diff --git a/files/keystone_data.sh b/files/keystone_data.sh index a5e75a6b83..d926c52dcd 100755 --- a/files/keystone_data.sh +++ b/files/keystone_data.sh @@ -30,12 +30,13 @@ $BIN_DIR/keystone-manage $* role grant KeystoneServiceAdmin admin $BIN_DIR/keystone-manage $* service add nova compute "Nova Compute Service" $BIN_DIR/keystone-manage $* service add glance image "Glance Image Service" $BIN_DIR/keystone-manage $* service add keystone identity "Keystone Identity Service" +$BIN_DIR/keystone-manage $* service add swift object-store "Swift Service" #endpointTemplates $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% 1 1 $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne glance http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% 1 1 $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://%HOST_IP%:5000/v2.0 http://%HOST_IP%:35357/v2.0 http://%HOST_IP%:5000/v2.0 1 1 -# $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%HOST_IP%:8080/v1/AUTH_%tenant_id% http://%HOST_IP%:8080/ http://%HOST_IP%:8080/v1/AUTH_%tenant_id% 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%HOST_IP%:8080/v1/AUTH_%tenant_id% http://%HOST_IP%:8080/ http://%HOST_IP%:8080/v1/AUTH_%tenant_id% 1 1 # Tokens $BIN_DIR/keystone-manage $* token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00 diff --git a/files/swift-proxy-server.conf b/files/swift-proxy-server.conf index 737a66df59..9a3b54b505 100644 --- a/files/swift-proxy-server.conf +++ b/files/swift-proxy-server.conf @@ -4,13 +4,18 @@ user = stack log_facility = LOG_LOCAL1 [pipeline:main] -pipeline = healthcheck cache tempauth proxy-server +pipeline = healthcheck cache %AUTH_SERVER% proxy-server [app:proxy-server] use = egg:swift#proxy allow_account_management = true account_autocreate = true +[filter:keystone] +use = egg:swiftkeystone2#keystone2 +keystone_admin_token = %SERVICE_TOKEN% +keystone_url = http://localhost:35357/v2.0 + [filter:tempauth] use = egg:swift#tempauth user_admin_admin = admin .admin .reseller_admin diff --git a/stack.sh b/stack.sh index d4e09be703..8a1b9bc72e 100755 --- a/stack.sh +++ b/stack.sh @@ -151,6 +151,7 @@ NOVACLIENT_DIR=$DEST/python-novaclient OPENSTACKX_DIR=$DEST/openstackx NOVNC_DIR=$DEST/noVNC SWIFT_DIR=$DEST/swift +SWIFT_KEYSTONE_DIR=$DEST/swift-keystone2 # Specify which services to launch. These generally correspond to screen tabs ENABLED_SERVICES=${ENABLED_SERVICES:-g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,horizon,mysql,rabbit,swift} @@ -363,6 +364,8 @@ function git_clone { git_clone $NOVA_REPO $NOVA_DIR $NOVA_BRANCH # storage service git_clone $SWIFT_REPO $SWIFT_DIR $SWIFT_BRANCH +# swift + keystone middleware +git_clone $SWIFT_KEYSTONE_REPO $SWIFT_KEYSTONE_DIR $SWIFT_KEYSTONE_BRANCH # image catalog service git_clone $GLANCE_REPO $GLANCE_DIR $GLANCE_BRANCH # unified auth system (manages accounts/tokens) @@ -385,6 +388,7 @@ git_clone $OPENSTACKX_REPO $OPENSTACKX_DIR $OPENSTACKX_BRANCH # allowing ``import nova`` or ``import glance.client`` cd $KEYSTONE_DIR; sudo python setup.py develop cd $SWIFT_DIR; sudo python setup.py develop +cd $SWIFT_KEYSTONE_DIR; sudo python setup.py develop cd $GLANCE_DIR; sudo python setup.py develop cd $NOVACLIENT_DIR; sudo python setup.py develop cd $NOVA_DIR; sudo python setup.py develop @@ -648,9 +652,18 @@ EOF # Add rsync file sed -e "s,%SWIFT_LOCATION%,$SWIFT_LOCATION," $FILES/swift-rsyncd.conf | sudo tee /etc/rsyncd.conf sudo sed -i '/^RSYNC_ENABLE=false/ { s/false/true/ }' /etc/default/rsync - - # Copy proxy-server configuration - cp $FILES/swift-proxy-server.conf /etc/swift/proxy-server.conf + + if [[ "$ENABLED_SERVICES" =~ "key" ]]; then + swift_auth_server=keystone + # Temporary until we get this integrated in swift. + sudo curl -s -o/usr/local/bin/swift \ + 'https://review.openstack.org/gitweb?p=openstack/swift.git;a=blob_plain;f=bin/swift;hb=48bfda6e2fdf3886c98bd15649887d54b9a2574e' + else + swift_auth_server=tempauth + fi + + sed "s/%SERVICE_TOKEN%/${SERVICE_TOKEN}/;s/%AUTH_SERVER%/${swift_auth_server}/" \ + $FILES/swift-proxy-server.conf|sudo tee /etc/swift/proxy-server.conf # Generate swift.conf, we need to have the swift-hash being random # and unique. @@ -664,6 +677,8 @@ EOF local server_type=$1 local bind_port=$2 local log_facility=$3 + local node_number + for node_number in {1..4};do node_path=${SWIFT_LOCATION}/${node_number} sed -e "s,%NODE_PATH%,${node_path},;s,%BIND_PORT%,${bind_port},;s,%LOG_FACILITY%,${log_facility}," \ @@ -693,8 +708,7 @@ EOF # This should work (tempauth) # swift -A http://127.0.0.1:8080/auth/v1.0 -U test:tester -K testing stat - unset s swift_hasH - + unset s swift_hash swift_auth_server tmpd fi # Volume Service @@ -976,6 +990,10 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then echo "examples on using novaclient command line is in exercise.sh" echo "the default users are: admin and demo" echo "the password: $ADMIN_PASSWORD" + if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then + echo "Swift: swift --auth-version 2 -A http://${HOST_IP}:5000/v2.0 -U admin:admin -K $ADMIN_PASSWORD stat" + fi + fi # indicate how long this took to run (bash maintained variable 'SECONDS') diff --git a/stackrc b/stackrc index 78479f9b4c..6d4454e199 100644 --- a/stackrc +++ b/stackrc @@ -6,6 +6,10 @@ NOVA_BRANCH=diablo SWIFT_REPO=https://github.com/openstack/swift.git SWIFT_BRANCH=1.4.3 +# swift and keystone integration +SWIFT_KEYSTONE_REPO=https://github.com/cloudbuilders/swift-keystone2.git +SWIFT_KEYSTONE_BRANCH=master + # image catalog service GLANCE_REPO=https://github.com/cloudbuilders/glance.git GLANCE_BRANCH=diablo