openstack team mailing list archive

[Lillie Ross-CDSR11 <Ross.Lillie@xxxxxxxxxxxxxxxxxxxxx>]

I'm trying to get the S3 api working with Swift using Keystone authentication.  My setup is  based on the patched Diablo release using the ManagedIT packages, with an additional package (keystone2) that support2 v.2 authentication between swift and keystone.  I'm (as usual) confused as to what additional modules need to be added to the authentication pipeline to get the S3 api to work.

My current 'proxy_server.conf' file has the pipeline set as seen below:

[DEFAULT]
bind_port = 8080
workers = 8
user = swift

[pipeline:main]
# pipeline = catch_errors healthcheck cache keystone proxy-server
#pipeline = catch_errors healthcheck cache keystone2 proxy-server
pipeline = catch_errors healthcheck cache swift3 keystone2 proxy-server

[app:proxy-server]
use = egg:swift#proxy
account_autocreate = true

[filter:keystone2]
use = egg:swiftkeystone2#keystone2
keystone_admin_token = 1234123412341234
keystone_url = http://173.23.181.1:35357/v2.0

[filter:swift3]
use = egg:swift#swift3

[filter:healthcheck]
use = egg:swift#healthcheck

[filter:cache]
use = egg:swift#memcache
memcache_servers = 192.168.20.1:11211
set log_name = cache

[filter:catch_errors]
use = egg:swift#catch_errors

Now, I'm assuming that I need an additional stage that intercepts S3 requests and uses the S3 credentials to authenticate against the Keystone service.  Is this the 'ec2_token.py' middleware module from the keystone distribution?  All the older diablo documentation refers to the s3_token middleware, but I'm assuming this has been deprecated since I don't see the module in my keystone distribution.

Thanks in advance.

--
Ross Lillie
ross.lillie@xxxxxxxxxxxxxxxxxxxxx