lacoski
diff --git a/‎Ceph/PIC/ceph-radosgw-install-sodo.png
57.1 KB b/‎Ceph/PIC/ceph-radosgw-install-sodo.png
57.1 KB
diff --git a/‎Ceph/PIC/ceph-radosgw-install-struc.png
44.2 KB b/‎Ceph/PIC/ceph-radosgw-install-struc.png
44.2 KB
diff --git a/‎Ceph/PIC/ceph-radosgw-lab.xml
+1 b/‎Ceph/PIC/ceph-radosgw-lab.xml
+1
diff --git a/‎Ceph/ceph-radosgw-install.md
+152-9 b/‎Ceph/ceph-radosgw-install.md
+152-9
@@ -0,0 +1 @@
+<mxfile userAgent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36" version="8.3.4" editor="www.draw.io" type="device"><diagram id="4cf90dc6-6bb1-a75f-946d-dfb10c2198e1" name="Page-1">7Vtdc6M2FP01nuk+hEEfSOgxzm7ah21np+lMdx+xUWwmGLkYr53++oog2YAAKzE4ZhrPZAxXQoJ7zr26R8QTdLfa/5oG6+XvIuTxBLrhfoI+TyAELiTyK7c8FxaMvMKwSKNQdToaHqJ/ub5SWbdRyDeVjpkQcRatq8a5SBI+zyq2IE3FrtrtUcTVWdfBghuGh3kQm9a/ozBbFlYf0qP9Nx4tlnpmQFjRMgvmT4tUbBM13wSix5dP0bwK9FjqQTfLIBS7kgl9maC7VIisOFrt73ic+1a7rbjuvqX1cN8pTzKbC2Bxwc8g3qpHv+PrpbT8Ke9rs9jJo6/BTN1r9qz9k/G9HH66zFaxNAB5uMlS8cTvRCxSaUlEIntOH6M4rpmCOFok8nQub5BL+/QnT7NIev5WNayiMMynme6WUcYf1sE8n3MneSZtL57l+b27+fAiyR7UTQF9XnAJePJcPZucgO9b/QMOXpds5mLFs/RZdlEXYKKAUkRm6nR3ZAVylW1ZYgRStkARcXEY+QiGPFB4NGODDGwMHHgS3uZ0P/q3BEnZHbjmLrcJiryDhksS9/7elZ8ajEdC1zEvX1G06NBBByx4aMTdSSRKrvYaPK1tKY+DLPpZHb7J/WqGbyKSEx+ARrgKNCA1BDdim865uqocUbWBfHJioCxIFzwzBnphw+GxrQiCDYJ8287iaC5tf/BsJ9Knaw5cxUzYQbweAvgQnRoOZEYwgA28gj1EsGcABBh0APEd6Mjh7zWCVw0Q7soMlQx8PlpG8HgXREvf7jsm3KlHX5lw1RXjT7jYe2vC9ZjDSh+/e9j+0m9T8RRvNzm0o0/AilYDJGAMLxnSZg2lMzAaeQbWqWLgDIzxBeHSa3NXBs7V1br1QZUgDGa6u/tqvkpueM0VXMkFrMkDrAcXALOoa3FBPemDrni18Qtymx2j3KAl/AkvAOr14AWzcjK8UI2XpogqL81mtNrWOMaii2QbQob/oXW+xJ1+BpZ+ruuKN/mZGH7myQahtqTYfyZ8W90ZBzMeT0Ua8rQRMsmDKFn8JdZqXGVQKKmzr/wxU+1n4bbX5YBjIoe9BuT6CBDaECAkzpTPKuCRf7ZCN9xsXrx7KzsAtN4fG+XRIv/Ot39ugnAVJXq8WarbflF290b+rUTySXeRd1vMWvQzrxznIguY7wLWU1hTZBXWqA9y+I1RTa82qlUt0xbVnxkhg0V126pnRLXC8bBHfYEob9jhMTDsVKSvEYy2KBkskN/p8/fc546nT39UChJDhRYirMpWG1AuI01xDfF6XWerTGul9GE/aAAp2rQcnEmU1q1c20XaJMo+yko8kWc/KpFq0KRwdLVUuR6a3NR4gugbeYIH4wWy2NIaWlBhn9QFledbrYWQ4fNzqFnhDuAB1OICzQzsYAwwJAATF7jQ6ukBpY6sQAgGlMjMi0kPC4qZJjrL/esuz2zVgFUZQLqrANchsKG69x3quccPaEARO4xiDyHgEkZc5tHzUTTLOwPA0YrjFhx05qAOpi70fQIx9Sn1sV0oecyh0EceAthlgPj++SAwA4QX6ZSIkN+ABu0k9dIkTx3SDa7YhJ8auqTFO/eGpnEG6Ov0Uzfy1G5XpBf5ZEL7IZ9a5VP34t8gn7ADkOfLNREyD+t9jFNiaoAs2vB21kB4lOLKBp4LCSl8XDYPYqpW01kXydjxGAOIMkkChHH1NZ8c1wGUQRczgj3fJag6S49Sy2L1HaHUuirSyFgvAY0rSMtamhAP5Is5hQSRN/NpONEFTzNkaNFFQD3x2r/F6kF06T2ygVUX7CwZEHAY9gh1CfQlX5BlCSHTiCNZhZiqGPuoKEwZ/qG7ykzp4aUKc2SZ4x5kdkfasUbNIo5Hq7Pa/P7c6c530FnA/BeOo9CCH0Lr9ULrBPTULMmHUlrQXCY+lFZrVday2o1AaVnswY5fabXAc7GiuaeXVlejs8xdmLNJc206670pU9VZFaBHILMsfh8ztMyibb8auYTIQtb/KniWyEKd1cL1iCxk7ud9iKwyU65SZCGL2mC0IqvN71cnspD5Yniei6wNMiXS7Xr9/9RNJ9C8oG7CFttrY6+NWpadj9qogSDy9PiT8aL78Xf56Mt/</diagram></mxfile>
@@ -1,13 +1,23 @@
 # Triển khai Radosgw trên Ceph Cluster
 ---
 ## Chuẩn bị
-Đọc các tài liệu
-Sử dụng lab 3 node ceph
+### Sơ đồ
+![](PIC/ceph-radosgw-install-sodo.png)
+### Tài nguyên
+__Yều cầu 3 node chạy ceph, 1 node giả lập app sử dụng s3 API__
+![](PIC/ceph-radosgw-install-struc.png)
+> Tất cả chạy CentOS 7
 
 ## Cài đặt
-### Phần 1: Thiết lập Ceph Radosgw
+### Phần 1: Cài đặt Ceph
+[Cài đặt Ceph theo Lab 3 node](ceph-3node-lab.md)
+
+> Thiết lập IP theo lab hiện tại
+
+### Phần 2: Thiết lập Ceph Radosgw
+> Thực hiện trên __ceph-admin__
+
 #### Bước 1: Thiết lập tại ceph-admin (Node có quyền admin)
-> Thực hiện trên ceph-admin
 
 Truy cập ceph-admin
 ```
@@ -35,7 +45,9 @@ __Kết quả__
 
 pic 1
 
-### Phần 2: Tạo radosgw user
+### Phần 3: Tạo radosgw user
+> Thực hiện trên __ceph-admin__
+
 #### Tổng quát
 Để có thể sử dụng Ceph object storage, ta cần tạo user truy cập Radosgw. User được định danh bằng access và secret key, sử dụng cho mục đích truy cập, thực hiện các hoạt động trên  Ceph object storage.
 
@@ -118,8 +130,8 @@ ssh root@ceph-admin
     "temp_url_keys": []
 }
 ```
-### Phần 3: Kiểm tra user cung cấp bởi Radosgw
-> Thực hiện trên ceph-admin (có thể trên ceph-client)
+### Phần 4: Kiểm tra user cung cấp bởi Radosgw
+> Thực hiện trên __ceph-admin__ (có thể trên ceph-client)
 
 __Cài đặt gói__
 ```
@@ -173,7 +185,138 @@ __Xóa bucket test__
 radosgw-admin bucket rm my-new-bucket
 ```
 
-### Phần 3: Truy cập Ceph object storage
+### Phần 5: Truy cập Ceph object storage thông qua s3 interface
 Ở đây sẽ truy cập Ceph object thông qua S3 API tương thích.
+> Thực hiện các bước sau tại __ceph-s3 node__
+
+#### Thiết lập file host
+Thiết lập file host trên ceph-s3 node
+```
+[root@ceph-s3 ~]# vim /etc/hosts
+```
+Nội dung
+```
+192.168.2.136 ceph-admin
+
+192.168.2.137 ceph-node-1 cephgw.test.lab
+
+192.168.2.138 ceph-node-2
+
+192.168.2.144 ceph-s3
+```
+#### Bước 1: Cài đặt s3cmd
+```
+yum install epel-release -y
+yum install python-pip -y
+pip install s3cmd
+```
+
+Kiểm tra version s3cmd
+```
+[root@ceph-s3 ~]# s3cmd --version
+s3cmd version 2.0.1
+```
+
+#### Bước 2: Thiết lập kết nối s3cmd với Ceph thông qua S3 API
+> Sử dụng user vừa tạo tại phần 2 để truy cập Radosgw
+
+```
+[root@ceph-s3 ~]# s3cmd --configure
+
+Enter new values or accept defaults in brackets with Enter.
+Refer to user manual for detailed description of all options.
+
+Access key and Secret key are your identifiers for Amazon S3. Leave them empty for using the env variables.
+Access Key [UDW5NH3UZ83CK1W0U2PW]:
+Secret Key [BjPiwiRRdTmgK50SjeDCmgVgfNWjfPgTIRTTr4Zq]:
+Default Region [US]:
+
+Use "s3.amazonaws.com" for S3 Endpoint and not modify it to the target Amazon S3.
+S3 Endpoint [cephgw.test.lab:7480]:
+
+Use "%(bucket)s.s3.amazonaws.com" to the target Amazon S3. "%(bucket)s" and "%(location)s" vars can be used
+if the target S3 system supports dns based buckets.
+DNS-style bucket+hostname:port template for accessing a bucket [cephgw.test.lab:7480]: cephgw.test.lab:7480
+
+Encryption password is used to protect your files from reading
+by unauthorized persons while in transfer to S3
+Encryption password [thanh]:
+Path to GPG program [/bin/gpg]:
+
+When using secure HTTPS protocol all communication with Amazon S3
+servers is protected from 3rd party eavesdropping. This method is
+slower than plain HTTP, and can only be proxied with Python 2.7 or newer
+Use HTTPS protocol [No]: No
+
+On some networks all internet access must go through a HTTP proxy.
+Try setting it here if you can't connect to S3 directly
+HTTP Proxy server name:
+
+New settings:
+  Access Key: UDW5NH3UZ83CK1W0U2PW
+  Secret Key: BjPiwiRRdTmgK50SjeDCmgVgfNWjfPgTIRTTr4Zq
+  Default Region: US
+  S3 Endpoint: cephgw.test.lab:7480
+  DNS-style bucket+hostname:port template for accessing a bucket: cephgw.test.lab:7480
+  Encryption password: thanh
+  Path to GPG program: /bin/gpg
+  Use HTTPS protocol: False
+  HTTP Proxy server name:
+  HTTP Proxy server port: 0
+
+Test access with supplied credentials? [Y/n] y
+Please wait, attempting to list all buckets...
+Success. Your access key and secret key worked fine :-)
+
+Now verifying that encryption works...
+Success. Encryption and decryption worked fine :-)
+
+Save settings? [y/N] y
+Configuration saved to '/root/.s3cfg'
+```
+> Kết nối s3 API thành công với Ceph Radosgw
+
+> Lưu ý cả thiết lập: Access Key, Secret Key, S3 Endpoint, S3 system supports dns based buckets, Use HTTPS protocol [No]: No
+__Tạo bucket thông qua s3 cmd__
+
+```
+[root@ceph-s3 ~]# s3cmd ls
+[root@ceph-s3 ~]#  s3cmd mb s3://first-bucket
+Bucket 's3://first-bucket/' created
+[root@ceph-s3 ~]# s3cmd put /etc/hosts s3://first-bucket
+upload: '/etc/hosts' -> 's3://first-bucket/hosts'  [1 of 1]
+ 287 of 287   100% in    1s   149.55 B/s  done
+```
+
+### Phần 6: Kiểm chứng
+#### Kiểm tra tại Ceph storage cluste
+> Thực hiện tại node có quyền admin trong ceph
+
+Kiểm tra bucket vừa tạo thông qua s3 interface tại ceph-s3 node
+```
+[root@ceph-admin cluster]# radosgw-admin bucket list --bucket=first-bucket
+[
+    {
+        "name": "hosts",
+        "instance": "",
+        "namespace": "",
+        "owner": "lacoski",
+        "owner_display_name": "my user lacoski",
+        "size": 287,
+        "mtime": "2018-03-01 06:54:26.738998Z",
+        "etag": "4913007553cb4d9f13babc6cec275407",
+        "content_type": "text\/plain",
+        "tag": "f0332421-32af-4fc3-8a3e-c55a5b365b60.84105.9",
+        "flags": 0,
+        "user_data": ""
+    }
+]
+```
+> The Ceph Object Gateway supports a subset of the Amazon S3 policy language applied to buckets. [Link](http://docs.ceph.com/docs/master/radosgw/bucketpolicy/)
 
-#### 
+## Nguồn
+http://docs.ceph.com/docs/master/radosgw/bucketpolicy/#
+http://s3tools.org/usage
+http://s3tools.org/s3cmd
+http://s3tools.org/s3cmd-howto
+https://linuxconfig.org/getting-started-with-aws-s3cmd-command-by-examples
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	+<mxfile userAgent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36" version="8.3.4" editor="www.draw.io" type="device"><diagram id="4cf90dc6-6bb1-a75f-946d-dfb10c2198e1" name="Page-1">7Vtdc6M2FP01nuk+hEEfSOgxzm7ah21np+lMdx+xUWwmGLkYr53++oog2YAAKzE4ZhrPZAxXQoJ7zr26R8QTdLfa/5oG6+XvIuTxBLrhfoI+TyAELiTyK7c8FxaMvMKwSKNQdToaHqJ/ub5SWbdRyDeVjpkQcRatq8a5SBI+zyq2IE3FrtrtUcTVWdfBghuGh3kQm9a/ozBbFlYf0qP9Nx4tlnpmQFjRMgvmT4tUbBM13wSix5dP0bwK9FjqQTfLIBS7kgl9maC7VIisOFrt73ic+1a7rbjuvqX1cN8pTzKbC2Bxwc8g3qpHv+PrpbT8Ke9rs9jJo6/BTN1r9qz9k/G9HH66zFaxNAB5uMlS8cTvRCxSaUlEIntOH6M4rpmCOFok8nQub5BL+/QnT7NIev5WNayiMMynme6WUcYf1sE8n3MneSZtL57l+b27+fAiyR7UTQF9XnAJePJcPZucgO9b/QMOXpds5mLFs/RZdlEXYKKAUkRm6nR3ZAVylW1ZYgRStkARcXEY+QiGPFB4NGODDGwMHHgS3uZ0P/q3BEnZHbjmLrcJiryDhksS9/7elZ8ajEdC1zEvX1G06NBBByx4aMTdSSRKrvYaPK1tKY+DLPpZHb7J/WqGbyKSEx+ARrgKNCA1BDdim865uqocUbWBfHJioCxIFzwzBnphw+GxrQiCDYJ8287iaC5tf/BsJ9Knaw5cxUzYQbweAvgQnRoOZEYwgA28gj1EsGcABBh0APEd6Mjh7zWCVw0Q7soMlQx8PlpG8HgXREvf7jsm3KlHX5lw1RXjT7jYe2vC9ZjDSh+/e9j+0m9T8RRvNzm0o0/AilYDJGAMLxnSZg2lMzAaeQbWqWLgDIzxBeHSa3NXBs7V1br1QZUgDGa6u/tqvkpueM0VXMkFrMkDrAcXALOoa3FBPemDrni18Qtymx2j3KAl/AkvAOr14AWzcjK8UI2XpogqL81mtNrWOMaii2QbQob/oXW+xJ1+BpZ+ruuKN/mZGH7myQahtqTYfyZ8W90ZBzMeT0Ua8rQRMsmDKFn8JdZqXGVQKKmzr/wxU+1n4bbX5YBjIoe9BuT6CBDaECAkzpTPKuCRf7ZCN9xsXrx7KzsAtN4fG+XRIv/Ot39ugnAVJXq8WarbflF290b+rUTySXeRd1vMWvQzrxznIguY7wLWU1hTZBXWqA9y+I1RTa82qlUt0xbVnxkhg0V126pnRLXC8bBHfYEob9jhMTDsVKSvEYy2KBkskN/p8/fc546nT39UChJDhRYirMpWG1AuI01xDfF6XWerTGul9GE/aAAp2rQcnEmU1q1c20XaJMo+yko8kWc/KpFq0KRwdLVUuR6a3NR4gugbeYIH4wWy2NIaWlBhn9QFledbrYWQ4fNzqFnhDuAB1OICzQzsYAwwJAATF7jQ6ukBpY6sQAgGlMjMi0kPC4qZJjrL/esuz2zVgFUZQLqrANchsKG69x3quccPaEARO4xiDyHgEkZc5tHzUTTLOwPA0YrjFhx05qAOpi70fQIx9Sn1sV0oecyh0EceAthlgPj++SAwA4QX6ZSIkN+ABu0k9dIkTx3SDa7YhJ8auqTFO/eGpnEG6Ov0Uzfy1G5XpBf5ZEL7IZ9a5VP34t8gn7ADkOfLNREyD+t9jFNiaoAs2vB21kB4lOLKBp4LCSl8XDYPYqpW01kXydjxGAOIMkkChHH1NZ8c1wGUQRczgj3fJag6S49Sy2L1HaHUuirSyFgvAY0rSMtamhAP5Is5hQSRN/NpONEFTzNkaNFFQD3x2r/F6kF06T2ygVUX7CwZEHAY9gh1CfQlX5BlCSHTiCNZhZiqGPuoKEwZ/qG7ykzp4aUKc2SZ4x5kdkfasUbNIo5Hq7Pa/P7c6c530FnA/BeOo9CCH0Lr9ULrBPTULMmHUlrQXCY+lFZrVday2o1AaVnswY5fabXAc7GiuaeXVlejs8xdmLNJc206670pU9VZFaBHILMsfh8ztMyibb8auYTIQtb/KniWyEKd1cL1iCxk7ud9iKwyU65SZCGL2mC0IqvN71cnspD5Yniei6wNMiXS7Xr9/9RNJ9C8oG7CFttrY6+NWpadj9qogSDy9PiT8aL78Xf56Mt/</diagram></mxfile>