ceph-s3
s3cmd和awscli 如何访问ceph 存储:
s3cmd:
ceph集群
1,创建用户
[root@servera ~]# radosgw-admin user create --uid=emporer --display-name="emporer" --email=emporer5357@gmail.com --access-key
"12345" --secret "67890"
{
"user_id": "emporer",
"display_name": "emporer",
"email": "emporer5357@gmail.com",
"suspended": 0,
"max_buckets": 1000,
"subusers": [],
"keys": [
{
"user": "emporer",
"access_key": "5L6PXS6DMZCADF7EWAFL",
"secret_key": "ORw0rbK1OLsQcKJjFBGHWHopTsO3JyzIzw0DtmFo"
}
],
"swift_keys": [],
"caps": [],
"op_mask": "read, write, delete",
"default_placement": "",
"default_storage_class": "",
"placement_tags": [],
"bucket_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
},
"user_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
},
"temp_url_keys": [],
"type": "rgw",
"mfa_ids": []
}
2,查看用户:
[root@servera ~]# radosgw-admin user info --uid=emporer
{
"user_id": "emporer",
"display_name": "emporer",
"email": "emporer5357@gmail.com",
"suspended": 0,
"max_buckets": 1000,
"subusers": [],
"keys": [
{
"user": "emporer",
"access_key": "5L6PXS6DMZCADF7EWAFL", #key
"secret_key": "ORw0rbK1OLsQcKJjFBGHWHopTsO3JyzIzw0DtmFo" #secret
}
],
"swift_keys": [],
"caps": [],
"op_mask": "read, write, delete",
"default_placement": "",
"default_storage_class": "",
"placement_tags": [],
"bucket_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
},
"user_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
},
"temp_url_keys": [],
"type": "rgw",
"mfa_ids": []
}
client
客户端配置:
yum -y install s3cmd
1,生成配置文件模板,自己改
[root@ceph-client ~]# s3cmd --configure
Enter new values or accept defaults in brackets with Enter.
Refer to user manual for detailed description of all options.
Access key and Secret key are your identifiers for Amazon S3. Leave them empty for using the env variables.
Access Key: N7MACOJ21HMP5REAU41P #key
Secret Key: NUmSz78IyDPCgi2zbxiKgAtbu33pXORlgqpvVpaZ #secret
Default Region [US]:
Use "s3.amazonaws.com" for S3 Endpoint and not modify it to the target Amazon S3.
S3 Endpoint [s3.amazonaws.com]:
Use "%(bucket)s.s3.amazonaws.com" to the target Amazon S3. "%(bucket)s" and "%(location)s" vars can be used
if the target S3 system supports dns based buckets.
DNS-style bucket+hostname:port template for accessing a bucket [%(bucket)s.s3.amazonaws.com]:
Encryption password is used to protect your files from reading
by unauthorized persons while in transfer to S3
Encryption password:
Path to GPG program [/usr/bin/gpg]:
When using secure HTTPS protocol all communication with Amazon S3
servers is protected from 3rd party eavesdropping. This method is
slower than plain HTTP, and can only be proxied with Python 2.7 or newer
Use HTTPS protocol [Yes]: n
On some networks all internet access must go through a HTTP proxy.
Try setting it here if you can't connect to S3 directly
HTTP Proxy server name:
New settings:
Access Key: N7MACOJ21HMP5REAU41P
Secret Key: NUmSz78IyDPCgi2zbxiKgAtbu33pXORlgqpvVpaZ
Default Region: US
S3 Endpoint: s3.amazonaws.com
DNS-style bucket+hostname:port template for accessing a bucket: %(bucket)s.s3.amazonaws.com
Encryption password:
Path to GPG program: /usr/bin/gpg
Use HTTPS protocol: False
HTTP Proxy server name:
HTTP Proxy server port: 0
Test access with supplied credentials? [Y/n] n
Save settings? [y/N] y
Configuration saved to '/root/.s3cfg'
[root@ceph-client ~]#
配置文件就是当前目录下的隐藏文件.s3cfg
查看:
[root@ceph-client ~]# cat .s3cfg
[default]
access_key = N7MACOJ21HMP5REAU41P
access_token =
add_encoding_exts =
add_headers =
bucket_location = US
ca_certs_file =
cache_file =
check_ssl_certificate = True
check_ssl_hostname = True
cloudfront_host = cloudfront.amazonaws.com
connection_max_age = 5
connection_pooling = True
content_disposition =
content_type =
default_mime_type = binary/octet-stream
delay_updates = False
delete_after = False
delete_after_fetch = False
delete_removed = False
dry_run = False
enable_multipart = True
encoding = UTF-8
encrypt = False
expiry_date =
expiry_days =
expiry_prefix =
follow_symlinks = False
force = False
get_continue = False
gpg_command = /usr/bin/gpg
gpg_decrypt = %(gpg_command)s -d --verbose --no-use-agent --batch --yes --passphrase-fd %(passphrase_fd)s -o %(output_file)s %(input_file)s
gpg_encrypt = %(gpg_command)s -c --verbose --no-use-agent --batch --yes --passphrase-fd %(passphrase_fd)s -o %(output_file)s %(input_file)s
gpg_passphrase =
guess_mime_type = True
host_base = 192.168.5.111:8080 #这个是rgw radosgw 网关地址端口8080 ,如果你有做高可用负载均衡,前面加一个nginx 或者keepalivad
host_bucket = 192.168.5.118:8080/%(bucket)s #通用格式 地址加
human_readable_sizes = False
invalidate_default_index_on_cf = False
invalidate_default_index_root_on_cf = True
invalidate_on_cf = False
kms_key =
limit = -1
limitrate = 0
list_allow_unordered = False
list_md5 = False
log_target_prefix =
long_listing = False
max_delete = -1
mime_type =
multipart_chunk_size_mb = 15
multipart_copy_chunk_size_mb = 1024
multipart_max_chunks = 10000
preserve_attrs = True
progress_meter = True
proxy_host =
proxy_port = 0
public_url_use_https = False
put_continue = False
recursive = False
recv_chunk = 65536
reduced_redundancy = False
requester_pays = False
restore_days = 1
restore_priority = Standard
secret_key = NUmSz78IyDPCgi2zbxiKgAtbu33pXORlgqpvVpaZ
send_chunk = 65536
server_side_encryption = False
signature_v2 = True #这个是因为报错。。我在网上查的,他们说是使用不同的s3 兼容客户端,地址等会贴出来
signurl_use_https = False
simpledb_host = sdb.amazonaws.com
skip_existing = False
socket_timeout = 300
ssl_client_cert_file =
ssl_client_key_file =
stats = False
stop_on_error = False
storage_class =
throttle_max = 100
upload_id =
urlencoding_mode = normal
use_http_expect = False
use_https = False
use_mime_magic = True
verbosity = WARNING
website_endpoint = http://%(bucket)s.s3-website-%(location)s.amazonaws.com/
website_error =
website_index = index.html
查看桶:
[root@ceph-client ~]# s3cmd ls
创建桶
[root@ceph-client ~]# s3cmd mb s3:/bucket
上传文件:
[root@ceph-client ~]# s3cmd put /etc/fstab s3://bucket/fstab
upload: '/etc/fstab' -> 's3://bucket/fstab' [1 of 1]
664 of 664 100% in 0s 17.93 KB/s done
[root@ceph-client ~]# s3cmd ls s3://bucket
2023-04-19 07:07 664 s3://bucket/fstab
下载
[root@ceph-client ~]# s3cmd get s3://bucket/fstab /tmp/
download: 's3://bucket/fstab' -> '/tmp/fstab' [1 of 1]
664 of 664 100% in 0s 13.95 KB/s done
[root@ceph-client ~]# ll /tmp/fstab
-rw-r--r--. 1 root root 664 4月 19 2023 /tmp/fstab
[root@ceph-client ~]# more /tmp/fstab
#
# /etc/fstab
# Created by anaconda on Sun Jul 17 23:02:43 2022
#
# Accessible filesystems, by reference, are maintained under '/dev/disk/'.
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info.
#
# After editing this file, run 'systemctl daemon-reload' to update systemd
# units generated from this file.
#
/dev/mapper/rhel-root / xfs defaults 0 0
UUID=3fdba1d5-baa1-42b7-a102-dc405869f91f /boot xfs defaults 0 0
/dev/mapper/rhel-swap none swap defaults 0 0
删除文件
[root@ceph-client ~]# s3cmd rm s3://bucket/fstab
delete: 's3://bucket/fstab'
[root@ceph-client ~]# s3cmd ls s3://bucket
awscli访问rgw
[root@servera ~]# radosgw-admin user list
创建用户并指定密码
[root@servera ~]# radosgw-admin user create --uid operator --email operator@example.com --display-name "operator user" --access-key "12345" --secret "67890"
{
"user_id": "operator",
"display_name": "operator user",
"email": "operator@example.com",
"suspended": 0,
"max_buckets": 1000,
"subusers": [],
"keys": [
{
"user": "operator",
"access_key": "12345",
"secret_key": "67890"
}
],
"swift_keys": [],
"caps": [],
"op_mask": "read, write, delete",
"default_placement": "",
"default_storage_class": "",
"placement_tags": [],
"bucket_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
},
"user_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
},
"temp_url_keys": [],
"type": "rgw",
"mfa_ids": []
}
[root@servera ~]#
client
安装awscli
yum -y install awscli
配置配置文件
[root@ceph-client ~]# aws configure --profile ceph
AWS Access Key ID [None]: 12345
AWS Secret Access Key [None]: 67890
Default region name [None]:
Default output format [None]:
[root@ceph-client ~]# cd .aws/
[root@ceph-client .aws]# ls
config credentials
查看配置
[root@ceph-client .aws]# cat credentials
[ceph]
aws_access_key_id = 12345
aws_secret_access_key = 67890
[root@ceph-client .aws]# aws configure list --profile ceph
Name Value Type Location
---- ----- ---- --------
profile ceph manual --profile
access_key ****************2345 shared-credentials-file
secret_key ****************7890 shared-credentials-file
region <not set> None None
[root@ceph-client .aws]# aws --profile=ceph --endpoint=http://servera:8080 s3 ls
创建桶
[root@ceph-client .aws]# aws --profile=ceph --endpoint=http://servera:8080 s3 mb s3://testbucket
make_bucket: testbucket
[root@ceph-client .aws]# aws --profile=ceph --endpoint=http://servera:8080 s3 ls
2023-04-19 03:28:10 testbucket
上传文件
[root@ceph-client .aws]# aws --profile=ceph --endpoint=http://servera:8080 --acl=public-read-write s3 cp /etc/hosts s3://testbucket
upload: ../../etc/hosts to s3://testbucket/hosts
下载文件
[root@ceph-client .aws]# wget http://servera:8080/testbucket/hosts
--2023-04-19 03:29:13-- http://servera:8080/testbucket/hosts
正在解析主机 servera (servera)... 192.168.5.111
正在连接 servera (servera)|192.168.5.111|:8080... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:305 [binary/octet-stream]
正在保存至: “hosts”
hosts 100%[===========================================================================>] 305 --.-KB/s 用时 0s
2023-04-19 03:29:13 (28.7 MB/s) - 已保存 “hosts” [305/305])
[root@ceph-client .aws]#
额!!!!总结一下吧,rgw 应配置负载均衡,
默认安装完rgw ,会生成几个默认的池:
- .rgw.root - 存储信息记录
- .default.rgw.control - 用作控制池
- .default.rgw.meta - 存储 user_keys 和其他关键元数据
- .default.rgw.log - 包含所有存储桶/容器和对象操作(如创建、读 取和删除)的日志
- .default.rgw.buckets.index - 存储存储桶的索引
- .default.rgw.buckets.data - 存储存储桶数据
- .default.rgw.buckets.non-ec - 用于多部分对象元数据上
没写完,,太杂了,。。客户端类型也多。。逢山开路,遇水造桥吧。反正理论一样的。。通过ceph对象网关提供对象存储接口,基于librados,librgws
图形化界面就是点点点创建用户,show,key secret .
参考文章:
https://github.com/s3tools/s3cmd/issues/1065
https://access.redhat.com/documentation/zh-cn/red_hat_ceph_storage/4/html/developer_guide/preparing-access-to-the-ceph-object-gateway-using-s3_dev
https://www.cnblogs.com/freeitlzx/p/11281763.html
本文链接:
/archives/ceph-s3
版权声明:
本站所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来自
Emporer-Linux!
喜欢就支持一下吧