PricingTechnologyDocumentation
Login
HomePricingTechnologyDocumentationLoginSignup

Swift Object Storage

CloudBD disks require access to a "storage remote" for storing all disk data blocks and metadata. This page will guide you through the creation of an OpenStack Swift storage remote that uses Swift cloud storage as well as any extra steps for improved security and performance.

Unlike AWS S3 and GCS, OpenStack Swift is optimized to handle operations to many containers (buckets) in parallel. In order to achieve high performance on Swift storage remotes, disk data will be distributed across multiple containers. This avoids performance bottlenecking on Swift container updates.

A CloudBD Swift storage remote consists of one primary remote container and a number of data containers. The primary container needs to be created manually for new Swift storage remotes. The data containers are created automatically during the first CloudBD disk creation on a Swift storage remote. The data containers use the naming template .cloudbd-<primary_container_name>-###.

Get CLIs

OpenStack provides several command line tools that can be useful in setting up your Swift storage remote.

  • python-openstackclient

    A generic client that can configure OpenStack identity (Keystone) and object-storage (Swift) -- useful for setting up Swift storage remotes that use Keystone auth.

  • python-swiftclient

    The OpenStack object-storage (Swift) client -- useful for setting up Swift storage remotes that use SwiftStack auth.

The CLIs allow you to communicate with the OpenStack services via a command line interface. The example command below are issued with the assumption that the proper environement variables for an OpenStack administrator user are set to allow the CLIs to create users, projects, and apply roles. See OpenStack's documentation for more info.

Create Swift Account

The CloudBD Swift disk driver supports Keystone (v2 and v3) and SwiftStack auth. We recommend creating a dedicated Swift account for your CloudBD disks. Depending on your Swift auth type your Swift account may be connected to a Keystone project or a SwiftStack account.

  • When Using Keystone Auth

    A Swift storage account is connected to a Keystone project (also called a tenant in Keystone v2) and secured by a Keystone user and role. These can be created using the openstack CLI by an admin user following the guides below.

    1. Create Project

      # create a new project named cloudbd
openstack project create cloudbd

    2. Create User

      # create a new user named cloudbd prompting for a password
openstack user create --password-prompt --project cloudbd cloudbd

    3. Add Operator Role

      The CloudBD user requires one of the operator roles defined in proxy-server.conf when configuring Swift to use Keystone.

      # example when Swift keystoneauth is configured with the default operator
# roles in proxy-server.conf
#   [filter:keystoneauth]
#   use = egg:swift#keystoneauth
#   operator_roles = admin, swiftoperator

# add swiftoperator role to cloudbd user for project cloudbd
openstack role add --user cloudbd --project cloudbd swiftoperator

  • When Using SwiftStack Auth

    The Swift storage account is connected directly to the SwiftStack user account. A new SwiftStack user can be created by an admin on the SwiftStack Controller console. See SwiftStack's Create User guide for more information.

    We recommend creating a dedicated SwiftStack user 'cloudbd' for your CloudBD disks.

Create Primary Container

Each OpenStack Swift storage remote can store any number of CloudBD disks. The primary container for a storage remote must be created manually and the data containers are created automatically during the first disk creation on the storage remote.

  • When Using Keystone Auth

    Create the primary container using the python-openstack client command line tool.

    openstack --os-project-name=cloudbd --os-username=cloudbd --os-password=<cloudbd password> \
            container create <primary_container_name>

  • When Using SwiftStack Auth

    The primary container can be created through the SwiftStack web console or from the python-swiftclient command line tool.

    swift -A <Swift API Auth URL> -U cloudbd -K <cloudbd password> \
            post <primary_container_name>

Deploy Config File

Now that your OpenStack Swift storage remote has been created you need to create a storage remote config file and deploy it to the servers that will manage and use CloudBD disks. Storage remote config files are placed in the /etc/cloudbd/remotes.d/ directory. These config files must end in ".conf" and use the basic INI config format of key = value.

Below are the storage remote config file fields for OpenStack using Keystone v3, Keystone v2, and SwiftStack auths. Follow the appropriate example for your OpenStack auth deployment to create a storage remote config file.

Keystone v3 Auth

Required Fields:

  • type

    Declares the type of remote connection. For OpenStack Swift storage remotes using Keystone v3 the type is swift_v3.

    type = swift_v3

  • auth_url

    The Keystone v3 identity service URL. This may be either the public or the internal interface URL (whichever fits better with your openstack deployment). A list of identity endpoints can be found using openstack endpoint list --service identity.

    auth_url = <Keystone v3 identity URL>

  • project

    The OpenStack project that contains the primary container.

    project = <Project>

  • user

    The OpenStack user with operator access to the project.

    user = <User>

  • password

    The above user's password.

    password = <Password>

  • container

    The primary container name for the storage remote (previously created).

    container = <primary_container_name>

Optional Fields:

  • endpoint_interface

    Which Swift storage endpoint URL to use (public or internal). If not specified CloudBD will use the 'public' endpoint URL.

    endpoint_interface = public

  • project_domain

    The OpenStack domain the project belongs to. If not specified CloudBD will use the 'default' domain.

    project_domain = <Project Domain>

  • user_domain

    The OpenStack domain the user belongs to. If not specified CloudBD will use the 'default' domain.

    user_domain = <User Domain>

  • region

    The OpenStack region. If you have configured multiple regions in your OpenStack deployment you can specify which region to use for reading and writing Swift data.

    region = <Region>

Example Storage Remote Config File:

type = swift_v3
auth_url = https://keystone:5000/v3
project = cloudbd
user = cloudbd
password = mypassword
container = cloudbd-disks

Keystone v2 Auth

Required Fields:

  • type

    Declares the type of remote connection. For OpenStack Swift storage remotes using Keystone v2 the type is swift_v2.

    type = swift_v2

  • auth_url

    The Keystone v2 identity service URL. This may be either the public or the internal interface URL (whichever fits better with your openstack deployment). A list of identity endpoints can be found using openstack endpoint list --service identity.

    auth_url = <Keystone v2 identity URL>

  • tenant

    The OpenStack tenant that contains the primary container.

    tenant = <Tenant>

  • user

    The OpenStack user with operator access to the tenant.

    user = <User>

  • password

    The above user's password.

    password = <Password>

  • container

    The primary container name for the storage remote (previously created).

    container = <primary_container_name>

Optional Fields:

  • endpoint_interface

    Which Swift storage endpoint URL to use (public or internal). If not specified CloudBD will use the 'public' endpoint URL.

    endpoint_interface = public

  • region

    The OpenStack region. If you have configured multiple regions in your OpenStack deployment you can specify which region to use for reading and writing Swift data.

    region = <Region>

Example Storage Remote Config File:

type = swift_v2
auth_url = https://keystone:5000/v2.0
tenant = cloudbd
user = cloudbd
password = mypassword
container = cloudbd-disks

SwiftStack Auth

Required Fields:

  • type

    Declares the type of remote connection. For OpenStack Swift storage remotes using SwiftStack auth the type is swift_v1.

    type = swift_v1

  • auth_url

    The SwiftStack API Auth Url. This URL can be found by clicking Monitor on your cluster through the https://platform.swiftstack.com website.

    auth_url = <Swift API Auth URL>

  • user

    The SwiftStack user created for cloudbd disks.

    user = <User>

  • password

    The above user's password.

    password = <Password>

  • container

    The primary container name for the storage remote (previously created).

    container = <primary_container_name>

Example Storage Remote Config File:

type = swift_v1
auth_url = https://saio/auth/v1.0/
user = cloudbd
password = mypassword
container = cloudbd-disks
← Google Cloud StorageInstallation →
HomePricingTechnologyDocumentation
LoginSignup
Cookie PolicyPrivacy PolicyTerms and Conditions


© 2020, CloudBD LLC. All rights reserved.

Amazon Web Services, Amazon S3, EC2 and the Amazon Web Services logo are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries. Ubuntu and the Ubuntu Circle of Friends logo are registered trademarks of Canonical Ltd. Google, Google Cloud Storage and the Google Cloud Platform logo are registered trademarks of Google LLC. Linux ® is the registered trademark of Linus Torvalds in the U.S. and other countries. OpenStack is either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries.