openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #18362
Re: OpenNebula and Swift integration
Thanks for the tips. I'll keep you posted with any advance we make.
On Tue, Nov 6, 2012 at 4:54 PM, Chuck Thier <cthier@xxxxxxxxx> wrote:
> Hi Javier,
>
> On Tue, Nov 6, 2012 at 5:07 AM, Javier Fontan <jfontan@xxxxxxxxxxxxxx> wrote:
>> Hello,
>>
>> We recently had interest from some of our enterprise users to use
>> Swift Object Store as the backend for the VM images. I have been
>> researching on a possible integration with OpenNebula but I have some
>> questions.
>>
>> AFAIK Swift is only Object Store and exposes the object through a REST
>> interface. Is there any plan to add block storage support like Ceph so
>> VMs can use the objects directly?
>>
>
> There isn't currently any plans for this. At one time we considered
> it, but decided that it would not be a good idea to build block
> storage on top of Swift.
>
>> We would love to have the same users and permissions in both
>> OpenNebula and Swift so the management is only done in one place. It
>> seems that the "TempAuth" system is the way to go to perform this
>> authentication. Is it going to be supported in the future or is it
>> going to be dumped in favor of just Keystone?
>>
>
> You should be able to write your own auth middleware that integrates
> swift into the OpenNebula auth system. Docs are here:
>
> http://docs.openstack.org/developer/swift/development_auth.html
>
> You can also use TempAuth as an example to work from.
>
>> Are the object ACLs stored within Swift? Can I provide the object ACLs
>> from the Auth subsystem (OpenNebula in this case)? I plan to map Swift
>> objects to OpenNebula Images and they already have ACLs in place.
>>
>
> Currently ACLs are at the container level in swift and not at the
> object level. That said, for your specific use case, I think you
> could implement the image ACLs in your auth middleware, but it has
> been a while since I have looked at that code.
>
> --
> Chuck
--
Javier Fontán Muiños
Project Engineer
OpenNebula - The Open Source Toolkit for Data Center Virtualization
www.OpenNebula.org | jfontan@xxxxxxxxxxxxxx | @OpenNebula
References