RepoMirrors/ceph
1
0
Fork 0
mirror of https://github.com/ceph/ceph synced 2025-01-02 17:12:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

doc: Replaces reference to mod_fastcgi with mod_proxy_fcgi in gateway

Browse Source 
installation doc.

Fixes: #3299

Signed-off-by: Nilamdyuti Goswami <ngoswami@redhat.com>
This commit is contained in:
Nilamdyuti Goswami 2015-04-02 16:44:38 +05:30
parent 18c34f2133
commit b09eb13bf7
1 changed files with 104 additions and 258 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

362
doc/install/install-ceph-gateway.rst
View File

@ -2,227 +2,110 @@
Install Ceph Object Gateway
=============================
The :term:`Ceph Object Gateway` daemon runs on Apache and FastCGI.
.. note:: To run the Ceph object gateway service, you should have a running
Ceph cluster, the gateway host should have access to storage and public
networks, and SELinux should be in permissive mode in rpm-based distros.
The :term:`Ceph Object Gateway` daemon runs on Apache and FastCGI.
To run a :term:`Ceph Object Storage` service, you must install Apache and
FastCGI. Then, you must install the Ceph Object Gateway daemon. The Ceph Object
Gateway supports 100-continue, but you must install Ceph builds of Apache and
FastCGI for 100-continue support. To install the Ceph Object Gateway, first
install and configure Apache and FastCGI. Then, install the Ceph Object Gateway
daemon. If you plan to run a Ceph Object Storage service with a federated
architecture (multiple regions and zones), you must also install the
synchronization agent.
Ceph Object Gateway daemon on the host that is going to provide the gateway
service, i.e, the `gateway host`. If you plan to run a Ceph Object Storage
service with a federated architecture (multiple regions and zones), you must
also install the synchronization agent.
See `Get Packages`_ for information on adding Ceph packages to each Ceph Node.
Ensure that you have executed those steps on each Ceph Node first.
.. note:: Previous versions of Inktank Ceph Enterprise shipped with
`mod_fastcgi`. The current version ships with `mod_proxy_fcgi` instead.
In distros that ship Apache 2.4 (such as RHEL 7, CentOS 7 or Ubuntu 14.04
`Trusty`), `mod_proxy_fcgi` is already present. When you install the `httpd`
package with `yum`, `mod_proxy_fcgi` becomes available for use on your server.
In distros that ship Apache 2.2 (such as RHEL 6, CentOS 6 or Ubuntu 12.04
`Precise`), `mod_proxy_fcgi` comes as a separate package. In *RHEL 6/CentOS 6*,
it is available in `EPEL 6` repo and can be installed with `yum install
mod_proxy_fcgi`. For Ubuntu *12.04*, a backport has been created for
`mod_proxy_fcgi` which is available in `Precise` backport repository.
Apache/FastCGI w/out 100-Continue
=================================
Install Apache
==============
You may use standard Apache and FastCGI packages for your Ceph Object
Gateways. However, they will not provide 100-continue support.
To install Apache on the `gateway host`, execute the following:
Debian Packages
---------------
On Debian-based distros, run::
To install Apache and FastCGI Debian packages, execute the following::
sudo apt-get install apache2
sudo apt-get install apache2 libapache2-mod-fastcgi
On RPM-based distros, run::
sudo yum install httpd
RPM Packages
------------
Configure Apache
================
To install Apache and FastCGI RPMs, execute the following::
Make the following changes in Apache's configuration on the `gateway host`:
sudo rpm -ivh fcgi-2.4.0-10.el6.x86_64.rpm
sudo rpm -ivh mod_fastcgi-2.4.6-2.el6.rf.x86_64.rpm
Debian-based distros
--------------------
Or::
sudo yum install httpd mod_fastcgi
Apache/FastCGI w/ 100-Continue
==============================
The Ceph community provides a slightly optimized version of the ``apache2``
and ``fastcgi`` packages. The material difference is that the Ceph packages are
optimized for the ``100-continue`` HTTP response, where the server determines
if it will accept the request by first evaluating the request header. See `RFC
2616, Section 8`_ for details on ``100-continue``. You can find the most recent
builds of Apache and FastCGI packages modified for Ceph at `gitbuilder.ceph.com`_.
Debian Packages
---------------
#. Add the development key::
wget -q -O- https://raw.github.com/ceph/ceph/master/keys/autobuild.asc | sudo apt-key add -
#. Add a ``ceph-apache.list`` file to your APT sources. ::
echo deb http://gitbuilder.ceph.com/apache2-deb-$(lsb_release -sc)-x86_64-basic/ref/master $(lsb_release -sc) main | sudo tee /etc/apt/sources.list.d/ceph-apache.list
#. Add a ``ceph-fastcgi.list`` file to your APT sources. ::
echo deb http://gitbuilder.ceph.com/libapache-mod-fastcgi-deb-$(lsb_release -sc)-x86_64-basic/ref/master $(lsb_release -sc) main | sudo tee /etc/apt/sources.list.d/ceph-fastcgi.list
#. Update your repository and install Apache and FastCGI::
sudo apt-get update && sudo apt-get install apache2 libapache2-mod-fastcgi
RPM Packages
------------
To install Apache with 100-continue, execute the following steps:
#. Install ``yum-plugin-priorities``. ::
sudo yum install yum-plugin-priorities
#. Ensure ``/etc/yum/pluginconf.d/priorities.conf`` exists.
#. Ensure ``priorities.conf`` enables the plugin. ::
[main]
enabled = 1
#. Add a ``ceph-apache.repo`` file to ``/etc/yum.repos.d``. Replace
``{distro}`` with the name of your distribution (e.g., ``centos6``,
``rhel6``, etc.) ::
[apache2-ceph-noarch]
name=Apache noarch packages for Ceph
baseurl=http://gitbuilder.ceph.com/apache2-rpm-{distro}-x86_64-basic/ref/master
enabled=1
priority=2
gpgcheck=1
type=rpm-md
gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/autobuild.asc
[apache2-ceph-source]
name=Apache source packages for Ceph
baseurl=http://gitbuilder.ceph.com/apache2-rpm-{distro}-x86_64-basic/ref/master
enabled=0
priority=2
gpgcheck=1
type=rpm-md
gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/autobuild.asc
#. Add a ``ceph-fastcgi.repo`` file to ``/etc/yum.repos.d``. Replace
``{distro}`` with the name of your distribution (e.g., ``centos6``,
``rhel6``, etc.) ::
[fastcgi-ceph-basearch]
name=FastCGI basearch packages for Ceph
baseurl=http://gitbuilder.ceph.com/mod_fastcgi-rpm-{distro}-x86_64-basic/ref/master
enabled=1
priority=2
gpgcheck=1
type=rpm-md
gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/autobuild.asc
[fastcgi-ceph-noarch]
name=FastCGI noarch packages for Ceph
baseurl=http://gitbuilder.ceph.com/mod_fastcgi-rpm-{distro}-x86_64-basic/ref/master
enabled=1
priority=2
gpgcheck=1
type=rpm-md
gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/autobuild.asc
[fastcgi-ceph-source]
name=FastCGI source packages for Ceph
baseurl=http://gitbuilder.ceph.com/mod_fastcgi-rpm-{distro}-x86_64-basic/ref/master
enabled=0
priority=2
gpgcheck=1
type=rpm-md
gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/autobuild.asc
If the repository doesn't have a ``noarch`` section, you may remove the
``noarch`` entry above.
#. Update your repository. On RHEL systems, enable the
``rhel-6-server-optional-rpms`` repository. ::
sudo yum update --enablerepo=rhel-6-server-optional-rpms
#. Install Apache and FastCGI. ::
sudo yum update && sudo yum install httpd mod_fastcgi
Configure Apache/FastCGI
========================
To complete the installation, ensure that you have the rewrite module
enabled and FastCGI enabled. The steps differ slightly based upon the
type of package installation.
Debian-based Packages
---------------------
#. Open the ``apache2.conf`` file. ::
#. Open the `apache2.conf` file::
sudo vim /etc/apache2/apache2.conf
#. Add a line for the ``ServerName`` in the Apache configuration file.
Provide the fully qualified domain name of the server machine
(e.g., ``hostname -f``). ::
#. Add a line for the `ServerName` in the Apache configuration file. Provide
the fully qualified domain name of the server machine (e.g., hostname -f)::
ServerName {fqdn}
#. Enable the URL rewrite modules for Apache and FastCGI. ::
#. Update `/etc/apache2/apache2.conf` to load `mod_proxy_fcgi` module. Add the
following to the file::
sudo a2enmod rewrite
sudo a2enmod fastcgi
<IfModule !proxy_fcgi_module>
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
</IfModule>
#. Edit the line `Listen 80` in `/etc/apache2/apache2.conf` with the public IP
address of the host that you are configuring as a gateway server. Write
`Listen {IP ADDRESS}:80` in place of `Listen 80`.
#. Restart Apache so that the foregoing changes take effect. ::
#. Start Apache service::
sudo service apache2 restart
sudo service apache2 start
RPM-based distros
-----------------
RPM-based Packages
------------------
#. Open the ``httpd.conf`` file. ::
#. Open the `httpd.conf` file::
sudo vim /etc/httpd/conf/httpd.conf
#. Uncomment ``#ServerName`` and add the name of your server.
Provide the fully qualified domain name of the server machine
(e.g., ``hostname -f``).::
#. Uncomment `#ServerName` in the file and add the name of your server. Provide
the fully qualified domain name of the server machine (e.g., `hostname -f`)::
ServerName {fqdn}
#. Ensure that the Rewrite module is enabled. ::
#. Update `/etc/httpd/conf/httpd.conf` to load `mod_proxy_fcgi` module. Add the
following to the file::
#if not present, add:
LoadModule rewrite_module modules/mod_rewrite.so
<IfModule !proxy_fcgi_module>
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
</IfModule>
#. Save the ``httpd.conf`` file.
#. Edit the line `Listen 80` in `/etc/httpd/conf/httpd.conf` with the public IP
address of the host that you are configuring as a gateway server.Write
`Listen {IP ADDRESS}:80` in place of `Listen 80`.
#. Ensure that the FastCGI module is enabled. The installer should
include an ``/etc/httpd/conf.d/fastcgi.conf`` file that loads the
FastCGI module. ::
#. Start httpd service
#if not present, add:
LoadModule fastcgi_module modules/mod_fastcgi.so
Execute::
#. Restart Apache so that the foregoing changes take effect.. ::
sudo service httpd start
sudo /etc/init.d/httpd restart
Or::
sudo systemctl start httpd
Enable SSL
@ -236,25 +119,25 @@ for Apache. Use the following procedures to enable SSL.
a SSL certificate from a trusted authority to use those client APIs.
Debian Packages
---------------
Debian-based distros
--------------------
To enable SSL for Debian/Ubuntu systems, execute the following steps:
To enable SSL on Debian-based distros, execute the following steps:
#. Ensure that you have installed the dependencies. ::
#. Ensure that you have installed the dependencies::
sudo apt-get install openssl ssl-cert
#. Enable the SSL module. ::
#. Enable the SSL module::
sudo a2enmod ssl
#. Generate a certificate. ::
#. Generate a certificate::
sudo mkdir /etc/apache2/ssl
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
#. Restart Apache. ::
#. Restart Apache::
sudo service apache2 restart
@ -262,93 +145,60 @@ To enable SSL for Debian/Ubuntu systems, execute the following steps:
See the `Ubuntu Server Guide`_ for additional details.
RPM Packages
------------
RPM-based distros
-----------------
To enable SSL for RPM-based systems, execute the following steps:
To enable SSL on RPM-based distros, execute the following steps:
#. Ensure that you have installed the dependencies. ::
#. Ensure that you have installed the dependencies::
sudo yum install mod_ssl openssl
#. Generate private key. ::
#. Generate private key::
openssl genrsa -out ca.key 2048
#. Generate CSR. ::
#. Generate CSR::
openssl req -new -key ca.key -out ca.csr
#. Generate a certificate. ::
#. Generate a certificate::
openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
#. Copy the files to appropriate locations. ::
#. Copy the files to appropriate locations::
cp ca.crt /etc/pki/tls/certs
cp ca.key /etc/pki/tls/private/ca.key
cp ca.csr /etc/pki/tls/private/ca.csr
sudo cp ca.crt /etc/pki/tls/certs
sudo cp ca.key /etc/pki/tls/private/ca.key
sudo cp ca.csr /etc/pki/tls/private/ca.csr
#. Update the Apache SSL configuration file ``/etc/httpd/conf.d/ssl.conf``.
Give the correct location of ``SSLCertificateFile``. ::
Give the correct location of ``SSLCertificateFile``::
SSLCertificateFile /etc/pki/tls/certs/ca.crt
Give the correct location of ``SSLCertificateKeyFile``. ::
Give the correct location of ``SSLCertificateKeyFile``::
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
Save the changes.
Save the changes.
#. Restart Apache. ::
#. Restart Apache.
sudo /etc/init.d/httpd restart
Execute::
sudo service httpd restart
Or::
sudo systemctl restart httpd
See `Setting up an SSL secured Webserver with CentOS`_ for additional details.
Add Wildcard to DNS
===================
To use Ceph with S3-style subdomains (e.g., ``bucket-name.domain-name.com``),
you need to add a wildcard to the DNS record of the DNS server you use with the
``radosgw`` daemon.
.. tip:: The address of the DNS must also be specified in the Ceph
configuration file with the ``rgw dns name = {hostname}`` setting.
For ``dnsmasq``, consider addding the following ``address`` setting with a dot
(.) prepended to the host name::
address=/.{hostname-or-fqdn}/{host-ip-address}
address=/.ceph-node/192.168.0.1
For ``bind``, consider adding the a wildcard to the DNS record::
$TTL 604800
@ IN SOA ceph-node. root.ceph-node. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ceph-node.
@ IN A 192.168.122.113
* IN CNAME @
Restart your DNS server and ping your server with a subdomain to
ensure that your Ceph Object Store ``radosgw`` daemon can process
the subdomain requests. ::
ping mybucket.{fqdn}
ping mybucket.ceph-node
Install Ceph Object Gateway
===========================
Install Ceph Object Gateway Daemon
==================================
Ceph Object Storage services use the Ceph Object Gateway daemon (``radosgw``)
to enable the gateway. For federated architectures, the synchronization
@ -356,10 +206,11 @@ agent (``radosgw-agent``) provides data and metadata synchronization between
zones and regions.
Debian Packages
---------------
Debian-based distros
--------------------
To install the Ceph Object Gateway daemon, execute the following::
To install the Ceph Object Gateway daemon on the `gateway host`, execute the
following::
sudo apt-get install radosgw
@ -370,13 +221,13 @@ following::
sudo apt-get install radosgw-agent
RPM Packages
------------
RPM-based distros
-----------------
To install the Ceph Object Gateway daemon, execute the
To install the Ceph Object Gateway daemon on the `gateway host`, execute the
following::
sudo yum install ceph-radosgw ceph
sudo yum install ceph-radosgw
To install the Ceph Object Gateway synchronization agent, execute the
@ -401,13 +252,8 @@ to configure your Ceph Object Gateway. There are two approaches:
Ceph Object Gateway instances with regions and zones.
Choose the approach that best reflects your cluster.
.. _Get Packages: ../get-packages
.. _Ubuntu Server Guide: https://help.ubuntu.com/12.04/serverguide/httpd.html
.. _Setting up an SSL secured Webserver with CentOS: http://wiki.centos.org/HowTos/Https
.. _RFC 2616, Section 8: http://www.w3.org/Protocols/rfc2616/rfc2616-sec8.html
.. _gitbuilder.ceph.com: http://gitbuilder.ceph.com
.. _Installing YUM Priorities: ../yum-priorities
.. _simple: ../../radosgw/config
.. _federated: ../../radosgw/federated-config