Ask Your Question
0

swift and Cyberduck

asked 2011-08-24 07:11:58 -0600

chaupv79 gravatar image

Hi everybody

Can someone show me how to make a connection between cyberduck in window to swift storage?

currently i have a situation as below

1) I have swift.1.4.3 installed, I have swauth1.0.2 installed

  • I have already created an admin user:

    swauth-add-user -A http://192.168.0.82:8080/auth/ -K secure_key -a test tester testing

  • And make sure it works:

    swift -A http://192.168.0.82:8080/auth/v1.0 -U test:tester -K testing stat -v

2) I have cyberduck 4.1 installed on window7

=> my problem is: when I make a connection on Swift(Open Stack storage) to my swift on ubuntu 10.04 LTS then it requires user and API Access key

I input as below

username: test.tester API access key: testing

my purpose is to see something like picture or files that stored in ubuntu swift will display in cyberduck,

But...

after a while, cyberduck authenticating as test.tester then, it returns nothing, there is no cyberduck swift connection displaying.

Can anyone help me on this matter?

Thank in advance

edit retag flag offensive close merge delete
add a comment

30 answers

Sort by » oldest newest most voted
123next »
1

answered 2012-06-24 08:39:06 -0600

jih1103 gravatar image

If you want to make any user or container, then use the 'curl' and upload/download/verify the stat or list ... then use the 'swift'

EX:> curl>>**************************

>> Below, I have made the user 'ssluser', accout 'sslacct', and password 'sslpass'

curl -k -v -H 'X-Storage-User: sslacct:ssluser' -H 'X-Storage-Pass: sslpass' https://192.168.56.101/auth/v1.0

  • About to connect() to 192.168.56.101 port 443 (#0)
  • Trying 192.168.56.101... connected
  • Connected to 192.168.56.101 (192.168.56.101) port 443 (#0)
  • successfully set certificate verify locations:
  • CAfile: none CApath: /etc/ssl/certs
  • SSLv3, TLS handshake, Client hello (1):
  • SSLv3, TLS handshake, Server hello (2):
  • SSLv3, TLS handshake, CERT (11):
  • SSLv3, TLS handshake, Server finished (14):
  • SSLv3, TLS handshake, Client key exchange (16):
  • SSLv3, TLS change cipher, Client hello (1):
  • SSLv3, TLS handshake, Finished (20):
  • SSLv3, TLS change cipher, Client hello (1):
  • SSLv3, TLS handshake, Finished (20):
  • SSL connection using AES256-SHA
  • Server certificate:
  • subject: C=KO; emailAddress=jih1103@paran.com
  • start date: 2012-06-21 06:21:35 GMT
  • expire date: 2012-07-21 06:21:35 GMT
  • SSL: unable to obtain common name from peer certificate > GET /auth/v1.0 HTTP/1.1 > User-Agent: curl/7.21.3 (x86_64-pc-linux-gnu) libcurl/7.21.3 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.18 > Host: 192.168.56.101 > Accept: / > X-Storage-User: sslacct:ssluser > X-Storage-Pass: sslpass > < HTTP/1.1 200 OK < X-Storage-Url: https://127.0.0.1/v1/AUTH_65918ac5-ec88-4b32-8509-b68fd019d6bb (https://127.0.0.1/v1/AUTH_65918ac5-ec...) < X-Storage-Token: AUTH_tkf7f78ee834784f9aa557b658a85cdebc < X-Auth-Token: AUTH_tkf7f78ee834784f9aa557b658a85cdebc < Content-Length: 108 < Date: Thu, 21 Jun 2012 06:55:00 GMT <
  • Connection #0 to host 192.168.56.101 left intact
  • Closing connection #0
  • SSLv3, TLS alert, Client hello (1): {"storage": {"default": "local", "local": "https://127.0.0.1/v1/AUTH_65918ac5-ec88-4b32-8509-b68fd019d6bb"}}root@swiftmain:/etc/swift# curl -k -i -H "X-Auth-Token: AUTH_tkf7f78ee834784f9aa557b658a85cdebc" -X PUT https://127.0.0.1/v1/AUTH_65918ac5-ec88-4b32-8509-b68fd019d6bb/sslcontainer (https://127.0.0.1/v1/AUTH_65918ac5-ec...) HTTP/1.1 201 Created Content-Length: 18 Content-Type: text/html; charset=UTF-8 Date: Thu, 21 Jun 2012 07:00:07 GMT

201 Created

>> Below, I have made the container 'sslcontainer'

curl -k -i -H "X-Auth-Token: AUTH_tkf7f78ee834784f9aa557b658a85cdebc" -X PUT https://127.0.0.1/v1/AUTH_65918ac5-ec88-4b32-8509-b68fd019d6bb/sslcontainer (https://127.0.0.1/v1/AUTH_65918ac5-ec...) HTTP/1.1 201 Created Content-Length: 18 Content-Type: text/html; charset=UTF-8 Date: Thu, 21 Jun 2012 07:00:07 GMT

201 Created

swift>>************************

>> Below, I have up/down/check the object in any container : lib.tar is object, sslcont1 is container, and sslacct:ssluser is account...

swift -v -A https://192.168.56.101/auth/v1.0 -U sslacct:ssluser -K sslpass upload sslcont1 lib.tar

lib.tar

swift -v -A https://192.168.56.101/auth/v1.0 -U sslacct:ssluser -K sslpass download sslcont1 lib.tar

lib.tar

swift -v -A https://192.168.56.101/auth/v1.0 -U sslacct:ssluser -K sslpass delete sslcont1 lib.tar

lib.tar

root@swiftmain:~# swift -v -A https://192.168.56.101/auth/v1.0 -U ... (more)

edit flag offensive delete link more
add a comment
0

answered 2011-08-26 14:51:09 -0600

chaupv79 gravatar image

I will wait for your answer, Marcelo

Thank you

edit flag offensive delete link more
add a comment
0

answered 2011-09-11 09:19:19 -0600

joe-arnold gravatar image

Hi Moubariksiham, What happens when do you do what it says and use the '-k' option with curl? -Joe Arnold

edit flag offensive delete link more
add a comment
0

answered 2011-09-15 05:08:28 -0600

chaupv79 gravatar image

Hi Moubariksiham,

Marcelo has answered you, now you have a right person to ask.

@Marcelo: I just guess for the situation

Thank You

edit flag offensive delete link more
add a comment
0

answered 2011-09-15 10:55:32 -0600

moubarik-siham gravatar image

Hi everybody, thank you so much for your suggestion, it helps me a lot so here is what done

i installed swift-1.4.2 and swauth.1.0.2, and i modified the porxy-server.conf here is the result :

+++++++++++++++++++/etc/swift/proxy-serve.conf+++++++++++++++++++++++++++++++++

[DEFAULT] bind_port = 443 #bind_ip = 192.168.3.20 user = root log_facility = LOG_LOCAL1 cert_file = /etc/swift/cert.crt key_file = /etc/swift/cert.key

[pipeline:main] pipeline = healthcheck cache tempauth proxy-server

[app:proxy-server] use = egg:swift#proxy allow_account_management = true

[filter:tempauth] use = egg:swift#tempauth user_admin_admin = admin .admin .reseller_admin user_test_tester = testing .admin https://192.168.3.20:443/v1/AUTH_test user_test2_tester2 = testing2 .admin user_test3_tester3 = testing3 .admin

[filter:swauth] use = egg:swift#swauth default_swift_cluster = local#https://192.168.3.20:443/v1#https://127.0.0.1:443/v1 user_admin_admin = admin .admin .reseller_admin user_test_tester = testing .admin https://192.168.3.20:443/v1/AUTH_test user_test2_tester2 = testing2 .admin user_test7_tester7 = testing7. admin user_test3_tester3 = testing3 .admin

[filter:healthcheck] use = egg:swift#healthcheck

[filter:cache] use = egg:swift#memcache memcache_servers = 192.168.3.20:11211 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ but i can't create another user: so i used test:tester testing and test2:tester2 testing2 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ oot@dtv-110702:/etc/swift# curl -k -v -H 'X-Storage-User: test2:tester2' -H 'X-Storage-Pass: testing2' https://192.168.3.20/auth/v1.0 * About to connect() to 192.168.3.20 port 443 (#0) * Trying 192.168.3.20... connected * Connected to 192.168.3.20 (192.168.3.20) port 443 (#0) * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using AES256-SHA * Server certificate: * subject: C=af; ST=maarif; L=casablanca; O=netfective; OU=ne; CN=r00t; emailAddress=moubarik.siham@yahoo.fr * start date: 2011-09-14 09:49:39 GMT * expire date: 2011-10-14 09:49:39 GMT * common name: r00t (does not match '192.168.3.20') * issuer: C=af; ST=maarif; L=casablanca; O=netfective; OU=ne; CN=r00t; emailAddress=moubarik.siham@yahoo.fr * SSL certificate verify result: self signed certificate (18), continuing anyway.

GET /auth/v1.0 HTTP/1.1 User-Agent: curl/7.21.3 (x86_64-pc-linux-gnu) libcurl/7.21.3 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.18 Host: 192.168.3.20 Accept: / X-Storage-User: test2:tester2 X-Storage-Pass: testing2

< HTTP/1.1 200 OK < X-Storage-Url: https://127.0.0.1:443/v1/AUTH_test2 < X-Storage-Token: AUTH_tkafc1df9ed9494caeb013500aadbdecf7 < X-Auth-Token: AUTH_tkafc1df9ed9494caeb013500aadbdecf7 < Content-Length: 0 < Date: Thu, 15 Sep 2011 10:36:17 GMT < * Connection #0 to host 192.168.3.20 left intact * Closing connection #0 * SSLv3, TLS alert, Client hello (1): ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ root@dtv-110702:/etc/swift# curl -v -H 'X-Auth-Token: AUTH_tkafc1df9ed9494caeb013500aadbdecf7' https://192.168.3.20:443/v1/AUTH_test2 * About to connect() to 192.168.3.20 port 443 (#0) * Trying 192.168 ...

(more)
edit flag offensive delete link more
add a comment
0

answered 2011-10-04 14:32:34 -0600

novikov gravatar image

You must add user as admin i.e. with -a option for swauth-add-user or make a container and give specific rights (for read or write) on it for concrete user, I don`t know how exactly - so just use admin account for first time.

edit flag offensive delete link more
add a comment
0

answered 2011-08-24 21:14:12 -0600

btorch gravatar image

Hi Chau,

First of, is this a SAIO setup ? (I assume so)

  • cyberduck only allows https connections. So you need to setup swift-proxy with SSL and on port 443. I don't remember if cyberduck will work with SSL on port 8080.

  • Is this a typo "username: test.tester" ? it should be "test:tester"

  • How does your proxy-server.conf looks like ?

edit flag offensive delete link more
add a comment
0

answered 2011-08-26 03:21:17 -0600

chaupv79 gravatar image

Hi Marcelo,

I have followed your guideline as below

1) my configuration for swift proxy

[DEFAULT] bind_port = 443 cert_file = /etc/swift/cert.crt key_file = /etc/swift/cert.key user = root log_facility = LOG_LOCAL1

#[pipeline:main] #pipeline = healthcheck cache tempauth proxy-server [pipeline:main] pipeline = healthcheck cache swauth proxy-server

[app:proxy-server] use = egg:swift#proxy allow_account_management = true

[filter:tempauth] use = egg:swift#tempauth user_admin_admin = admin .admin .reseller_admin user_test_tester = testing .admin user_test2_tester2 = testing2 .admin user_test_tester3 = testing3

[filter:swauth] use = egg:swauth#swauth set log_name = swauth default_swift_cluster = local#https://192.168.0.15:443//v1#https://127.0.0.1:443/v1 super_admin_key = chaupv79

[filter:healthcheck] use = egg:swift#healthcheck

[filter:cache] use = egg:swift#memcache

2) when I create new users on "https"

swauth-add-user -A https://192.168.0.15:443/auth/ -K chaupv79 -a chau chauer chauing

=> error

root@chaupv-desktop:~/swift/trunk# swauth-add-user -A https://192.168.0.15:443/auth/ -K chaupv79 -a chau chauer chauing

Account creation failed: 500 Server Error User creation failed: 500 Server Error

Do you know why, Marcelo?

edit flag offensive delete link more
add a comment
0

answered 2011-08-25 03:28:32 -0600

chaupv79 gravatar image

Hi Marcelo,

Thank for your reply,

Yes, I followed SAIO to setup swift 1.4.3

  • for cyberduck on window, I still don't know what happen while it cannot make a connection to swift server

  • the username for login should be "test:tester"

  • my proxy-server.conf as below:

[DEFAULT] bind_port = 8080 user = root log_facility = LOG_LOCAL1

#cert_file = /etc/swift/cert.crt #key_file = /etc/swift/cert.key

[pipeline:main] pipeline = healthcheck cache swauth proxy-server

[app:proxy-server] use = egg:swift#proxy allow_account_management = true

[filter:tempauth] use = egg:swift#tempauth user_admin_admin = admin .admin .reseller_admin user_test_tester = testing .admin user_test2_tester2 = testing2 .admin user_test_tester3 = testing3

[filter:swauth] use = egg:swauth#swauth set log_name = swauth super_admin_key = secure_key

[filter:healthcheck] use = egg:swift#healthcheck

[filter:cache] use = egg:swift#memcache

I am still investigating on cyberduck and swift, to find out how to make a connection between them. I have already change the port from 8080 to 443 but the problem still there.

look forward to hearing from your idea.

Thank you

edit flag offensive delete link more
add a comment
0

answered 2011-09-09 10:45:51 -0600

moubarik-siham gravatar image

also i have this error with this commande :

curl -v -H 'X-Storage-User: test:tester' -H 'X-Storage-Pass: testing' https://192.168.3.20:443/auth/v1.0

  • About to connect() to 192.168.3.20 port 443 (#0)
  • Trying 192.168.3.20... connected
  • Connected to 192.168.3.20 (192.168.3.20) port 443 (#0)
  • successfully set certificate verify locations:
  • CAfile: none CApath: /etc/ssl/certs
  • SSLv3, TLS handshake, Client hello (1):
  • SSLv3, TLS handshake, Server hello (2):
  • SSLv3, TLS handshake, CERT (11):
  • SSLv3, TLS alert, Server hello (2):
  • SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
  • Closing connection #0 curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option.

edit flag offensive delete link more
add a comment
123next »

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

subscribe to rss feed

Stats

Asked: 2011-08-24 07:11:58 -0600

Seen: 983 times

Last updated: Jun 24 '12

Related questions

How swift log events

Installing swift stats system

swift tempurl: Unauthorized

Serving videos through nginx

Problems starting swift with keystone integration

Will Swift implement SMB/SMB2 Protocols?

Proxy Account Controller Functionality

Image for installing OpenStack Swift

The partitions do not follow the weight value?

swift tool:how to download a object from container