalidate_default_index_on_cf = False
2 [' `* d- R+ F! `& b( rinvalidate_default_index_root_on_cf = True
2 J: ?# G1 Q  i4 finvalidate_on_cf = False2 |$ D7 F; O$ `5 Y1 _  K& [
kms_key = " V& a+ @4 p- {! T
limit = -1
6 j4 S6 y0 u" |$ Mlimitrate = 0
* A! R6 X" o: m% W' D, I$ Mlist_md5 = False
7 n2 f" W9 @) T3 s' h7 D2 P/ r& y3 Plog_target_prefix = 7 `% n8 d4 v$ c4 V  X' S
long_listing = False' l: p7 r) u0 Y
max_delete = -1, n1 X+ E7 f$ h4 q
mime_type =
' X* h7 q+ e- O: Smultipart_chunk_size_mb = 15
, h1 e* h& l( r  n3 ?. fmultipart_max_chunks = 10000- Q; t( ?2 i/ s$ n
preserve_attrs = True
, W8 w( p- B/ Hprogress_meter = True
1 X% d0 Q0 a' zproxy_host = 5 T5 x) `0 V. H/ W6 p* R6 m
proxy_port = 0# `! R$ E4 p/ ^/ @
public_url_use_https = False
& \$ E- r; C: |6 `put_continue = False
' o  B* K- q! Q% B$ C) @  Krecursive = False
) i% k& p% G. @0 R, nrecv_chunk = 65536
; I1 K, c# e4 O( Q8 [8 T6 ereduced_redundancy = False  C: M" B/ E) M$ e) r- U/ k
requester_pays = False
. J4 M4 w6 Y3 ^restore_days = 1
- g$ E* n# W$ g5 M2 {% o% Brestore_priority = Standard
4 a& r% G. H+ @9 B3 V: usecret_key = M5AmCuh8XcWnKXvBUJ8orE90z6508YGDtbvIA0h4
- i5 C2 V1 {2 Usend_chunk = 65536
1 r! v/ o# j5 A- T* b$ [server_side_encryption = False8 r" _! T0 p& R
signature_v2 = False' C. X" ?+ K$ |
signurl_use_https = False
: ?! ^7 A, U$ ^simpledb_host = sdb.amazonaws.com7 j; t( E8 H, |5 j* W
skip_existing = False
' c& Y( U  o+ K! r  y- u* T6 {7 w: Ksocket_timeout = 300
6 X- a+ I9 w6 K5 i+ u% u" Sstats = False: ?3 ^; v( M1 x$ D! _" E6 S
stop_on_error = False( Q* M" e9 E" ^. ^5 }- _
storage_class =
  K1 s* \4 p5 R) t8 o9 _- z: rthrottle_max = 1003 [, O1 s& c+ x1 e
upload_id =
' b1 l. u- K* h6 `  ^( Z, Durlencoding_mode = normal& y. ^3 ~% x. v( a6 P: c. {, @, c  G
use_http_expect = False
$ N8 I. |( v  I, m: ~: Nuse_https = False
3 V6 z" v; A3 B$ i4 B& W% y! Duse_mime_magic = True
/ |' h7 V7 H: o- }% i7 nverbosity = WARNING: V# K& x& h- v8 y' r' Y  m
website_endpoint = http://%(bucket)s.s3-website-%(location)s.amazonaws.com/
9 V* [5 E! U% ^& R3 I* B% Lwebsite_error =
6 u$ N7 |) S. J1 swebsite_index = index.html7 M  W8 ?$ [: w* u  ?2 |& B

0 _( k" D4 s/ Y& H) J- K创建桶' G8 v, ?2 \6 _
s3cmd mb s3://buck1
$ R) V) M* H3 c. e+ B4 M输出
* J2 k5 T( R$ M3 o- zBucket 's3://buck1/' created' h* `- e) f1 M( x, J

: J5 D( q* g- R0 Y% ^s3cmd mb s3://my-bucket# O2 D4 f* P6 f7 p$ o5 ]3 @
输出
: E7 S  K! K$ U" q" M; zBucket 's3://my-bucket/' created
* M5 ^4 H4 W0 h. S
2 B% K. N2 l. ~1 T3 ^8 V, ?2 i) h3 U; f* r5 _3 W2 n; d
查看桶
- V5 n$ P8 ^. Q5 o8 bs3cmd ls! @1 C7 I; h' j4 e
输出8 }$ o5 `; x( H4 q6 [
2020-11-04 02:43  s3://buck1
; X! ]5 L$ i; O3 e2020-11-04 02:30  s3://my-bucket
/ o3 w9 Y5 Y3 `
) n: \# Z0 w" {往桶中传数据
- D% i5 ~, l; W! As3cmd put /etc/hosts s3://buck1
' j8 @0 T( u1 x% u输出" b  D. P& c& A2 X1 I. O
upload: '/etc/hosts' -> 's3://buck1/hosts'  [1 of 1]
$ p0 {! r' j1 ?2 X8 d2 x 304 of 304   100% in    3s    92.11 B/s  done9 E) Z# o+ U8 z  V( A( S" k" [

7 t4 D* _7 a$ ^swift访问4 d3 H  f9 B  n" p* G9 q# V6 j
客户端安装swift客户端
* u* r/ y) f  B% e6 Z- C- `yum -y install python-setuptools
0 v$ n0 P. g; O% ?8 Uyum -y install python-pip
# D  u. b& W# [; V0 h3 dpip install --upgrade pip -i https://mirrors.aliyun.com/pypi/simple2 k- J4 B- p1 s
pip install --upgrade setuptools -i https://mirrors.aliyun.com/pypi/simple% P, ]0 A" a1 Y+ P% c/ [# I0 O9 K
pip install python-swiftclient -i https://mirrors.aliyun.com/pypi/simple( i) u* ~- |8 M8 Q  f

  b9 S3 \3 m* `0 y% P+ m4 ^swift创建并查看桶
' B0 R. a# f& q$ |6 Xswift -V 1.0 -A http://192.168.229.114/auth -U mona:swift -K secretkey post swift-buck
' D2 p# r2 S0 u" A. M8 Oswift -V 1.0 -A http://192.168.229.114/auth -U mona:swift -K secretkey list
$ _, M5 B# M1 Q/ l0 r输出# Z( H0 v' ]7 B0 Y( x! Q
buck1
3 }! o7 q/ p% W/ S, q$ h7 gmy-bucket+ ^% ~" K, `/ ?2 v$ t9 g6 d' s1 J
swift-buck
5 ?1 G& K/ Y1 k/ L2 @0 b; i9 [8 v3 y2 }* [/ r7 W
访问对象存储(DNS方式访问)5 |# @# C, n% e/ J: f' E
ceph对象存储支持S3和swift兼容的API。为了利用ceph对象存储的能力,我们需要配置S3或者swift接口。接下来我们依次为这两种接口做一个基本配置。高级配置请查阅它们各自的文档。. J# h' k0 V' o9 ]5 T. r

2 ]: U6 E% b/ W) R& t% rS3 API访问$ |: w# u+ Y1 M3 Y4 ?0 B  p: C/ K
Amazon的简单存储服务(S3)通过Web接口(例如REST)为用户提供存储服务。ceph通过RESTful API兼容S3。S3客户端应用程序能够通过access和密钥来访问ceph对象存储。下面我们来配置它,除非特别指明,否则以下命令都在ceph-rgw节点上执行。
( L8 G) g6 [) O0 Xradosgw用户应该有足够的能力来处理S3请求。为radosgw用户(ID为mona)增加必要的能力。
) \0 e: ^! `8 d4 ^, W3 }
6 }& a# R" x% P1 |) `安装dns服务
1 _8 J7 z8 j) zyum -y install bind* -y0 }; J. v: K1 N" v, d2 M
* o$ A! O/ o) p& x9 C3 e: C
配置dns服务' `, a' q9 ~. R# J4 t
cat /etc/named.conf
" _# F( [! s- A: @4 Q3 }options {
1 L8 U5 O, f' S  l0 o+ t        listen-on port 53 { 127.0.0.1;192.168.229.114; };3 E# q& i, ]% D; f% r9 b/ N& Y! [
        listen-on-v6 port 53 { ::1; };
7 x2 M$ z) p! j1 a0 L8 }3 ]# E        directory         "/var/named";+ R4 r4 X- x9 I3 h1 i9 e* q
        dump-file         "/var/named/data/cache_dump.db";
, @, S' J5 t1 X        statistics-file "/var/named/data/named_stats.txt";
6 P6 A4 b$ _1 \4 Q: d  ~        memstatistics-file "/var/named/data/named_mem_stats.txt";$ Q& u# C) p* M9 R6 v; C
        recursing-file  "/var/named/data/named.recursing";
$ J$ z% N2 n  @3 m  X4 [        secroots-file   "/var/named/data/named.secroots";
+ R! S. n; l, \; j0 q  i' b        allow-query     { localhost;192.168.0.0/16; };
  u1 M7 G1 Y" Y- [9 C
9 }0 D6 A/ K* v" a7 e7 e7 T' qzone "objectstore.com" IN {
0 r4 z5 j* Z3 T/ f! V' ^% f9 ?) x) ~4 v        type master;) `' C7 B# L, O/ x; \
        file "db.objectstore.com";
3 c/ j' w2 G& r3 m, d# [" m        allow-update {none;};$ ?) f* ^, E+ g. O' z
};$ N0 I% R& {% ?

& e% G, d8 p8 G9 f4 S% V; T说明:ip地址根据实际情况更改。- n5 |6 g3 N( Q& U* o0 T2 R
( u& c1 w) n% r- q" b$ }  o: O5 P
cat >/var/named/db.objectstore.com <<EOF% S6 ?" M6 }3 f; ~  Y
@ 86400 IN SOA objectstore.com. root.objectstore.com. (% P* A5 b9 x% L. o
        20091028 ; serial yyyy-mm-dd
# w* g( w; t% r$ x# e) ?           10800 ; serial every 15 min1 f& q: M4 R& h4 f7 @1 o
            3600 ; serial every hour8 S5 \/ p6 t, F" @5 p: ?7 [0 j
         3600000 ; expire after 1 month +5 a6 M& r! }/ B* I& R
           86400) ; min ttl of 1 day
; h6 |1 \- a9 Z0 v, a@ 86400 IN NS objectstore.com.( W, `7 O+ a- E2 w& n0 K8 C+ x
@ 86400 IN A  192.168.229.114& P9 ?6 R1 {0 {- Y- U7 j* @
* 86400 IN CNAME @
9 D# V8 t2 V- fEOF, A; h$ _5 N; o

$ j9 B' C' [& {) o0 U编辑/etc/resolv.conf文件% v  w0 \# `; y: c+ K& o
cat /etc/resolv.conf
" l6 o+ m/ }/ l2 k' Y# Generated by NetworkManager- [/ u. O' _0 h
nameserver 114.114.114.114' I  t- ?* Y' k
search objectstore.com
* w8 b% [, v. ~9 h$ ]) l& enameserver 192.168.229.1147 M) O4 s5 J2 k, `
# |2 G" z- e, F
" r( u% {- Z+ `( {
检查配置
. A8 s, r( V, h4 V0 d& c# Y, S2 Mnamed-checkconf /etc/named.conf
2 d; I  }+ L+ \& {5 z1
+ C# |0 P1 k4 G5 rnamed-checkzone objectstore.com /var/named/db.objectstore.com
( S2 S' ~9 R0 E正确输出
+ p4 o1 h  E+ d# @% z' _& W) V3 @zone objectstore.com/IN: loaded serial 20091028" L3 p; V% W9 v9 n9 _, F4 n+ q
OK: V2 l* N; g: ~3 K2 x8 m/ ?

7 k3 i9 C8 Y0 s( K启动dns服务
' m. B" o4 t& Z, P* H7 j. rsystemctl start named3 z: w" K* ]6 m0 |5 j

, f% ]! _# W+ ]2 C  b+ D6 D测试dns配置% j: _. n3 w+ O# ], d+ [2 ~
dig ceph01.objectstore.com* \6 V5 M9 V4 D# y6 z
nslookup ceph01.objectstore.com. E; m# P+ x: ~) \0 Q6 C7 O5 j

% [3 s7 V( s9 }$ I! X/ r* ^/ t* z" r, D' F9 o: F2 H5 ]
在客户端的/etc/resolv.conf文件增加配置9 g6 k( z; k% J6 S/ P& K8 ]
cat /etc/resolv.conf8 N$ Y  B; ~4 W; Q2 M. h3 n
# Generated by NetworkManager
& w8 r- X. e( G. f9 R4 Snameserver 114.114.114.114
5 D5 m* u. L0 Asearch objectstore.com
  F  ^6 x/ q1 c* r' Q& Ynameserver 192.168.229.114
. W% b, Y# L! ^; `
" d$ s+ `: P2 U+ j2 B测试客户端的dns配置# @0 `! ?# }8 e1 }  `( g9 o: y4 ]
yum install bind-utils* Y8 m; l5 e" y$ f
dig ceph01.objectstore.com. F6 ]9 K) K3 O% y8 O" B) ]
nslookup ceph01.objectstore.com
) ?6 w( f1 x- `) P% W: P% g& ~% m' F
4 d$ `# `* V: e0 I& m  O客户端安装s3cmd
0 `2 T1 h! j7 |; D6 O4 z# n; gyum -y install s3cmd4 W2 ]. s' H+ G9 R- O  L

; b# u* m* {, p5 ~/ \: Q9 B生成s3.cfg配置文件
$ D8 }6 C8 t& D2 Qs3cmd --configure" Q; z$ c9 N7 x! t9 X8 O

0 c& Y5 B( ]2 r8 u  LEnter new values or accept defaults in brackets with Enter.
+ a) c; j: y4 L! ^/ j' ^/ lRefer to user manual for detailed description of all options.
8 l9 q7 ?4 {0 `0 e! W( m6 C- G. t; P. [. _+ L  p5 i
Access key and Secret key are your identifiers for Amazon S3. Leave them empty for using the env variables.2 _9 z9 `' t. I' V- f; T; l
Access Key: 1F0D2GRLPRU9ENSB689J  # 粘贴服务端生成的Access Key
' P& n. b6 [+ E! [; d/ f: j: gSecret Key: M5AmCuh8XcWnKXvBUJ8orE90z6508YGDtbvIA0h4   # 粘贴服务端生成的Secret Key
' n% Y  H7 @: r  L/ e2 `Default Region [US]:   # 直接回车即可7 P6 x) @" g. u1 G2 H7 P

$ I3 z" F5 Y& _, A0 rUse "s3.amazonaws.com" for S3 Endpoint and not modify it to the target Amazon S3.  N' l3 h0 I/ s( g
S3 Endpoint [s3.amazonaws.com]: ceph01.objectstore.com  # 输入对象存储的域名: t+ Q0 n% {+ m$ [
4 H5 X& M4 y  @
Use "%(bucket)s.s3.amazonaws.com" to the target Amazon S3. "%(bucket)s" and "%(location)s" vars can be used9 X4 T) V% u' a+ B' T9 h1 v* _# h, z2 f
if the target S3 system supports dns based buckets.
0 e7 X) c7 x- \" o' V. uDNS-style bucket+hostname:port template for accessing a bucket [%(bucket)s.s3.amazonaws.com]: %(bucket).ceph01.objectstore.com  # 输入对象存储的bucket地址
4 o- _$ c. P! v1 [3 _
2 C1 E+ Y: l5 D2 P' @! DEncryption password is used to protect your files from reading; T, `! U, _- D/ p# x- D( z1 n
by unauthorized persons while in transfer to S3
4 }5 w2 M$ E" v' K5 b! T' `! x/ ]Encryption password:    # 空密码回车$ Y- e- a! {2 d1 g
Path to GPG program [/usr/bin/gpg]:  #回车6 g5 e9 h3 o- u* x
5 M. a; s, D4 o, A: C- _  R, V
When using secure HTTPS protocol all communication with Amazon S3
2 [6 K) x$ Z/ X4 Iservers is protected from 3rd party eavesdropping. This method is3 v( ~0 R. V' q- |
slower than plain HTTP, and can only be proxied with Python 2.7 or newer
$ O. C. S; X  Q8 c2 {) }( eUse HTTPS protocol [Yes]: No #输入No( d3 w5 \% k" @
6 j+ v+ P, }8 B: z( H
On some networks all internet access must go through a HTTP proxy.; P# A. m2 f# ^" l
Try setting it here if you can't connect to S3 directly
* o" Y2 g8 o3 X  bHTTP Proxy server name:  #回车+ w8 o/ l7 ~! w. t$ b
* M1 B9 ~0 ]* N$ R+ l
New settings:/ G3 t6 S9 t8 A( F$ o) v1 F! x
  Access Key: 1F0D2GRLPRU9ENSB689J
3 j# A/ I& O" N  z- E6 S  Secret Key: M5AmCuh8XcWnKXvBUJ8orE90z6508YGDtbvIA0h4. Y: N: f& s% z4 h. _0 V! y; ~* k& m
  Default Region: US3 `( O! ^/ x* x" r, }$ x& g
  S3 Endpoint: ceph01.objectstore.com
$ z: o& h: F7 |/ L7 x" y  DNS-style bucket+hostname:port template for accessing a bucket: %(bucket).ceph01.objectstore.com
( U8 H* ]* |5 x% i; G  `# I( j  Encryption password:
1 Q9 e8 f0 n/ x, y  Path to GPG program: /usr/bin/gpg
9 i+ h* c: H6 b& {- p  Use HTTPS protocol: False
8 h9 k$ a  ], _5 O. k  HTTP Proxy server name:
. e! i( @2 m$ _5 D  HTTP Proxy server port: 0
7 R2 R  ?/ i3 Q$ `; d0 g4 P" ]5 Z: z/ N- ^: S& p4 E' Y" n' u& I- X
Test access with supplied credentials? [Y/n] n #输入n
8 S- [/ z& @4 [, \8 q3 s6 A7 L+ [0 ^4 E# ]: D
Save settings? [y/N] y #输入y
( G: q  m! s% C* z' HConfiguration saved to '/root/.s3cfg'   # 最后配置文件保存的位置/root.s3cfg
7 I8 G" p2 y+ T2 c8 Y& J1 {/ w5 J; s6 J
+ U  q/ L! Z( ~2 |. V" z
生成的s3.cfg配置文件内容如下
1 y% q# V8 x6 g- D0 `8 o4 tcat /root/.s3cfg ' q( `) A; y! Y% J- J
[default]
+ m; R5 W& C5 h* ]4 Q* s% _* Qaccess_key = 1F0D2GRLPRU9ENSB689J
  {$ e9 ~8 b0 _1 z: ]: jaccess_token = ( `$ s% n8 F% S( y" M8 U
add_encoding_exts = & w) U8 D; d2 q1 s
add_headers =
# m, i  u0 B* r9 j' d, Rbucket_location = US. g) S- G; E, v* s# n& o0 z
ca_certs_file =   O: I% p; W1 v5 T& L
cache_file = $ s! p/ I& A9 @
check_ssl_certificate = True7 {4 l2 T& T* X2 v
check_ssl_hostname = True0 J9 [+ y" C: y4 `7 R% m. H6 r
cloudfront_host = cloudfront.amazonaws.com
/ y. d: I9 [5 {6 o3 Hconnection_pooling = True5 }+ V0 U! s0 U- W7 Y6 g, I
content_disposition =
2 h; k6 H1 D" z# k6 V) Wcontent_type = # h1 i& H8 o# B  X
default_mime_type = binary/octet-stream
3 N% s+ l9 ]4 i' W- B& _delay_updates = False4 \* M& P: t9 S% w
delete_after = False
7 S) B4 k3 i' T0 y! ]9 p" zdelete_after_fetch = False
4 j9 U* e7 `9 ]4 n% Odelete_removed = False2 B( y5 H" m8 a5 N# v+ h, L  j
dry_run = False4 r% X& u9 @( A( K
enable_multipart = True) E8 x; T+ [# R! P; I
encrypt = False
8 a" {5 s! O3 P2 oexpiry_date = ! J- f# H. R  h/ N7 s' j5 p
expiry_days = 7 K8 O4 p5 [2 E) f( ]8 @+ F2 q# O
expiry_prefix = 5 w1 w; Q/ {$ E' H
follow_symlinks = False; A4 n8 g0 t) U  U) c/ N1 P
force = False
& V0 V4 d. _5 x! j& W$ Qget_continue = False6 C% A8 B; x- A% G
gpg_command = /usr/bin/gpg! Q$ [2 f; V" O% x; \" E7 \
gpg_decrypt = %(gpg_command)s -d --verbose --no-use-agent --batch --yes --passphrase-fd %(passphrase_fd)s -o %(output_file)s %(input_file)s1 x/ W4 n' \7 \& J# b# w
gpg_encrypt = %(gpg_command)s -c --verbose --no-use-agent --batch --yes --passphrase-fd %(passphrase_fd)s -o %(output_file)s %(input_file)s
8 v) N  g. G8 k4 _8 Kgpg_passphrase =
+ Y; v' f3 l9 R1 Vguess_mime_type = True3 z, J# F5 |; u% ]
host_base = ceph01.objectstore.com
; E7 d/ `" E* a  M" rhost_bucket = %(bucket).ceph01.objectstore.com
. |1 N& ^) w+ G* x6 K6 q# Ohuman_readable_sizes = False
* Q: b. N1 c* [+ Hinvalidate_default_index_on_cf = False+ ?( p2 [/ C) c  _# j/ y) q
invalidate_default_index_root_on_cf = True
8 G' Q8 }% I6 u- y* Y: i( L2 Q  finvalidate_on_cf = False
, ~* c# [) H6 ^. d( zkms_key = " [9 g  E. w  a% V6 R) F
limit = -1  V" Q; d) h% z  n( ~6 C) _
limitrate = 0
$ H) W6 X$ `; @1 e8 |list_md5 = False4 u/ U, k, n" Z1 }; i6 r9 b
log_target_prefix =
9 a& u4 D3 P3 n& q9 w$ Y5 [long_listing = False  j% x: s2 Q0 V2 ?) m2 Y- u
max_delete = -1( ]$ S! k' q; t; V' K$ @/ g. R- o9 N) e8 x
mime_type = * Q% F7 F9 z. ?! p
multipart_chunk_size_mb = 154 X% G6 Q8 }" ]; N  T' \
multipart_max_chunks = 10000
' w. Z( C3 y9 l6 `8 }preserve_attrs = True
- B! G+ ?3 j9 f" m4 @' {# d) Mprogress_meter = True
% @- b" T* N% {- p. r: kproxy_host =
' s' M7 j9 `5 b$ O2 ~) }6 y$ m- yproxy_port = 0. ^# w9 d8 P2 V  V
public_url_use_https = False% @; f4 H3 _$ \1 y8 L$ k
put_continue = False
2 B) o. H) d& i5 r5 v0 hrecursive = False
" g/ y' g8 P8 e' g- D0 R  jrecv_chunk = 655366 V5 V% _  S% N
reduced_redundancy = False
* e  S. h3 E  h/ {1 mrequester_pays = False  f  i* o2 i! [; K2 I
restore_days = 1
& m* R3 b* [9 `5 ]( `) n, prestore_priority = Standard
4 Z3 n" K% m9 C4 u$ bsecret_key = M5AmCuh8XcWnKXvBUJ8orE90z6508YGDtbvIA0h4
" `0 f& o3 h3 f/ q* tsend_chunk = 65536
8 I/ F5 b4 s" I$ Mserver_side_encryption = False( z3 _5 D1 T8 G. g! {! k% w
signature_v2 = False9 @! n; ]! \0 r. D+ J* ]8 M. \
signurl_use_https = False7 C  w+ U0 F1 @3 c. E; p
simpledb_host = sdb.amazonaws.com
% y+ ]) k% s& Nskip_existing = False4 }: W6 [2 y; Q3 j. O( ~4 `' m
socket_timeout = 300
" `1 k1 l. M/ _) g) ]7 pstats = False7 t# j1 w( R- O0 I
stop_on_error = False
2 w/ e! z4 ?+ i9 u4 Zstorage_class = $ M& k- v; l0 X: T0 j: Y2 |
throttle_max = 100
2 V; k2 G$ }7 {9 H9 k* O& Cupload_id = & p+ ^1 N4 C* W+ m2 P- E* ]
urlencoding_mode = normal. B( H" R' M8 B: w) \' @
use_http_expect = False/ x9 {# y2 q0 h$ {& I: u5 x
use_https = False1 w9 W& C. w% s3 |- i
use_mime_magic = True
7 \5 k" q0 c  ?% m' j" B; Overbosity = WARNING
1 g3 u) b% m( `4 l' E, H  swebsite_endpoint = http://%(bucket)s.s3-website-%(location)s.amazonaws.com/, ~, Z' m: @; w  L5 C/ r% r
website_error =
3 [; B3 x0 L# R5 K" f) g: Hwebsite_index = index.html
0 a, F: D8 ]4 b, z* v
6 ~  [" I( M) [2 ~/ @- i9 zvim /root/.s3cfg. V: t" W7 l7 |* u6 B( z# \
host_base = ceph01.objectstore.com
7 e5 S9 X- {, i. j. bhost_bucket = %(bucket)s.ceph01.objectstore.com! A' ^3 J' A8 }) r& v  A
9 c; f4 M; e9 k1 M6 z* C
创建桶
$ j& r# i8 j/ z3 C' i# p7 o' Y! os3cmd mb s3://buck1
; g' W# ^- Z- R1 H& z. F输出
+ z5 L6 t; x% x5 L+ L% vBucket 's3://buck1/' created
& l5 Q& i# f7 Z4 t4 a% D0 f; x" f$ E( S6 s- C7 y. c% G/ c
s3cmd mb s3://my-bucket% t4 w& Z: G$ k& ?
输出; t4 D3 F  H. T8 o, m5 N
Bucket 's3://my-bucket/' created0 l' y; ]" G# T9 S

1 S4 K7 o: e. N查看桶9 [# y8 P. {$ f  u3 V! A* W* d
s3cmd ls1 b+ n7 j8 j% ~& f& {
输出. n& ~6 F% ]( y6 J
2020-11-04 02:43  s3://buck1
- v% E6 l! x+ O( Q- Q4 a7 m2020-11-04 02:30  s3://my-bucket
# g9 `4 Z: f$ `
- X1 I! B0 I' p5 f% n5 `往桶中传数据& D5 v6 u2 ~0 h1 Y2 W7 [3 s
s3cmd put /etc/hosts s3://buck1
0 T& I1 p) ~/ o+ u3 [! Q输出
! r8 J" R/ ^" A8 ~: x8 Hupload: '/etc/hosts' -> 's3://buck1/hosts'  [1 of 1]
5 O8 U% z- s# d% ^( d3 N* B 304 of 304   100% in    3s    92.11 B/s  done
( |, |" [5 T' T" U0 ^0 o3 D" t$ }3 L
swift访问
+ u* E. Q3 m6 n! @$ \+ k9 R( a客户端安装swift客户端: g: t. ^4 r9 b, c. K" G
yum -y install python-setuptools
5 O( }( v5 ?* ~1 h0 \' `8 ^yum -y install python-pip/ y$ l, _0 |7 F, {4 O/ r& ]
pip install --upgrade pip -i https://mirrors.aliyun.com/pypi/simple
( d. R0 X, x( q& G1 c* Xpip install --upgrade setuptools -i https://mirrors.aliyun.com/pypi/simple
1 B+ T4 }1 y7 Q. W& p: b  ^pip install python-swiftclient -i https://mirrors.aliyun.com/pypi/simple) z  j% V, D$ S- y

3 y" U4 T, f. z3 l/ N5 }+ f+ zswift创建并查看桶) P7 L  X$ k# g8 @: S5 i
swift -V 1.0 -A http://ceph01.objectstore.com/auth -U mona:swift -K secretkey post swift-buck( Q; M  g3 R: y0 T/ y
swift -V 1.0 -A http://ceph01.objectstore.com/auth -U mona:swift -K secretkey list; g" v" ^$ C- ]# `: z( X
输出7 D3 L5 o6 J  p1 a) \8 V
buck1
5 J" n/ h8 ~9 h# U% q7 S' @my-bucket
7 U. [$ s8 V% J9 q* X- oswift-buck6 L, y/ l% M- Y; E5 q+ p" o
2 F' F/ O0 r. i- Z, @% D+ y

5 H( K7 _+ @1 B/ n3 Y! g
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

返回首页|Archiver|手机版|小黑屋|易陆发现技术论坛 ( 蜀ICP备2026014127号-1 )

GMT+8, 2026-6-12 02:02 , Processed in 0.025381 second(s), 23 queries .

Powered by Discuz! X5.0

© 2001-2026 Discuz! Team.

快速回复 返回顶部 返回列表