2013-10-30 22:18:57 +00:00
=============================
Install Ceph Object Gateway
=============================
The :term: `Ceph Object Gateway` daemon runs on Apache and FastCGI.
2013-12-02 18:48:27 +00:00
To run a :term: `Ceph Object Storage` service, you must install Apache and
2013-10-30 22:18:57 +00:00
FastCGI. Then, you must install the Ceph Object Gateway daemon. The Ceph Object
Gateway supports 100-continue, but you must install Ceph builds of Apache and
FastCGI for 100-continue support. To install the Ceph Object Gateway, first
2013-12-02 18:48:27 +00:00
install and configure Apache and FastCGI. Then, install the Ceph Object Gateway
2013-10-30 22:18:57 +00:00
daemon. If you plan to run a Ceph Object Storage service with a federated
2013-12-02 18:48:27 +00:00
architecture (multiple regions and zones), you must also install the
2013-10-30 22:18:57 +00:00
synchronization agent.
2013-12-02 18:48:27 +00:00
See `Get Packages`_ for information on adding Ceph packages to each Ceph Node.
Ensure that you have executed those steps on each Ceph Node first.
2013-10-30 22:18:57 +00:00
Apache/FastCGI w/out 100-Continue
=================================
You may use standard Apache and FastCGI packages for your Ceph Object
Gateways. However, they will not provide 100-continue support.
Debian Packages
---------------
To install Apache and FastCGI Debian packages, execute the following::
sudo apt-get install apache2 libapache2-mod-fastcgi
RPM Packages
------------
To install Apache and FastCGI RPMs, execute the following::
2014-04-08 22:53:32 +00:00
sudo rpm -ivh fcgi-2.4.0-10.el6.x86_64.rpm
sudo rpm -ivh mod_fastcgi-2.4.6-2.el6.rf.x86_64.rpm
2013-10-30 22:18:57 +00:00
Or::
sudo yum install httpd mod_fastcgi
Apache/FastCGI w/ 100-Continue
==============================
The Ceph community provides a slightly optimized version of the `` apache2 ``
and `` fastcgi `` packages. The material difference is that the Ceph packages are
optimized for the `` 100-continue `` HTTP response, where the server determines
if it will accept the request by first evaluating the request header. See `RFC
2616, Section 8`_ for details on ` `100-continue` `. You can find the most recent
builds of Apache and FastCGI packages modified for Ceph at `gitbuilder.ceph.com`_ .
Debian Packages
---------------
2014-04-08 22:53:32 +00:00
#. Add the development key::
wget -q -O- https://raw.github.com/ceph/ceph/master/keys/autobuild.asc | sudo apt-key add -
2014-03-23 04:58:09 +00:00
2013-10-30 22:18:57 +00:00
#. Add a `` ceph-apache.list `` file to your APT sources. ::
echo deb http://gitbuilder.ceph.com/apache2-deb-$(lsb_release -sc)-x86_64-basic/ref/master $(lsb_release -sc) main | sudo tee /etc/apt/sources.list.d/ceph-apache.list
#. Add a `` ceph-fastcgi.list `` file to your APT sources. ::
echo deb http://gitbuilder.ceph.com/libapache-mod-fastcgi-deb-$(lsb_release -sc)-x86_64-basic/ref/master $(lsb_release -sc) main | sudo tee /etc/apt/sources.list.d/ceph-fastcgi.list
#. Update your repository and install Apache and FastCGI::
sudo apt-get update && sudo apt-get install apache2 libapache2-mod-fastcgi
RPM Packages
------------
To install Apache with 100-continue, execute the following steps:
#. Install `` yum-plugin-priorities `` . ::
sudo yum install yum-plugin-priorities
#. Ensure `` /etc/yum/pluginconf.d/priorities.conf `` exists.
#. Ensure `` priorities.conf `` enables the plugin. ::
[main]
enabled = 1
#. Add a `` ceph-apache.repo `` file to `` /etc/yum.repos.d `` . Replace
`` {distro} `` with the name of your distribution (e.g., `` centos6 `` ,
`` rhel6 `` , etc.) ::
[apache2-ceph-noarch]
name=Apache noarch packages for Ceph
baseurl=http://gitbuilder.ceph.com/apache2-rpm-{distro}-x86_64-basic/ref/master
enabled=1
priority=2
gpgcheck=1
type=rpm-md
gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/autobuild.asc
[apache2-ceph-source]
name=Apache source packages for Ceph
baseurl=http://gitbuilder.ceph.com/apache2-rpm-{distro}-x86_64-basic/ref/master
enabled=0
priority=2
gpgcheck=1
type=rpm-md
gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/autobuild.asc
#. Add a `` ceph-fastcgi.repo `` file to `` /etc/yum.repos.d `` . Replace
`` {distro} `` with the name of your distribution (e.g., `` centos6 `` ,
`` rhel6 `` , etc.) ::
[fastcgi-ceph-basearch]
name=FastCGI basearch packages for Ceph
2014-01-31 21:51:47 +00:00
baseurl=http://gitbuilder.ceph.com/mod_fastcgi-rpm-{distro}-x86_64-basic/ref/master
2013-10-30 22:18:57 +00:00
enabled=1
priority=2
gpgcheck=1
type=rpm-md
gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/autobuild.asc
[fastcgi-ceph-noarch]
name=FastCGI noarch packages for Ceph
2014-01-31 21:51:47 +00:00
baseurl=http://gitbuilder.ceph.com/mod_fastcgi-rpm-{distro}-x86_64-basic/ref/master
2013-10-30 22:18:57 +00:00
enabled=1
priority=2
gpgcheck=1
type=rpm-md
gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/autobuild.asc
[fastcgi-ceph-source]
name=FastCGI source packages for Ceph
2014-01-31 21:51:47 +00:00
baseurl=http://gitbuilder.ceph.com/mod_fastcgi-rpm-{distro}-x86_64-basic/ref/master
2013-10-30 22:18:57 +00:00
enabled=0
priority=2
gpgcheck=1
type=rpm-md
gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/autobuild.asc
2014-04-08 22:53:32 +00:00
If the repository doesn't have a `` noarch `` section, you may remove the
`` noarch `` entry above.
2013-10-30 22:18:57 +00:00
2014-04-29 01:08:59 +00:00
#. Update your repository. On RHEL systems, enable the
`` rhel-6-server-optional-rpms `` repository. ::
sudo yum update --enablerepo=rhel-6-server-optional-rpms
#. Install Apache and FastCGI. ::
2013-10-30 22:18:57 +00:00
sudo yum update && sudo yum install httpd mod_fastcgi
Configure Apache/FastCGI
========================
To complete the installation, ensure that you have the rewrite module
enabled and FastCGI enabled. The steps differ slightly based upon the
type of package installation.
Debian-based Packages
---------------------
#. Open the `` apache2.conf `` file. ::
sudo vim /etc/apache2/apache2.conf
#. Add a line for the `` ServerName `` in the Apache configuration file.
Provide the fully qualified domain name of the server machine
(e.g., `` hostname -f `` ). ::
ServerName {fqdn}
#. Enable the URL rewrite modules for Apache and FastCGI. ::
sudo a2enmod rewrite
sudo a2enmod fastcgi
#. Restart Apache so that the foregoing changes take effect. ::
sudo service apache2 restart
RPM-based Packages
------------------
#. Open the `` httpd.conf `` file. ::
sudo vim /etc/httpd/conf/httpd.conf
#. Uncomment `` #ServerName `` and add the name of your server.
Provide the fully qualified domain name of the server machine
(e.g., `` hostname -f `` ).::
2014-11-12 16:52:16 +00:00
ServerName {fqdn}
2013-10-30 22:18:57 +00:00
#. Ensure that the Rewrite module is enabled. ::
#if not present, add:
LoadModule rewrite_module modules/mod_rewrite.so
#. Save the `` httpd.conf `` file.
#. Ensure that the FastCGI module is enabled. The installer should
include an `` /etc/httpd/conf.d/fastcgi.conf `` file that loads the
FastCGI module. ::
#if not present, add:
LoadModule fastcgi_module modules/mod_fastcgi.so
#. Restart Apache so that the foregoing changes take effect.. ::
2014-04-08 22:53:32 +00:00
sudo /etc/init.d/httpd restart
2013-10-30 22:18:57 +00:00
2013-11-04 20:50:30 +00:00
Enable SSL
==========
2013-10-30 22:18:57 +00:00
2013-11-04 20:50:30 +00:00
Some REST clients use HTTPS by default. So you should consider enabling SSL
for Apache. Use the following procedures to enable SSL.
.. note :: You can use self-certified certificates. Some client
APIs check for a trusted certificate authority. You may need to obtain
a SSL certificate from a trusted authority to use those client APIs.
Debian Packages
---------------
To enable SSL for Debian/Ubuntu systems, execute the following steps:
#. Ensure that you have installed the dependencies. ::
sudo apt-get install openssl ssl-cert
#. Enable the SSL module. ::
sudo a2enmod ssl
#. Generate a certificate. ::
sudo mkdir /etc/apache2/ssl
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
#. Restart Apache. ::
2014-04-08 22:53:32 +00:00
sudo service apache2 restart
2013-11-04 20:50:30 +00:00
See the `Ubuntu Server Guide`_ for additional details.
RPM Packages
------------
To enable SSL for RPM-based systems, execute the following steps:
#. Ensure that you have installed the dependencies. ::
sudo yum install mod_ssl openssl
2014-12-26 14:28:57 +00:00
#. Generate private key. ::
2013-11-04 20:50:30 +00:00
2014-12-26 14:28:57 +00:00
openssl genrsa -out ca.key 2048
#. Generate CSR. ::
openssl req -new -key ca.key -out ca.csr
#. Generate a certificate. ::
2013-11-04 20:50:30 +00:00
openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
2014-12-26 14:28:57 +00:00
#. Copy the files to appropriate locations. ::
2013-11-04 20:50:30 +00:00
cp ca.crt /etc/pki/tls/certs
cp ca.key /etc/pki/tls/private/ca.key
cp ca.csr /etc/pki/tls/private/ca.csr
2014-12-26 14:28:57 +00:00
#. Update the Apache SSL configuration file `` /etc/httpd/conf.d/ssl.conf `` .
Give the correct location of `` SSLCertificateFile `` . ::
SSLCertificateFile /etc/pki/tls/certs/ca.crt
Give the correct location of `` SSLCertificateKeyFile `` . ::
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
Save the changes.
2013-11-04 20:50:30 +00:00
#. Restart Apache. ::
2014-04-08 22:53:32 +00:00
sudo /etc/init.d/httpd restart
2013-11-04 20:50:30 +00:00
See `Setting up an SSL secured Webserver with CentOS`_ for additional details.
Add Wildcard to DNS
===================
To use Ceph with S3-style subdomains (e.g., `` bucket-name.domain-name.com `` ),
you need to add a wildcard to the DNS record of the DNS server you use with the
`` radosgw `` daemon.
.. tip :: The address of the DNS must also be specified in the Ceph
configuration file with the `` rgw dns name = {hostname} `` setting.
For `` dnsmasq `` , consider addding the following `` address `` setting with a dot
(.) prepended to the host name::
address=/.{hostname-or-fqdn}/{host-ip-address}
address=/.ceph-node/192.168.0.1
For `` bind `` , consider adding the a wildcard to the DNS record::
$TTL 604800
@ IN SOA ceph-node. root.ceph-node. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ceph-node.
@ IN A 192.168.122.113
* IN CNAME @
Restart your DNS server and ping your server with a subdomain to
ensure that your Ceph Object Store `` radosgw `` daemon can process
the subdomain requests. ::
ping mybucket.{fqdn}
ping mybucket.ceph-node
2013-10-30 22:18:57 +00:00
Install Ceph Object Gateway
===========================
Ceph Object Storage services use the Ceph Object Gateway daemon (`` radosgw `` )
to enable the gateway. For federated architectures, the synchronization
agent (`` radosgw-agent `` ) provides data and metadata synchronization between
zones and regions.
Debian Packages
---------------
2013-12-02 18:48:27 +00:00
To install the Ceph Object Gateway daemon, execute the following::
2013-10-30 22:18:57 +00:00
sudo apt-get install radosgw
To install the Ceph Object Gateway synchronization agent, execute the
following::
2013-11-22 23:48:25 +00:00
sudo apt-get install radosgw-agent
2013-10-30 22:18:57 +00:00
RPM Packages
------------
To install the Ceph Object Gateway daemon, execute the
following::
2014-04-08 22:53:32 +00:00
sudo yum install ceph-radosgw ceph
2013-10-30 22:18:57 +00:00
To install the Ceph Object Gateway synchronization agent, execute the
following::
2014-04-08 22:53:32 +00:00
sudo yum install radosgw-agent
2013-11-04 20:50:30 +00:00
2014-08-07 21:15:45 +00:00
Configure The Gateway
=====================
Once you have installed the Ceph Object Gateway packages, the next step is
to configure your Ceph Object Gateway. There are two approaches:
- **Simple:** A `simple`_ Ceph Object Gateway configuration implies that you
are running a Ceph Object Storage service in a single data center. So you can
configure the Ceph Object Gateway without regard to regions and zones.
- **Federated:** A `federated`_ Ceph Object Gateway configuration implies that
you are running a Ceph Object Storage service in a geographically distributed
manner for fault tolerance and failover. This involves configuring your
Ceph Object Gateway instances with regions and zones.
Choose the approach that best reflects your cluster.
2013-11-04 20:50:30 +00:00
2013-12-02 18:48:27 +00:00
.. _Get Packages: ../get-packages
2013-11-04 20:50:30 +00:00
.. _Ubuntu Server Guide: https://help.ubuntu.com/12.04/serverguide/httpd.html
.. _Setting up an SSL secured Webserver with CentOS: http://wiki.centos.org/HowTos/Https
2014-04-29 01:08:59 +00:00
.. _RFC 2616, Section 8: http://www.w3.org/Protocols/rfc2616/rfc2616-sec8.html
.. _gitbuilder.ceph.com: http://gitbuilder.ceph.com
.. _Installing YUM Priorities: ../yum-priorities
2014-08-07 21:15:45 +00:00
.. _simple: ../../radosgw/config
.. _federated: ../../radosgw/federated-config