openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #07218
Swift S3 with Keystone anyone?
Hello:
Does anyone happen to have Swift running with S3 and Keystone? If yes,
send me the proxy-server.conf, please. Also, I'd like to ask a few
questions, if I may. I tried to piece it together from the code,
but failed.
The authentication is done with a special hook into Keystone. It supplies
middleware, keystone/keystone/middleware/s3_token.py, which invokes
a POST to v2 Keysone with OS-KSS3:s3Credentials, then sets a req. header
X-Auth-Token. So far so good.
However, how does it fit in with Swift? The actual S3 operations are
implemented by swift/common/middleware/swift3.py, which rolls up the
canonical string, then stuffs it into env['HTTP_X_AUTH_TOKEN'].
The intent is, as I understand, to invoke the special purpose
code in tempauth and thus is useless for Keystone. So, how is this
supposed to work?
I imagine the pipeline should look something like this:
[pipeline:main]
pipeline = healthcheck cache s3auth swift3 proxy-server
[filter:s3auth]
use = egg:keystone#swiftauth
service_protocol = http
service_host = 192.168.129.18
service_port = 5000
[filter:swift3]
use = egg:swift#swift3
Except... There is no entry point for s3_auth in keystone egg.
Documentation seems to be absent. I suppose I could put it together,
if I got it all working at least once.
Confused,
-- Pete
Follow ups