RADOS Gateway standard setup, installation, and configuration

For a production environment, it's recommended that you configure the RGW on a physical, dedicated machine. However, if your object storage workload is not too much, you can consider using any of the monitor machines as an RGW node. The RGW is a separate service that externally connects to a Ceph cluster and provides object storage access to its clients. In a production environment, it's recommended that you run more than one instance of the RGW, masked by a load balancer, as shown in the following diagram:

RADOS Gateway standard setup, installation, and configuration

Starting with the Firefly release of Ceph, a new RGW frontend had been introduced: Civetweb, which is a lightweight standalone web server. Civetweb has been embedded directly into the ceph-radosgw service, making the Ceph object storage service deployment quicker and easier.

In the following recipes, we will demonstrate the RGW configuration using Civetweb on a virtual machine that will interact with the same Ceph cluster that we have created in Chapter 1, Ceph – Introduction and Beyond.

Setting up the RADOS Gateway node

To run the Ceph object storage service, we should have a running Ceph cluster and the RGW node should have access to the Ceph network.

How to do it…

As demonstrated in earlier chapters, we will boot up a virtual machine using Vagrant and configure that as our RGW node.

  1. Launch rgw-node1 using Vagrantfile, as we have done for Ceph nodes in Chapter 1, Ceph – Introduction and Beyond. Make sure you are on the host machine and under the ceph-cookbook repository before bringing up rgw-node1 using Vagrant:
    # cd ceph-cookbook
# vagrant up rgw-node1
    How to do it…
  2. Once rgw-node1 is up, check the Vagrant status, and log in to the node:
    $ vagrant status rgw-node1
$ vagrant ssh rgw-node1
    How to do it…
  3. Check if rgw-node1 can reach the Ceph cluster nodes:
    # ping ceph-node1 -c 3
# ping ceph-node2 -c 3
# ping ceph-node3 -c 3
  4. Verify the local host file entries, hostname, and FQDN for rgw-node1:
    # cat /etc/hosts | grep -i rgw
# hostname
# hostname -f
    How to do it…

Installing the RADOS Gateway

The previous recipe was about setting up a virtual machine for RGW. In this recipe, we will learn to set up the ceph-radosgw service on this node.

How to do it…

  1. First, we should install the Ceph packages on rgw-node1. To do this, we will use the ceph-deploy tool from ceph-node1, which is our Ceph monitor node. Log in to ceph-node1 and perform the following commands:
    1. Make sure that ceph-node1 can reach rgw-node1 over the network using the following command:
      # ping rgw-node1 -c 1
    2. Allow ceph-node1 a password-less SSH login to rgw-node1 and test the connection.

      Note

      The root password for rgw-node1 is the same as earlier, that is, vagrant.

      # ssh-copy-id rgw-node1
# ssh rgw-node1 hostname
      How to do it…
    3. Using ceph-node1, install the Ceph packages and copy the ceph.conf file to rgw-node1:
      # cd /etc/ceph
# ceph-deploy install rgw-node1
# ceph-deploy config push rgw-node1
  2. Finally, log in to rgw-node1 and install the ceph-radosgw package:
    # yum install ceph-radosgw

Configuring RADOS Gateway

Since we are using the Civetweb embedded web server for RGW, most of the things have already been set up with the ceph-radosgw service. In this recipe, we will create Ceph authentication keys for the Ceph RGW user and update the ceph.conf file.

How to do it…

  1. To create the RGW user and keyring, execute the following commands from ceph-node1:
    1. Create a keyring using the following command:
      # cd /etc/ceph
# ceph-authtool --create-keyring  
/etc/ceph/ceph.client.radosgw.keyring
# chmod +r /etc/ceph/ceph.client.radosgw.keyring
    2. Generate the gateway user and key for the RGW instance; our RGW instance name is gateway:
      # ceph-authtool /etc/ceph/ceph.client.radosgw.keyring 
-n client.radosgw.gateway --gen-key
    3. Add capabilities to the key:
      # ceph-authtool -n client.radosgw.gateway --cap osd 'allow rwx' 
 --cap mon 'allow rwx' /etc/ceph/ceph.client.radosgw.keyring
    4. Add the key to the Ceph cluster:
      # ceph auth add client.radosgw.gateway 
-i /etc/ceph/ceph.client.radosgw.keyring
    5. Distribute the key to the Ceph RGW node:
      # scp /etc/ceph/ceph.client.radosgw.keyring 
rgw-node1:/etc/ceph/ceph.client.radosgw.keyring
    How to do it…
  2. Add the client.radosgw.gateway section to ceph.conf on rgw-node1. Make sure that the hostname is similar to the # hostname -s command output:
    [client.radosgw.gateway]
host = rgw-node1
keyring = /etc/ceph/ceph.client.radosgw.keyring
rgw socket path = /var/run/ceph/ceph.radosgw.gateway.fastcgi.sock
log file = /var/log/ceph/client.radosgw.gateway.log
rgw dns name = rgw-node1.cephcookbook.com
rgw print continue = false
    How to do it…
  3. By default, the ceph-radosgw startup script executes with the default user, apache. Change the default user from apache to root:
    # sed -i s"/DEFAULT_USER.*=.*'apache'/DEFAULT_USER='root'"/g /etc/rc.d/init.d/ceph-radosgw

    Note

    In a production environment, do not run ceph-radosgw as the 'root' user; instead, use 'apache' or any other non-root user.

  4. Start the Ceph radosgw service and check its status:
    # service ceph-radosgw start
# service ceph-radosgw status
  5. The Civetweb webserver that is embedded into the ceph-radosgw daemon should now be running on the default port, 7480:
    # netstat -nlp | grep -i 7480
    How to do it…
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.188.178.181