openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #19238
Re: Fwd: [swift3] api - boto and libcloud => AccessDenied
I tried with the EC2 credentials too, but without luck.
Do I need to create specific endpoints for s3 in keystone? Using what URLs?
Is my configuration and code correct?
.a.
On Thu, Dec 6, 2012 at 11:46 PM, Blair Bethwaite
<blair.bethwaite@xxxxxxxxx>wrote:
> Hi Antonio,
>
> It sounds like you might be using the wrong credentials. The S3 layer
> works with the EC2 credentials.
>
>
> On 6 December 2012 06:33, Antonio Messina <arcimboldo@xxxxxxxxx> wrote:
>
>>
>> Hi all,
>>
>> I'm trying to access SWIFT using the S3 API compatibility layer, but I
>> always get an "AccessDenied".
>>
>> I'm running folsom on ubuntu precise 12.04 LTS, packages are from
>> ubuntu-cloud.archive.canonical.com repository. Swift is correctly
>> configured, login and password have been tested with the web interface and
>> from command line. Glance uses it to store the images.
>>
>> I've installed swift-plugin-s3 and I've configured proxy-server.conf as
>> follow:
>>
>> pipeline = catch_errors healthcheck cache ratelimit authtoken
>> keystoneauth swift3 proxy-logging proxy-server
>> [filter:swift3]
>> use = egg:swift3#swift3
>>
>> I've then tried to connect using my keystone login and password (and I've
>> also tried with the EC2 tokens, with the same result).
>>
>> The code I'm using is:
>>
>> from libcloud.storage.types import Provider as StorageProvider
>> from libcloud.storage.providers import get_driver as get_storage_driver
>>
>> s3driver = get_storage_driver(StorageProvider.S3)
>> s3 = s3driver(ec2access, ec2secret, secure=False, host=s3host, port=8080)
>> s3.list_containers()
>>
>> What I get is:
>>
>> Traceback (most recent call last):
>> File "<stdin>", line 1, in <module>
>> File
>> "/home/antonio/.virtualenvs/cloud/local/lib/python2.7/site-packages/libcloud/storage/drivers/s3.py",
>> line 176, in list_containers
>> response = self.connection.request('/')
>> File
>> "/home/antonio/.virtualenvs/cloud/local/lib/python2.7/site-packages/libcloud/common/base.py",
>> line 605, in request
>> connection=self)
>> File
>> "/home/antonio/.virtualenvs/cloud/local/lib/python2.7/site-packages/libcloud/common/base.py",
>> line 93, in __init__
>> raise Exception(self.parse_error())
>> File
>> "/home/antonio/.virtualenvs/cloud/local/lib/python2.7/site-packages/libcloud/storage/drivers/s3.py",
>> line 68, in parse_error
>> raise InvalidCredsError(self.body)
>> libcloud.common.types.InvalidCredsError: '<?xml version="1.0"
>> encoding="UTF-8"?>\r\n<Error>\r\n <Code>AccessDenied</Code>\r\n
>> <Message>Access denied</Message>\r\n</Error>'
>>
>>
>> Using boto instead:
>>
>> >>> import boto
>> >>> s3conn = boto.s3.connection.S3Connection(
>> aws_access_key_id=ec2access, aws_secret_access_key=ec2secret, port=s3port,
>> host=s3host, is_secure=False,debug=3)
>> >>> s3conn.get_all_buckets()
>> send: 'GET / HTTP/1.1\r\nHost: cloud-storage1:8080\r\nAccept-Encoding:
>> identity\r\nDate: Wed, 05 Dec 2012 19:25:00 GMT\r\nContent-Length:
>> 0\r\nAuthorization: AWS
>> 7c67d5b35b5a4127887c5da319c70a18:WXVx9AONXvIkDiIdg8rUnfncFnM=\r\nUser-Agent:
>> Boto/2.6.0 (linux2)\r\n\r\n'
>> reply: 'HTTP/1.1 403 Forbidden\r\n'
>> header: Content-Type: text/xml; charset=UTF-8
>> header: Content-Length: 124
>> header: X-Trans-Id: tx7a823c742f624f2682bfddb19f31bcc2
>> header: Date: Wed, 05 Dec 2012 19:24:42 GMT
>> Traceback (most recent call last):
>> File "<stdin>", line 1, in <module>
>> File
>> "/home/antonio/.virtualenvs/cloud/local/lib/python2.7/site-packages/boto/s3/connection.py",
>> line 364, in get_all_buckets
>> response.status, response.reason, body)
>> boto.exception.S3ResponseError: S3ResponseError: 403 Forbidden
>> <?xml version="1.0" encoding="UTF-8"?>
>> <Error>
>> <Code>AccessDenied</Code>
>> <Message>Access denied</Message>
>> </Error>
>>
>> Login and password work when using the command line tool `swift`.
>>
>> I think I may be missing something very basilar here, but I couldn't find
>> so much documentation...
>>
>> Thanks in advance
>>
>> .a.
>>
>> --
>> antonio.s.messina@xxxxxxxxx
>> arcimboldo@xxxxxxxxx
>> GC3: Grid Computing Competence Center
>> http://www.gc3.uzh.ch/
>> University of Zurich
>> Winterthurerstrasse 190
>> CH-8057 Zurich Switzerland
>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~openstack
>> Post to : openstack@xxxxxxxxxxxxxxxxxxx
>> Unsubscribe : https://launchpad.net/~openstack
>> More help : https://help.launchpad.net/ListHelp
>>
>>
>
>
> --
> Cheers,
> ~Blairo
>
--
antonio.s.messina@xxxxxxxxx
arcimboldo@xxxxxxxxx
GC3: Grid Computing Competence Center
http://www.gc3.uzh.ch/
University of Zurich
Winterthurerstrasse 190
CH-8057 Zurich Switzerland
Follow ups
References