swift/doc/source/howto_cyberduck.rst
2010-09-11 17:23:24 -07:00

159 lines
5.7 KiB
ReStructuredText

===============================
Talking to Swift with Cyberduck
===============================
.. note::
Put together by Caleb Tennis, thanks Caleb!
#. Install Swift, or have credentials for an existing Swift installation. If
you plan to install Swift on your own server, follow the general guidelines
in the section following this one.
#. Verify you can connect using the standard Swift Tool `st` from your
"public" URL (yes I know this resolves privately inside EC2)::
ubuntu@domU-12-31-39-03-CD-06:/home/swift/swift/bin$ st -A https://ec2-184-72-156-130.compute-1.amazonaws.com:11000/v1.0 -U a3:b3 -K c3 stat
Account: 06228ccf-6d0a-4395-889e-e971e8de8781
Containers: 0
Objects: 0
Bytes: 0
.. note::
The Swift Tool `st` can be copied from Swift sources to most any
machine with Python installed. You can grab it from
http://bazaar.launchpad.net/%7Ehudson-openstack/swift/trunk/annotate/head%3A/bin/st
if you don't have the Swift code handy.
#. Download and extract the Cyberduck sources (3.5.1 as of this writing). They
should be available at http://trac.cyberduck.ch/
#. Edit the Cyberduck source. Look for lib/cloudfiles.properties, and edit
this file. Change auth_url to your public auth URL (note the https)::
auth_url=https://ec2-184-72-156-130.compute-1.amazonaws.com:11000/v1.0
#. Edit source/ch/cyberduck/core/Protocol.java. Look for the line saying
"storage.clouddrive.com". Just above that, change::
public boolean isHostnameConfigurable() {
return true;
}
#. In the root directory, run "make" to rebuild Cyberduck. When done, type:
`open build/Release/Cyberduck.app/` to start the program.
#. Go to "Open Connection", select Rackspace Cloud Files, and connect.
.. image:: howto_cyberduck_config.png
#. If you get SSL errors, make sure your auth and proxy server are both setup
for SSL. If you get certificate errors (specifically, 'unable to find valid
certification path to requested target'), you are using a self signed
certificate, you need to perform a few more steps:
.. note::
For some folks, just telling the OS to trust the cert works fine, for
others use the following steps.
#. As outlined here: http://blogs.sun.com/andreas/entry/no_more_unable_to_find,
download http://blogs.sun.com/andreas/resource/InstallCert.java, run "javac
InstallCert.java" to compile it, then run "java InstallCert
https://your-auth-server-url:8080". This script will pull down that
certificate and put it into a Java cert store, in your local directory. The
file is jssecacerts.
#. You need to move that file to $JAVA_HOME/jre/lib/security, so your java run
time picks it up.
#. Restart Cyberduck, and it should now allow you to use that certificate
without an error.
---------------------------------------
Installing Swift For Use With Cyberduck
---------------------------------------
#. Both the proxy and auth servers will ultimately need to be running with
SSL. You will need a key and certificate to do this, self signed is ok (but
a little more work getting Cyberduck to accept it). Put these in
/etc/swift/cert.crt and /etc/swift/cert.key.
.. note::
Creating a self-signed cert can usually be done with::
cd /etc/swift
openssl req -new -x509 -nodes -out cert.crt -keyout cert.key
#. Example proxy-server config::
[DEFAULT]
cert_file = /etc/swift/cert.crt
key_file = /etc/swift/cert.key
[pipeline:main]
pipeline = healthcheck cache auth proxy-server
[app:proxy-server]
use = egg:swift#proxy
[filter:auth]
use = egg:swift#auth
ssl = true
[filter:healthcheck]
use = egg:swift#healthcheck
[filter:cache]
use = egg:swift#memcache
#. Example auth-server config::
[DEFAULT]
cert_file = /etc/swift/cert.crt
key_file = /etc/swift/cert.key
[pipeline:main]
pipeline = auth-server
[app:auth-server]
use = egg:swift#auth
super_admin_key = devauth
default_cluster_url = https://ec2-184-72-156-130.compute-1.amazonaws.com:8080/v1
#. Use swift-auth-add-user to create a new account and admin user::
ubuntu@domU-12-31-39-03-CD-06:/home/swift/swift/bin$ swift-auth-add-user -K devauth -a a3 b3 c3
https://ec2-184-72-156-130.compute-1.amazonaws.com:8080/v1/06228ccf-6d0a-4395-889e-e971e8de8781
.. note::
It's important that the URL that is given back to you be accessible
publicly. This URL is tied to this account, and will be served
back to Cyberduck after authorization. If this URL gives back
something like: http://127.0.0.1/v1/... this won't work, because
Cyberduck will attempt to connect to 127.0.0.1.
This URL is specified in the auth-server config's
default_cluster_url. However, once you have created an
account/user, this URL is fixed and won't change even if you change
that configuration item. You will have to use sqlite to manually
edit the auth.db in order to change it (limitation of using the
development auth server, but perhaps someone will patch in this
ability someday).
#. Verify you can connect using the standard Swift Tool `st`::
ubuntu@domU-12-31-39-03-CD-06:/home/swift/swift/bin$ st -A https://127.0.0.1:11000/v1.0 -U a3:b3 -K c3 stat
Account: 06228ccf-6d0a-4395-889e-e971e8de8781
Containers: 0
Objects: 0
Bytes: 0
.. note::
Please let me know if you find any changes that need to be made: ctennis on
IRC