CODEWITHSUNDEEP
authenticationtokenopenstackopenstack-swiftkeystone
Skynet
Skynet

Reputation: 657

Integrating Swift and Keystone

I have swift-proxy and keystone installed in a multi-node environment.

When I try to curl for a token, keystone returns the token successfully

curl -d '{"auth":{"passwordCredentials":{"username": "swift", "password": "swift"}}}' -H "Content-type: application/json" http://host_ip:35357/v2.0/tokens

returns successfully with 

{"access": {"token": {"expires": "2012-09-16T20:50:45Z", "id": "43ffcfed72a441e69c12c53b82cd4017"}, "serviceCatalog": {}, "user": {"username": "swift", "roles_links": [], "id": "090faedcf3e641ec9ad39babbc68bc8f", "roles": [], "name": "swift"}}}

When I try running some swift commands, the command just hangs and does not return. 

swift -V 2 -A http://host_ip:5000/v2.0 -U service:swift -K swift stat

I see the following log in the keystone logs

2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] ******************** REQUEST ENVIRON ********************
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] SCRIPT_NAME = /v2.0
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] webob.adhoc_attrs = {'response': <Response at 0x20a66d0 200 OK>}
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] REQUEST_METHOD = POST
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] PATH_INFO = /tokens
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] SERVER_PROTOCOL = HTTP/1.0
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] CONTENT_LENGTH = 102
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] eventlet.posthooks = []
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] RAW_PATH_INFO = /v2.0/tokens
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] REMOTE_ADDR = swift_proxy_ip
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] eventlet.input = <eventlet.wsgi.Input object at 0x207ee10>
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] wsgi.url_scheme = http
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] SERVER_PORT = 5000
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] wsgi.input = <cStringIO.StringI object at 0x22349f0>
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] openstack.context = {'token_id': None, 'is_admin': False}
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] HTTP_HOST = keystone_host_ip:5000
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] wsgi.multithread = True
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] openstack.params = {u'auth': {u'tenantName': u'service', u'passwordCredentials': {u'username': u'swift', u'password': u'swift'}}}
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] wsgi.version = (1, 0)
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] SERVER_NAME = swift_proxy_ip
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] GATEWAY_INTERFACE = CGI/1.1
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] wsgi.run_once = False
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] wsgi.errors = <open file '<stderr>', mode 'w' at 0x7f2a86a3e1e0>
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] wsgi.multiprocess = False
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] webob.is_body_seekable = True
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] CONTENT_TYPE = application/json
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] HTTP_ACCEPT_ENCODING = identity
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] 
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] ******************** REQUEST BODY ********************
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] {"auth": {"tenantName": "service", "passwordCredentials": {"username": "swift", "password": "swift"}}}
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] 
2012-09-15 23:54:09    DEBUG [routes.middleware] Matched POST /tokens
2012-09-15 23:54:09    DEBUG [routes.middleware] Route path: '{path_info:.*}', defaults: {'controller': <keystone.service.PublicRouter object at 0x1d29a10>}
2012-09-15 23:54:09    DEBUG [routes.middleware] Match dict: {'controller': <keystone.service.PublicRouter object at 0x1d29a10>, 'path_info': '/tokens'}
2012-09-15 23:54:09    DEBUG [routes.middleware] Matched POST /tokens
2012-09-15 23:54:09    DEBUG [routes.middleware] Route path: '/tokens', defaults: {'action': u'authenticate', 'controller': <keystone.service.TokenController object at 0x1d29b50>}
2012-09-15 23:54:09    DEBUG [routes.middleware] Match dict: {'action': u'authenticate', 'controller': <keystone.service.TokenController object at 0x1d29b50>}
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] arg_dict: {}
2012-09-15 23:54:09    DEBUG [root] TOKEN_REF {'id': 'e7846e13518f46f192d89216f4c1a79f', 'expires': datetime.datetime(2012, 9, 16, 20, 54, 9, 786881), 'user': {u'tenantId': u'dfb8e05385a6481892f259c7ea72df02', u'enabled': True, u'email': u'[email protected]', 'name': u'swift', 'id': u'090faedcf3e641ec9ad39babbc68bc8f'}, 'tenant': {u'description': None, u'enabled': True, 'id': u'dfb8e05385a6481892f259c7ea72df02', 'name': u'service'}, 'metadata': {u'roles': [u'b54e958ad08f4585885a325fcaa773e5', u'4f3ae4562e424dcfa9542b1794637f4a']}}
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] ******************** RESPONSE HEADERS ********************
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] Content-Type = application/json
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] Vary = X-Auth-Token
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] Content-Length = 789
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] 
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] ******************** RESPONSE BODY ********************
2012-09-15 23:54:09    DEBUG [keystone.common.wsgi] {"access": {"token": {"expires": "2012-09-16T20:54:09Z", "id": "e7846e13518f46f192d89216f4c1a79f", "tenant": {"description": null, "enabled": true, "id": "dfb8e05385a6481892f259c7ea72df02", "name": "service"}}, "serviceCatalog": [{"endpoints": [{"adminURL": "http://swift_proxy_ip:8080", "region": "RegionOne", "internalURL": "http://swift_proxy_ip:8080/v1/AUTH_dfb8e05385a6481892f259c7ea72df02", "publicURL": "http://swift_proxy_ip:8080/v1/AUTH_dfb8e05385a6481892f259c7ea72df02"}], "endpoints_links": [], "type": "object-store", "name": "swift"}], "user": {"username": "swift", "roles_links": [], "id": "090faedcf3e641ec9ad39babbc68bc8f", "roles": [{"id": "b54e958ad08f4585885a325fcaa773e5", "name": "Member"}, {"id": "4f3ae4562e424dcfa9542b1794637f4a", "name": "admin"}], "name": "swift"}}}
2012-09-15 23:54:09    DEBUG [eventlet.wsgi.server] host_ip - - [15/Sep/2012 23:54:09] "POST /v2.0/tokens HTTP/1.1" 200 918 0.059865

Is there something I am missing in the command ? I notice similar behavior for the following commands too - when I try to upload files to a container and list them

swift -V 2 -A http://keystone_host_ip:5000/v2.0 -U service:swift -K swift upload myfiles test.txt

swift -V 2 -A http://keystone_host_ip:5000/v2.0 -U service:swift -K swift list myfiles

Upvotes: 2

Views: 2821

Answers (1)

fgakk
fgakk

Reputation: 1307

From your request i guess you are trying to connect to a tenant name service. However from your token with curl on the response there has to be information about the tenant info and endpoints. You have to add endpoint for the service tenant with the following command.

keystone --token {admin_token} --endpoint http://keystone_host:35357/v2.0 endpoint-create --region RegionOne --service_id={id of storage service}  --publicurl=http://proxy_host:8080/v1/AUTH_{tenant-id} --internalurl=http://proxy_host:8080/v1/AUTH_{tenant-id} --adminurl=http://proxy_host:8080

Before that you have to define a service on the keystone for swift.You can check the documentation for more information they have improved it a lot compared to previous version.

http://docs.openstack.org/essex/openstack-compute/install/apt/content/

Upvotes: 2

Related Questions