Add keystone support with swift.

13 years ago · 45c5113701
parent 5ab5b22932
commit 45c5113701
4 changed files with 35 additions and 7 deletions
--- a/files/keystone_data.sh
+++ b/files/keystone_data.sh
@ -30,12 +30,13 @@ $BIN_DIR/keystone-manage $* role grant KeystoneServiceAdmin admin
 $BIN_DIR/keystone-manage $* service add nova compute "Nova Compute Service"
 $BIN_DIR/keystone-manage $* service add glance image "Glance Image Service"
 $BIN_DIR/keystone-manage $* service add keystone identity "Keystone Identity Service"
+$BIN_DIR/keystone-manage $* service add swift object-store "Swift Service"

 #endpointTemplates
 $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id%  http://%HOST_IP%:8774/v1.1/%tenant_id% 1 1
 $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne glance http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% 1 1
 $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://%HOST_IP%:5000/v2.0 http://%HOST_IP%:35357/v2.0 http://%HOST_IP%:5000/v2.0 1 1
-# $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%HOST_IP%:8080/v1/AUTH_%tenant_id% http://%HOST_IP%:8080/ http://%HOST_IP%:8080/v1/AUTH_%tenant_id% 1 1
+$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%HOST_IP%:8080/v1/AUTH_%tenant_id% http://%HOST_IP%:8080/ http://%HOST_IP%:8080/v1/AUTH_%tenant_id% 1 1

 # Tokens
 $BIN_DIR/keystone-manage $* token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00
--- a/files/swift-proxy-server.conf
+++ b/files/swift-proxy-server.conf
@ -4,13 +4,18 @@ user = stack
 log_facility = LOG_LOCAL1

 [pipeline:main]
-pipeline = healthcheck cache tempauth proxy-server
+pipeline = healthcheck cache %AUTH_SERVER% proxy-server

 [app:proxy-server]
 use = egg:swift#proxy
 allow_account_management = true
 account_autocreate = true

+[filter:keystone]
+use = egg:swiftkeystone2#keystone2
+keystone_admin_token = %SERVICE_TOKEN%
+keystone_url = http://localhost:35357/v2.0
+
 [filter:tempauth]
 use = egg:swift#tempauth
 user_admin_admin = admin .admin .reseller_admin
--- a/stack.sh
+++ b/stack.sh
@ -151,6 +151,7 @@ NOVACLIENT_DIR=$DEST/python-novaclient
 OPENSTACKX_DIR=$DEST/openstackx
 NOVNC_DIR=$DEST/noVNC
 SWIFT_DIR=$DEST/swift
+SWIFT_KEYSTONE_DIR=$DEST/swift-keystone2

 # Specify which services to launch.  These generally correspond to screen tabs
 ENABLED_SERVICES=${ENABLED_SERVICES:-g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,horizon,mysql,rabbit,swift}
@ -363,6 +364,8 @@ function git_clone {
 git_clone $NOVA_REPO $NOVA_DIR $NOVA_BRANCH
 # storage service
 git_clone $SWIFT_REPO $SWIFT_DIR $SWIFT_BRANCH
+# swift + keystone middleware
+git_clone $SWIFT_KEYSTONE_REPO $SWIFT_KEYSTONE_DIR $SWIFT_KEYSTONE_BRANCH
 # image catalog service
 git_clone $GLANCE_REPO $GLANCE_DIR $GLANCE_BRANCH
 # unified auth system (manages accounts/tokens)
@ -385,6 +388,7 @@ git_clone $OPENSTACKX_REPO $OPENSTACKX_DIR $OPENSTACKX_BRANCH
 # allowing ``import nova`` or ``import glance.client``
 cd $KEYSTONE_DIR; sudo python setup.py develop
 cd $SWIFT_DIR; sudo python setup.py develop
+cd $SWIFT_KEYSTONE_DIR; sudo python setup.py develop
 cd $GLANCE_DIR; sudo python setup.py develop
 cd $NOVACLIENT_DIR; sudo python setup.py develop
 cd $NOVA_DIR; sudo python setup.py develop
@ -648,9 +652,18 @@ EOF
   # Add rsync file
   sed -e "s,%SWIFT_LOCATION%,$SWIFT_LOCATION," $FILES/swift-rsyncd.conf | sudo tee /etc/rsyncd.conf
   sudo sed -i '/^RSYNC_ENABLE=false/ { s/false/true/ }' /etc/default/rsync
-   
-   # Copy proxy-server configuration
-   cp $FILES/swift-proxy-server.conf /etc/swift/proxy-server.conf
+
+   if [[ "$ENABLED_SERVICES" =~ "key" ]]; then
+       swift_auth_server=keystone
+       # Temporary until we get this integrated in swift.
+       sudo curl -s -o/usr/local/bin/swift \
+           'https://review.openstack.org/gitweb?p=openstack/swift.git;a=blob_plain;f=bin/swift;hb=48bfda6e2fdf3886c98bd15649887d54b9a2574e'
+   else
+       swift_auth_server=tempauth
+   fi
+
+   sed "s/%SERVICE_TOKEN%/${SERVICE_TOKEN}/;s/%AUTH_SERVER%/${swift_auth_server}/" \
+       $FILES/swift-proxy-server.conf|sudo tee  /etc/swift/proxy-server.conf

   # Generate swift.conf, we need to have the swift-hash being random
   # and unique.
@ -664,6 +677,8 @@ EOF
       local server_type=$1
       local bind_port=$2
       local log_facility=$3
+       local node_number
+       
       for node_number in {1..4};do
           node_path=${SWIFT_LOCATION}/${node_number}
           sed -e "s,%NODE_PATH%,${node_path},;s,%BIND_PORT%,${bind_port},;s,%LOG_FACILITY%,${log_facility}," \
@ -693,8 +708,7 @@ EOF
   
   # This should work (tempauth)
   # swift -A http://127.0.0.1:8080/auth/v1.0 -U test:tester -K testing stat
-   unset s swift_hasH
-   
+   unset s swift_hash swift_auth_server tmpd
 fi

 # Volume Service
@ -976,6 +990,10 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then
    echo "examples on using novaclient command line is in exercise.sh"
    echo "the default users are: admin and demo"
    echo "the password: $ADMIN_PASSWORD"
+    if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
+        echo "Swift: swift --auth-version 2 -A http://${HOST_IP}:5000/v2.0 -U admin:admin -K $ADMIN_PASSWORD stat"
+    fi
+
 fi

 # indicate how long this took to run (bash maintained variable 'SECONDS')
--- a/4
+++ b/4
@ -6,6 +6,10 @@ NOVA_BRANCH=diablo
 SWIFT_REPO=https://github.com/openstack/swift.git
 SWIFT_BRANCH=1.4.3

+# swift and keystone integration
+SWIFT_KEYSTONE_REPO=https://github.com/cloudbuilders/swift-keystone2.git
+SWIFT_KEYSTONE_BRANCH=master
+
 # image catalog service
 GLANCE_REPO=https://github.com/cloudbuilders/glance.git
 GLANCE_BRANCH=diablo