Support keystone v3 domains in swift-dispersion
This provides the capability to specify a project_name, project_domain_name and user_domain_name in /etc/swift/dispersion.conf. If this values are set in dispersion.conf they get populated to the swift-client. With this it is possible to have a specific dispersion project specified, which is not the keystone default domain. Changes were applied to swift-dispersion-populate and swift-dispersion-report. Relevant man pages, the example dispersion.conf and the admin guide were updated accordingly. DocImpact Closes-Bug: #1468374 Change-Id: I0e716f8d281b4d0f510bc568bcee4a13fc480ff7
This commit is contained in:
parent
5370526b57
commit
363a256e58
@ -119,6 +119,9 @@ Usage: %%prog [options] [conf_file]
|
|||||||
retries = int(conf.get('retries', 5))
|
retries = int(conf.get('retries', 5))
|
||||||
concurrency = int(conf.get('concurrency', 25))
|
concurrency = int(conf.get('concurrency', 25))
|
||||||
endpoint_type = str(conf.get('endpoint_type', 'publicURL'))
|
endpoint_type = str(conf.get('endpoint_type', 'publicURL'))
|
||||||
|
user_domain_name = str(conf.get('user_domain_name', ''))
|
||||||
|
project_domain_name = str(conf.get('project_domain_name', ''))
|
||||||
|
project_name = str(conf.get('project_name', ''))
|
||||||
insecure = options.insecure \
|
insecure = options.insecure \
|
||||||
or config_true_value(conf.get('keystone_api_insecure', 'no'))
|
or config_true_value(conf.get('keystone_api_insecure', 'no'))
|
||||||
container_populate = config_true_value(
|
container_populate = config_true_value(
|
||||||
@ -133,6 +136,12 @@ Usage: %%prog [options] [conf_file]
|
|||||||
retries_done = 0
|
retries_done = 0
|
||||||
|
|
||||||
os_options = {'endpoint_type': endpoint_type}
|
os_options = {'endpoint_type': endpoint_type}
|
||||||
|
if user_domain_name:
|
||||||
|
os_options['user_domain_name'] = user_domain_name
|
||||||
|
if project_domain_name:
|
||||||
|
os_options['project_domain_name'] = project_domain_name
|
||||||
|
if project_name:
|
||||||
|
os_options['project_name'] = project_name
|
||||||
|
|
||||||
url, token = get_auth(conf['auth_url'], conf['auth_user'],
|
url, token = get_auth(conf['auth_url'], conf['auth_user'],
|
||||||
conf['auth_key'],
|
conf['auth_key'],
|
||||||
|
@ -344,6 +344,9 @@ Usage: %%prog [options] [conf_file]
|
|||||||
and not options.container_only
|
and not options.container_only
|
||||||
if not (object_report or container_report):
|
if not (object_report or container_report):
|
||||||
exit("Neither container or object report is set to run")
|
exit("Neither container or object report is set to run")
|
||||||
|
user_domain_name = str(conf.get('user_domain_name', ''))
|
||||||
|
project_domain_name = str(conf.get('project_domain_name', ''))
|
||||||
|
project_name = str(conf.get('project_name', ''))
|
||||||
insecure = options.insecure \
|
insecure = options.insecure \
|
||||||
or config_true_value(conf.get('keystone_api_insecure', 'no'))
|
or config_true_value(conf.get('keystone_api_insecure', 'no'))
|
||||||
if options.debug:
|
if options.debug:
|
||||||
@ -352,6 +355,12 @@ Usage: %%prog [options] [conf_file]
|
|||||||
coropool = GreenPool(size=concurrency)
|
coropool = GreenPool(size=concurrency)
|
||||||
|
|
||||||
os_options = {'endpoint_type': endpoint_type}
|
os_options = {'endpoint_type': endpoint_type}
|
||||||
|
if user_domain_name:
|
||||||
|
os_options['user_domain_name'] = user_domain_name
|
||||||
|
if project_domain_name:
|
||||||
|
os_options['project_domain_name'] = project_domain_name
|
||||||
|
if project_name:
|
||||||
|
os_options['project_name'] = project_name
|
||||||
|
|
||||||
url, token = get_auth(conf['auth_url'], conf['auth_user'],
|
url, token = get_auth(conf['auth_url'], conf['auth_user'],
|
||||||
conf['auth_key'],
|
conf['auth_key'],
|
||||||
|
@ -44,6 +44,12 @@ Authentication system URL
|
|||||||
Authentication system account/user name
|
Authentication system account/user name
|
||||||
.IP "\fBauth_key\fR"
|
.IP "\fBauth_key\fR"
|
||||||
Authentication system account/user password
|
Authentication system account/user password
|
||||||
|
.IP "\fBproject_name\fR"
|
||||||
|
Project name in case of keystone auth version 3
|
||||||
|
.IP "\fBproject_domain_name\fR"
|
||||||
|
Project domain name in case of keystone auth version 3
|
||||||
|
.IP "\fBuser_domain_name\fR"
|
||||||
|
User domain name in case of keystone auth version 3
|
||||||
.IP "\fBswift_dir\fR"
|
.IP "\fBswift_dir\fR"
|
||||||
Location of openstack-swift configuration and ring files
|
Location of openstack-swift configuration and ring files
|
||||||
.IP "\fBdispersion_coverage\fR"
|
.IP "\fBdispersion_coverage\fR"
|
||||||
@ -70,6 +76,9 @@ Whether to run the object report. The default is yes.
|
|||||||
.IP "auth_key = dpstats"
|
.IP "auth_key = dpstats"
|
||||||
.IP "swift_dir = /etc/swift"
|
.IP "swift_dir = /etc/swift"
|
||||||
.IP "# keystone_api_insecure = no"
|
.IP "# keystone_api_insecure = no"
|
||||||
|
.IP "# project_name = dpstats"
|
||||||
|
.IP "# project_domain_name = default"
|
||||||
|
.IP "# user_domain_name = default"
|
||||||
.IP "# dispersion_coverage = 1.0"
|
.IP "# dispersion_coverage = 1.0"
|
||||||
.IP "# retries = 5"
|
.IP "# retries = 5"
|
||||||
.IP "# concurrency = 25"
|
.IP "# concurrency = 25"
|
||||||
|
@ -85,6 +85,9 @@ Example \fI/etc/swift/dispersion.conf\fR:
|
|||||||
.IP "auth_user = dpstats:dpstats"
|
.IP "auth_user = dpstats:dpstats"
|
||||||
.IP "auth_key = dpstats"
|
.IP "auth_key = dpstats"
|
||||||
.IP "swift_dir = /etc/swift"
|
.IP "swift_dir = /etc/swift"
|
||||||
|
.IP "# project_name = dpstats"
|
||||||
|
.IP "# project_domain_name = default"
|
||||||
|
.IP "# user_domain_name = default"
|
||||||
.IP "# dispersion_coverage = 1.0"
|
.IP "# dispersion_coverage = 1.0"
|
||||||
.IP "# retries = 5"
|
.IP "# retries = 5"
|
||||||
.IP "# concurrency = 25"
|
.IP "# concurrency = 25"
|
||||||
|
@ -101,6 +101,9 @@ Example \fI/etc/swift/dispersion.conf\fR:
|
|||||||
.IP "auth_user = dpstats:dpstats"
|
.IP "auth_user = dpstats:dpstats"
|
||||||
.IP "auth_key = dpstats"
|
.IP "auth_key = dpstats"
|
||||||
.IP "swift_dir = /etc/swift"
|
.IP "swift_dir = /etc/swift"
|
||||||
|
.IP "# project_name = dpstats"
|
||||||
|
.IP "# project_domain_name = default"
|
||||||
|
.IP "# user_domain_name = default"
|
||||||
.IP "# dispersion_coverage = 1.0"
|
.IP "# dispersion_coverage = 1.0"
|
||||||
.IP "# retries = 5"
|
.IP "# retries = 5"
|
||||||
.IP "# concurrency = 25"
|
.IP "# concurrency = 25"
|
||||||
|
@ -270,7 +270,8 @@ configuration file, /etc/swift/dispersion.conf. Example conf file::
|
|||||||
|
|
||||||
There are also options for the conf file for specifying the dispersion coverage
|
There are also options for the conf file for specifying the dispersion coverage
|
||||||
(defaults to 1%), retries, concurrency, etc. though usually the defaults are
|
(defaults to 1%), retries, concurrency, etc. though usually the defaults are
|
||||||
fine.
|
fine. If you want to use keystone v3 for authentication there are options like
|
||||||
|
auth_version, user_domain_name, project_domain_name and project_name.
|
||||||
|
|
||||||
Once the configuration is in place, run `swift-dispersion-populate` to populate
|
Once the configuration is in place, run `swift-dispersion-populate` to populate
|
||||||
the containers and objects throughout the cluster.
|
the containers and objects throughout the cluster.
|
||||||
|
@ -13,6 +13,16 @@ auth_key = testing
|
|||||||
# auth_key = password
|
# auth_key = password
|
||||||
# auth_version = 2.0
|
# auth_version = 2.0
|
||||||
#
|
#
|
||||||
|
# NOTE: If you want to use keystone (auth version 3.0), then its configuration
|
||||||
|
# would look something like:
|
||||||
|
# auth_url = http://localhost:5000/v3/
|
||||||
|
# auth_user = user
|
||||||
|
# auth_key = password
|
||||||
|
# auth_version = 3.0
|
||||||
|
# project_name = project
|
||||||
|
# project_domain_name = project_domain
|
||||||
|
# user_domain_name = user_domain
|
||||||
|
#
|
||||||
# endpoint_type = publicURL
|
# endpoint_type = publicURL
|
||||||
# keystone_api_insecure = no
|
# keystone_api_insecure = no
|
||||||
#
|
#
|
||||||
|
Loading…
Reference in New Issue
Block a user