Swift3 Middleware for OpenStack Swift, allowing access to OpenStack swift via the Amazon S3 API.
Go to file
Tim Burke f3a933aad1 Add support for more characters in header keys
Some S3 clients rely on AWS's ability to preserve underscores in
header names. This doesn't mesh well with WSGI, which treats dashes
and underscores equivalently. Starting in eventlet 0.19.0, however,
the raw headers from the client are available in a `headers_raw`
environment key. If available, use it.

Change-Id: If96fc2f0713e3ec18764766225446a16a7c07f94
2017-04-11 18:49:03 +00:00
doc Relax bucket creation schema 2017-01-05 00:10:32 +00:00
etc Move min segment size configuration to swift3 2016-12-20 08:19:41 -08:00
swift3 Add support for more characters in header keys 2017-04-11 18:49:03 +00:00
.gitignore Improve coverage report 2014-04-16 10:55:54 +09:00
.gitreview Update .gitreview for new namespace 2015-10-17 22:40:26 +00:00
.unittests Add unittests from swift repository. 2012-05-21 13:21:24 +02:00
AUTHORS Update CHANGELOG and AUTHORS for v1.10 2016-01-29 01:51:19 -08:00
bindep.txt List system dependencies for running common tests 2016-08-25 17:25:40 -07:00
CHANGELOG Update CHANGELOG for v1.11 2016-09-06 23:35:17 -07:00
LICENSE Addding a few base files to the project. 2012-05-21 13:05:34 +02:00
MANIFEST.in Add a manifest file similar to Swift's 2015-09-17 14:43:31 -07:00
README.md Small updates for readme 2016-10-16 19:48:20 -07:00
requirements.txt Bump minimum Swift requirement to Ocata stable 2017-02-21 13:57:01 -08:00
setup.cfg Remove version from setup.cfg 2016-09-27 11:36:33 -07:00
setup.py Add setup.cfg and pbr support. 2014-04-09 11:30:40 +02:00
test-requirements.txt Prohibit certain versions of requests in test-requirements.txt 2017-03-16 19:44:11 +00:00
tox.ini Prohibit certain versions of requests in test-requirements.txt 2017-03-16 19:44:11 +00:00

Swift3

Swift3 Middleware for OpenStack Swift, allowing access to OpenStack swift via the Amazon S3 API.

Features

  • Support AWS Signature Version 2, 4 (Version 4 is ready for only keystone)
  • Support Services APIs (GET)
  • Support Bucket APIs (GET/PUT/DELETE/HEAD)
  • Support Object APIs (GET/PUT/DELETE/HEAD)
  • Support Multipart Upload (required SLO middleware support)
  • Support S3 ACL (under development)

Install

  1. Install Swift3 with sudo python setup.py install or sudo python setup.py develop or via whatever packaging system you may be using.

  2. Alter your proxy-server.conf pipeline to have swift3:

If you use tempauth:

Was::

    [pipeline:main]
    pipeline = catch_errors cache tempauth proxy-server

Change To::

    [pipeline:main]
    pipeline = catch_errors cache swift3 tempauth proxy-server

To support Multipart Upload::

    [pipeline:main]
    pipeline = catch_errors cache swift3 tempauth slo proxy-server

If you use keystone:

Was::

    [pipeline:main]
    pipeline = catch_errors cache authtoken keystone proxy-server

Change To::

    [pipeline:main]
    pipeline = catch_errors cache swift3 s3token authtoken keystoneauth proxy-server

To support Multipart Upload::

    [pipeline:main]
    pipeline = catch_errors cache swift3 s3token authtoken keystoneauth slo proxy-server

Note:

  • The authtoken filter requires the keystonemiddleware package.
  • Swift3 explicitly checks that keystoneauth is in the pipeline. You must use this name in the pipeline statement and in [filter:keystoneauth] section header.
  1. Add to your proxy-server.conf the section for the Swift3 WSGI filter::

    [filter:swift3] use = egg:swift3#swift3

You also need to add the following if you use keystone (adjust port, host, protocol configurations for your environment):

[filter:s3token]
use = egg:swift3#s3token
auth_uri = http://127.0.0.1:35357/
  1. Swift3 config options:

You can find a proxy config example in swift3/etc/proxy-server.conf-sample.

# Swift has no concept of the S3's resource owner; the resources
# (i.e. containers and objects) created via the Swift API have no owner
# information. This option specifies how the swift3 middleware handles them
# with the S3 API.  If this option is 'false', such kinds of resources will be
# invisible and no users can access them with the S3 API.  If set to 'true',
# the resource without owner is belong to everyone and everyone can access it
# with the S3 API.  If you care about S3 compatibility, set 'false' here.  This
# option makes sense only when the s3_acl option is set to 'true' and your
# Swift cluster has the resources created via the Swift API.
allow_no_owner = false

# Set a region name of your Swift cluster.  Note that Swift3 doesn't choose a
# region of the newly created bucket actually.  This value is used only for the
# GET Bucket location API.
location = US

# Set the default maximum number of objects returned in the GET Bucket
# response.
max_bucket_listing = 1000

# Set the maximum number of objects we can delete with the Multi-Object Delete
# operation.
max_multi_delete_objects = 1000

# If set to 'true', Swift3 uses its own metadata for ACL
# (e.g. X-Container-Sysmeta-Swift3-Acl) to achieve the best S3 compatibility.
# If set to 'false', Swift3 tries to use Swift ACL (e.g. X-Container-Read)
# instead of S3 ACL as far as possible.  If you want to keep backward
# compatibility with Swift3 1.7 or earlier, set false here
# If set to 'false' after set to 'true' and put some container/object,
# all users will be able to access container/object.
# Note that s3_acl doesn't keep the acl consistency between S3 API and Swift
# API. (e.g. when set s3acl to true and PUT acl, we won't get the acl
# information via Swift API at all and the acl won't be applied against to
# Swift API even if it is for a bucket currently supported.)
# Note that s3_acl currently supports only keystone and tempauth.
# DON'T USE THIS for production before enough testing for your use cases.
# This stuff is still under development and it might cause something
# you don't expect.
s3_acl = false

# Specify a host name of your Swift cluster.  This enables virtual-hosted style
# requests.
storage_domain =

Functional and Unit Tests

We provide functional/unit tests to make swift3 middleware more stable.

For Ubuntu 12.04
$ sudo apt-get install python-dev python-pip libffi-dev libssl-dev libxml2-dev libxslt1-dev
$ sudo pip install tox

# Run unit tests with Python 2.7
$ tox -e py27

# Run functional tests with tempauth
$ tox -e tempauth

# Run functional tests with s3token, keystoneauth and keystone
$ tox -e keystone

# Run all tests
$ tox

# For developer, please run unit tests and syntax check tests before summit path
$ tox -e pylint -e pep8 -e py27