← Back to team overview

openstack team mailing list archive

  1. openstack team
  2. Mailing list archive
  3. Message #04501

Re: access to openstack swift cluster

  Thread PreviousDate PreviousThread Next 
Hi,

thanks for the advice
this not a problem, i installed swift on virtual machines and i will delete them :)

these command are executed when i'm logged on the proxy server, but i want to manage files from outside the proxy
and these  commands don't work from another computer

I don't know if there are any commands or configuration to make it to manage files from outside the proxy

thanks in advance

regards
Khaled

> Subject: Re: [Openstack] access to openstack swift cluster
> From: tomasz@xxxxxxxxxxxxx
> Date: Mon, 3 Oct 2011 17:24:51 +0200
> CC: btorch-os@xxxxxxxxxxxxxx; openstack@xxxxxxxxxxxxxxxxxxx
> To: khaled-bbk@xxxxxxxxxxx
> 
> 
> On 3 paź 2011, at 16:56, Khaled Ben Bahri wrote:
> 
> > Hi 
> > 
> > This is the proxy-server.conf
> > 
> > [DEFAULT]
> > cert_file = /etc/swift/cert.crt
> > key_file = /etc/swift/cert.key
> > bind_port = 8080
> > workers = 8
> > user = swift
> > [pipeline:main]
> > pipeline = healthcheck cache tempauth proxy-server
> > [app:proxy-server]
> > use = egg:swift#proxy
> > allow_account_management = true
> > [filter:tempauth]
> > use = egg:swift#tempauth
> > user_system_root = testpass .admin https://157.159.103.40:8080/v1/AUTH_system
> > [filter:healthcheck]
> > use = egg:swift#healthcheck
> > [filter:cache]
> > use = egg:swift#memcache
> > memcache_servers = 157.159.103.40:11211
> > 
> > 
> > 
> > when I connect to the proxy server, I can manage files
> > swift -A https://$PROXY_LOCAL_NET_IP:8080/auth/v1.0 -U system:root -K testpass upload myfiles fichier_test
> > swift -A https://$PROXY_LOCAL_NET_IP:8080/auth/v1.0 -U system:root -K testpass list
> > 
> > these are commands used i 'm logged on the proxy node to stor a file named 'fichier_test' 
> > and the second is to list created containers
> > 
> > I want to store file without logging to the proxy server but i don't know how to do this
> 
> I assume you checked that you can connect to port 8080 from outside the proxy.
> What I suspect is that you don't have 
> > $PROXY_LOCAL_NET_IP
> 
> defined on external system
> 
> Anyway, you just disclosed your credentials to the list (which means the whole world), and considering fact, that your system is open to the world, I would change system:root user and password, and also set up firewall.
> 
> Regards,
> -- 
> Tomasz 'Zen' Napierała
> 
> 
> 
> 
>

Follow ups

References

  Thread PreviousDate PreviousThread Next