Revision history [back]

click to hide/show revision 1
initial version

swift-keystone

I have been working on connecting spark and swiftstack, but the driver only supports keystone authentication. So here comes my problem.

I already set up the identity service as describe in http://docs.openstack.org/havana/install-guide/install/apt/content/ch_keystone.html and I am trying to follow these steps https://www.swiftstack.com/docs/integration/keystone.html to set up the swift side.

I created the endpoint, but I am not sure whether it is right or not because I am not sure about the adminurl, internalurl, and publicurl. Which of them should be localhost and which of them should be the address of my swiftstack?

When I tried to check the connection using curl: root@ubuntu:~# curl -v -H "X-Auth-Token: 65b5b5d4c95942969663f18c2401d803" http://10.205.1.20/v1/AUTH_9c6ca702ab2347778bfe6cf7d7713a68 * About to connect() to 10.205.1.20 port 80 (#0) * Trying 10.205.1.20... connected

GET /v1/AUTH_9c6ca702ab2347778bfe6cf7d7713a68 HTTP/1.1 User-Agent: curl/7.22.0 (i686-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 Host: 10.205.1.20 Accept: / X-Auth-Token: 65b5b5d4c95942969663f18c2401d803

< HTTP/1.1 401 Unauthorized < Content-Length: 131 < Content-Type: text/html; charset=UTF-8 < X-Trans-Id: txbc3d855c7b78481f9d419-0053f258bd < Date: Mon, 18 Aug 2014 19:49:17 GMT < * Connection #0 to host 10.205.1.20 left intact * Closing connection #0 <html>

Unauthorized

This server could not verify that you are authorized to access the document you requested.

</html>root@ubuntu:~#

any help would be really appriciated.

click to hide/show revision 2
No.2 Revision

swift-keystone

I have been working on connecting spark and swiftstack, but the driver only supports keystone authentication. So here comes my problem.

I already set up the identity service as describe in http://docs.openstack.org/havana/install-guide/install/apt/content/ch_keystone.html and I am trying to follow these steps https://www.swiftstack.com/docs/integration/keystone.html to set up the swift side.

I created the endpoint, but I am not sure whether it is right or not because I am not sure about the adminurl, internalurl, and publicurl. Which of them should be localhost and which of them should be the address of my swiftstack?

When I tried to check the connection using curl: curl:

root@ubuntu:~# curl -v -H "X-Auth-Token: 65b5b5d4c95942969663f18c2401d803" http://10.205.1.20/v1/AUTH_9c6ca702ab2347778bfe6cf7d7713a68
* About to connect() to 10.205.1.20 port 80 (#0)
*   Trying 10.205.1.20... connected

connected > GET /v1/AUTH_9c6ca702ab2347778bfe6cf7d7713a68 HTTP/1.1 > User-Agent: curl/7.22.0 (i686-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 > Host: 10.205.1.20 > Accept: / */* > X-Auth-Token: 65b5b5d4c95942969663f18c2401d803

65b5b5d4c95942969663f18c2401d803 > < HTTP/1.1 401 Unauthorized < Content-Length: 131 < Content-Type: text/html; charset=UTF-8 < X-Trans-Id: txbc3d855c7b78481f9d419-0053f258bd < Date: Mon, 18 Aug 2014 19:49:17 GMT < < * Connection #0 to host 10.205.1.20 left intact * Closing connection #0 <html>

Unauthorized

This <html><h1>Unauthorized</h1><p>This server could not verify that you are authorized to access the document you requested.

</html>root@ubuntu:~#

requested.</p></html> root@ubuntu:~#

any help would be really appriciated.

swift-keystone

I have been working on connecting spark and swiftstack, but the driver only supports keystone authentication. So here comes my problem.

I already set up the identity service as describe in http://docs.openstack.org/havana/install-guide/install/apt/content/ch_keystone.html and I am trying to follow these steps https://www.swiftstack.com/docs/integration/keystone.html to set up the swift side.

I created the endpoint, but I am not sure whether it is right or not because I am not sure about the adminurl, internalurl, and publicurl. Which of them should be localhost and which of them should be the address of my swiftstack?

When I tried to check the connection using curl:

root@ubuntu:~# curl -v -H "X-Auth-Token: 65b5b5d4c95942969663f18c2401d803" http://10.205.1.20/v1/AUTH_9c6ca702ab2347778bfe6cf7d7713a68
* About to connect() to 10.205.1.20 port 80 (#0)
*   Trying 10.205.1.20... connected
> GET /v1/AUTH_9c6ca702ab2347778bfe6cf7d7713a68 HTTP/1.1
> User-Agent: curl/7.22.0 (i686-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
> Host: 10.205.1.20
> Accept: */*
> X-Auth-Token: 65b5b5d4c95942969663f18c2401d803
> 
< HTTP/1.1 401 Unauthorized
< Content-Length: 131
< Content-Type: text/html; charset=UTF-8
< X-Trans-Id: txbc3d855c7b78481f9d419-0053f258bd
< Date: Mon, 18 Aug 2014 19:49:17 GMT
< 
* Connection #0 to host 10.205.1.20 left intact
* Closing connection #0
<html><h1>Unauthorized</h1><p>This server could not verify that you are authorized to access the document you requested.</p></html>
root@ubuntu:~#

any help would be really appriciated.

swift-keystone

I have been working on connecting spark and swiftstack, but the driver only supports keystone authentication. So here comes my problem.

I already set up the identity service as describe in http://docs.openstack.org/havana/install-guide/install/apt/content/ch_keystone.html and I am trying to follow these steps https://www.swiftstack.com/docs/integration/keystone.html to set up the swift side.

I created the endpoint, but I am not sure whether it is right or not because I am not sure about the adminurl, internalurl, and publicurl. Which of them should be localhost and which of them should be the address of my swiftstack?

When I tried to check the connection using curl:

root@ubuntu:~# curl -v -H "X-Auth-Token: 65b5b5d4c95942969663f18c2401d803" http://10.205.1.20/v1/AUTH_9c6ca702ab2347778bfe6cf7d7713a68
* About to connect() to 10.205.1.20 port 80 (#0)
*   Trying 10.205.1.20... connected
> GET /v1/AUTH_9c6ca702ab2347778bfe6cf7d7713a68 HTTP/1.1
> User-Agent: curl/7.22.0 (i686-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
> Host: 10.205.1.20
> Accept: */*
> X-Auth-Token: 65b5b5d4c95942969663f18c2401d803
> 
< HTTP/1.1 401 Unauthorized
< Content-Length: 131
< Content-Type: text/html; charset=UTF-8
< X-Trans-Id: txbc3d855c7b78481f9d419-0053f258bd
< Date: Mon, 18 Aug 2014 19:49:17 GMT
< 
* Connection #0 to host 10.205.1.20 left intact
* Closing connection #0
<html><h1>Unauthorized</h1><p>This server could not verify that you are authorized to access the document you requested.</p></html>
root@ubuntu:~#

any help would be really appriciated.

proxy-server.conf :

[DEFAULT]
bind_port = 80
user = spark

[pipeline:main]
pipeline = catch_errors healthcheck cache authtoken keystone proxy-server

[app:proxy-server]
use = egg:swift#proxy
account_autocreate = true

[filter:keystone]
paste.filter_factory = keystoneclient.middleware.swift_auth:filter_factory
operator_roles = admin, swiftoperator

[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
# Delaying the auth decision is required to support token-less
# usage for anonymous referrers ('.r:*').
delay_auth_decision = 10
auth_protocol = http
auth_port = 5000
auth_host = 127.0.0.1
auth_uri = http://127.0.0.1:5000/
service_host = 10.205.1.20
service_port = 80
admin_tenant_name = service
admin_user = swift
admin_password = swiftpass
cache = swift.cache
include_service_catalog = False

[filter:cache]
use = egg:swift#memcache
set log_name = cache

[filter:catch_errors]
use = egg:swift#catch_errors

[filter:healthcheck]
use = egg:swift#healthcheck

[filter:keystoneauth]
use = egg:swift#keystoneauth
operator_roles = admin, swiftoperator

root@ubuntu:~# keystone user-list
+----------------------------------+---------+------------------------------+-------+
|                id                | enabled |            email             |  name |
+----------------------------------+---------+------------------------------+-------+
| 4fed7bed36f44ebbbc6ba69c4c8e7a70 | True    | None                         | swift |
| 9c6ca702ab2347778bfe6cf7d7713a68 | True    | m*********i@company.com | spark |
| d045891fdfdf46069efa7a727cf85708 | True    | None                         | admin |
+----------------------------------+---------+------------------------------+-------+

root@ubuntu:~# keystone tenant-list
+----------------------------------+---------+---------+
|                id                |   name  | enabled |
+----------------------------------+---------+---------+
| 09beb54b84a243a1a0c87b7e1c7de27a | service | True    |
| eab7ad18e730417084c9dc90cb90a663 | admin   | True    |
| f0f42a4002cc4a72a7ff7e325d510454 | spark   | True    |
+----------------------------------+---------+---------+
root@ubuntu:~# keystone endpoint-list
+----------------------------------+-----------+-------------------------------------------------------------+-------------------------------------------------------------+-----------------------------+
|                id                |   region  |                          publicurl                          |                         internalurl                         |           adminurl          |
+----------------------------------+-----------+-------------------------------------------------------------+-------------------------------------------------------------+-----------------------------+
| 386c3c7c409843bd8034e4c211bb47fd | regionOne | http://127.0.0.1:5000/v2.0                                  | http://127.0.0.1:5000/v2.0                                  | http://127.0.0.1:35357/v2.0 |
| 3a84626c80254c909651614869464752 | regionOne | http://10.205.1.20/v1/AUTH_9c6ca702ab2347778bfe6cf7d7713a68 | http://10.205.1.20/v1/AUTH_9c6ca702ab2347778bfe6cf7d7713a68 | http://10.205.1.20/v1       |
+----------------------------------+-----------+-------------------------------------------------------------+-------------------------------------------------------------+-----------------------------+

I am not able to do command user-role-list. How do you restart proxy server?