作者：尹正杰
版权声明：原创作品，谢绝转载！否则将追究法律责任。

一.Swift概述

1.Switft API接口概述

swift的用户账号对应radosgw中的subuser(子用户)，它隶属于某个事先存在的user(用户账号)。

Swift API的上下文中，存储桶以container表示，而非S3中的bucket，但二者在功能上相似，都是对象数据的容器。

Python swiftclient时一个用于和swift API交互的python客户端程序，它包含了Python API(swift模块)和一个swift命令。

swift命令可以通过Swift API完成容器和对象数据的管理操作。

2.swift实现的基本逻辑

- 1.创建专属的用户名和子用户授权;
- 2.安装专属的客户端命令和python模块;
- 3.配置专属的认证配置文件;
- 4.综合测试swift的资源对象管理;

二.swift命令行配置实战

1.创建swift的实践用户

    1.创建账号
[root@ceph141 ~]# radosgw-admin user create --uid "yinzhengjie" --display-name "尹正杰"
{
    "user_id": "yinzhengjie",
    "display_name": "尹正杰",
    "email": "",
    "suspended": 0,
    "max_buckets": 1000,
    "subusers": [],
    "keys": [
        {
            "user": "yinzhengjie",
            "access_key": "M25RJ5F8XLNVUY4ORF6Z",
            "secret_key": "lk7c4eNCAkTOfaI3BuOcct70peebF2CCPUKpR6s5"
        }
    ],
    "swift_keys": [],
    "caps": [],
    "op_mask": "read, write, delete",
    "default_placement": "",
    "default_storage_class": "",
    "placement_tags": [],
    "bucket_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "user_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "temp_url_keys": [],
    "type": "rgw",
    "mfa_ids": []
}

[root@ceph141 ~]# 


    2.查看账号列表
[root@ceph141 ~]# radosgw-admin user list
[
    "dashboard",
    "yinzhengjie"
]
[root@ceph141 ~]#

2.基于现有用户创建子用户

[root@ceph141 ~]# radosgw-admin subuser create --uid yinzhengjie --subuser=yinzhengjie:swift --access=full
{
    "user_id": "yinzhengjie",
    "display_name": "尹正杰",
    "email": "",
    "suspended": 0,
    "max_buckets": 1000,
    "subusers": [
        {
            "id": "yinzhengjie:swift",
            "permissions": "full-control"
        }
    ],
    "keys": [
        {
            "user": "yinzhengjie",
            "access_key": "M25RJ5F8XLNVUY4ORF6Z",
            "secret_key": "lk7c4eNCAkTOfaI3BuOcct70peebF2CCPUKpR6s5"
        }
    ],
    "swift_keys": [
        {
            "user": "yinzhengjie:swift",
            "secret_key": "JW9ZWMFX7fZsiaWVMBvbg1q8JA5NA4FA69Ab6z4W"
        }
    ],
    "caps": [],
    "op_mask": "read, write, delete",
    "default_placement": "",
    "default_storage_class": "",
    "placement_tags": [],
    "bucket_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "user_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "temp_url_keys": [],
    "type": "rgw",
    "mfa_ids": []
}

[root@ceph141 ~]#

3.基于子用户生成secret_key信息

[root@ceph141 ~]# radosgw-admin key create --subuser=yinzhengjie:swift --key-type=swift --gen-secret
{
    "user_id": "yinzhengjie",
    "display_name": "尹正杰",
    "email": "",
    "suspended": 0,
    "max_buckets": 1000,
    "subusers": [
        {
            "id": "yinzhengjie:swift",
            "permissions": "full-control"
        }
    ],
    "keys": [
        {
            "user": "yinzhengjie",
            "access_key": "M25RJ5F8XLNVUY4ORF6Z",
            "secret_key": "lk7c4eNCAkTOfaI3BuOcct70peebF2CCPUKpR6s5"
        }
    ],
    "swift_keys": [
        {
            "user": "yinzhengjie:swift",
            "secret_key": "trAYFVL6Gb26BLLqdaDznoS1vhBfs1ZR8K18jUjR"
        }
    ],
    "caps": [],
    "op_mask": "read, write, delete",
    "default_placement": "",
    "default_storage_class": "",
    "placement_tags": [],
    "bucket_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "user_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "temp_url_keys": [],
    "type": "rgw",
    "mfa_ids": []
}

[root@ceph141 ~]#

4.安装swift命令

    1.安装工具包
[root@ceph141 ~]# apt -y install python-setuptools python3-pip

    2.安装python-swiftclient
[root@ceph141 ~]# pip install python-swiftclient==4.6.0


温馨提示:
    - 1.安装swiftclient命令时一定要注意版本python 3.6+
    - 2.swiftclient官方链接: 
        https://pypi.org/project/python-swiftclient/    
    - 3.swift命令格式解析:
        swift -A 认证URL/auth -U 用户名:swift -K secret_key COMMAND

5.配置swift的环境变量

    1.如上图所示，swift命令测试效果没有需配置环境变量，但是会让命令后很长
[root@ceph141 ~]# s3cmd ls s3://yinzhengjie-rgw/
2024-08-29 23:55           35  s3://yinzhengjie-rgw/blog.txt
[root@ceph141 ~]# 
[root@ceph141 ~]# swift -A http://ceph142/auth -U yinzhengjie:swift -K trAYFVL6Gb26BLLqdaDznoS1vhBfs1ZR8K18jUjR list yinzhengjie-rgw
blog.txt
[root@ceph141 ~]# 


    2.配置swift环境变量
[root@ceph141 ~]# cat > ~/.swift <<EOF
export ST_AUTH=http://ceph142/auth
export ST_USER=yinzhengjie:swift
export ST_KEY=trAYFVL6Gb26BLLqdaDznoS1vhBfs1ZR8K18jUjR
EOF
[root@ceph141 ~]# 
[root@ceph141 ~]# source ~/.swift 
[root@ceph141 ~]# 

    3.如下图所示，测试效果很明显，无需在命令行中加一堆参数啦
[root@ceph141 ~]# swift list  # 查看所有的存储桶
yinzhengjie-rgw
[root@ceph141 ~]# 
[root@ceph141 ~]# swift list yinzhengjie-rgw  # 查看指定存储桶的对象名称
blog.txt
[root@ceph141 ~]# 
[root@ceph141 ~]# swift stat
                                    Account: v1
                                 Containers: 1
                                    Objects: 1
                                      Bytes: 35
   Containers in policy "default-placement": 1
      Objects in policy "default-placement": 1
        Bytes in policy "default-placement": 35
Objects in policy "default-placement-bytes": 0
  Bytes in policy "default-placement-bytes": 0
                                X-Timestamp: 1725028907.96608
                X-Account-Bytes-Used-Actual: 4096
                                 X-Trans-Id: tx000003b4b5d13346aa241-0066d1da2b-12179-default
                     X-Openstack-Request-Id: tx000003b4b5d13346aa241-0066d1da2b-12179-default
                              Accept-Ranges: bytes
                               Content-Type: text/plain; charset=utf-8
                                 Connection: Keep-Alive
[root@ceph141 ~]#

三swift常用的命令实操

1.查看存储桶列表

[root@ceph141 ~]# swift list 
yinzhengjie-rgw
[root@ceph141 ~]#
[root@ceph141 ~]# swift list yinzhengjie-rgw  # 查看指定存储桶的对象
blog.txt
[root@ceph141 ~]#

2.创建存储桶

[root@ceph141 ~]# swift post yinzhengjie-swift
[root@ceph141 ~]# 
[root@ceph141 ~]# swift list 
yinzhengjie-rgw
yinzhengjie-swift
[root@ceph141 ~]#

3.删除存储桶

[root@ceph141 ~]# swift delete yinzhengjie-swift
yinzhengjie-swift
[root@ceph141 ~]# 
[root@ceph141 ~]# swift list 
yinzhengjie-rgw
[root@ceph141 ~]#

4.上传文件或目录

    1.上传文件
[root@ceph141 ~]# swift list yinzhengjie-rgw
blog.txt
[root@ceph141 ~]# 
[root@ceph141 ~]# swift upload yinzhengjie-rgw /etc/os-release 
etc/os-release
[root@ceph141 ~]# 
[root@ceph141 ~]# swift list yinzhengjie-rgw
blog.txt
etc/os-release
[root@ceph141 ~]# 


    2.上传目录，和上传文件相同
[root@ceph141 ~]# ls /yinzhengjie/ -R
/yinzhengjie/:
data

/yinzhengjie/data:
rbd0  rbd1  rbd2  wp01

/yinzhengjie/data/rbd0:

/yinzhengjie/data/rbd1:

/yinzhengjie/data/rbd2:

/yinzhengjie/data/wp01:
[root@ceph141 ~]# 
[root@ceph141 ~]# swift upload yinzhengjie-rgw /yinzhengjie
yinzhengjie/data/rbd1
yinzhengjie/data/rbd2
yinzhengjie/data/rbd0
yinzhengjie/data/wp01
[root@ceph141 ~]#
[root@ceph141 ~]# swift list yinzhengjie-rgw
blog.txt
etc/os-release
yinzhengjie/data/rbd0
yinzhengjie/data/rbd1
yinzhengjie/data/rbd2
yinzhengjie/data/wp01
[root@ceph141 ~]#

5.下载文件或目录

    1.下载文件
[root@ceph141 ~]# swift download yinzhengjie-rgw etc/os-release
etc/os-release [auth 0.005s, headers 0.015s, total 0.015s, 0.036 MB/s]
[root@ceph141 ~]# 
[root@ceph141 ~]# ll etc/os-release 
-rw-r--r-- 1 root root 386 Feb 14  2024 etc/os-release
[root@ceph141 ~]# 


    2.下载目录
[root@ceph141 ~]# swift download yinzhengjie-rgw --prefix='yinzhengjie/data'
yinzhengjie/data/wp01 [auth 0.007s, headers 0.018s, total 0.019s, 0.000 MB/s]
yinzhengjie/data/rbd1 [auth 0.012s, headers 0.023s, total 0.025s, 0.000 MB/s]
yinzhengjie/data/rbd0 [auth 0.009s, headers 0.019s, total 0.019s, 0.000 MB/s]
yinzhengjie/data/rbd2 [auth 0.014s, headers 0.021s, total 0.022s, 0.000 MB/s]
[root@ceph141 ~]# 
[root@ceph141 ~]# ll yinzhengjie/data/
total 24
drwxr-xr-x 6 root root 4096 Aug 30 23:30 ./
drwxr-xr-x 3 root root 4096 Aug 30 23:30 ../
drwxr-xr-x 2 root root 4096 Aug 30 23:30 rbd0/
drwxr-xr-x 2 root root 4096 Aug 30 23:30 rbd1/
drwxr-xr-x 2 root root 4096 Aug 30 23:30 rbd2/
drwxr-xr-x 2 root root 4096 Aug 30 23:30 wp01/
[root@ceph141 ~]# 

    3.下载所有
[root@ceph141 ~]# swift download --all

6.删除文件或目录

    1.删除文件
[root@ceph141 ~]# swift list yinzhengjie-rgw
blog.txt
etc/os-release
yinzhengjie/data/rbd0
yinzhengjie/data/rbd1
yinzhengjie/data/rbd2
yinzhengjie/data/wp01
[root@ceph141 ~]# 
[root@ceph141 ~]# swift delete yinzhengjie-rgw etc/os-release
etc/os-release
[root@ceph141 ~]# 
[root@ceph141 ~]# swift list yinzhengjie-rgw
blog.txt
yinzhengjie/data/rbd0
yinzhengjie/data/rbd1
yinzhengjie/data/rbd2
yinzhengjie/data/wp01
[root@ceph141 ~]# 

    2.删除目录
[root@ceph141 ~]# swift list yinzhengjie-rgw
blog.txt
yinzhengjie/data/rbd0
yinzhengjie/data/rbd1
yinzhengjie/data/rbd2
yinzhengjie/data/wp01
[root@ceph141 ~]# 
[root@ceph141 ~]# swift delete yinzhengjie-rgw --prefix='yinzhengjie/data'
yinzhengjie/data/rbd1
yinzhengjie/data/rbd2
yinzhengjie/data/rbd0
yinzhengjie/data/wp01
[root@ceph141 ~]# 
[root@ceph141 ~]# swift list yinzhengjie-rgw
blog.txt
[root@ceph141 ~]# 

    3.删除所有存储桶
[root@ceph141 ~]# swift delete --all
yinzhengjie-rgw/blog.txt
yinzhengjie-rgw
[root@ceph141 ~]# 
[root@ceph141 ~]# swift list 
[root@ceph141 ~]#