Add support for Swift S3 API
This feature is disabled by default, and can be enabled by setting 'enable_swift_s3api' to 'true' in globals.yml. Two middlewares are required for Swift S3 - s3api and s3token. Additionally, we need to configure the authtoken middleware to delay auth decisions to give s3token a chance to authorise requests using EC2 credentials. Change-Id: Ib8e8e3a1c2ab383100f3c60ec58066e588d3b4db
This commit is contained in:
parent
41e634e204
commit
d72b27f2d1
@ -617,6 +617,7 @@ enable_skydive: "no"
|
|||||||
enable_solum: "no"
|
enable_solum: "no"
|
||||||
enable_storm: "{{ enable_monasca | bool }}"
|
enable_storm: "{{ enable_monasca | bool }}"
|
||||||
enable_swift: "no"
|
enable_swift: "no"
|
||||||
|
enable_swift_s3api: "no"
|
||||||
enable_tacker: "no"
|
enable_tacker: "no"
|
||||||
enable_telegraf: "no"
|
enable_telegraf: "no"
|
||||||
enable_tempest: "no"
|
enable_tempest: "no"
|
||||||
|
@ -64,7 +64,9 @@ swift_admin_tenant_name: "admin"
|
|||||||
swift_devices_mount_point: "/srv/node"
|
swift_devices_mount_point: "/srv/node"
|
||||||
swift_devices_match_mode: "strict"
|
swift_devices_match_mode: "strict"
|
||||||
swift_devices_name: "KOLLA_SWIFT_DATA"
|
swift_devices_name: "KOLLA_SWIFT_DATA"
|
||||||
swift_delay_auth_decision: "False"
|
# For S3 API we need to defer the auth decision to allow s3api and s3token
|
||||||
|
# middlewares to process requests using EC2 credentials.
|
||||||
|
swift_delay_auth_decision: "{{ enable_swift_s3api | bool }}"
|
||||||
|
|
||||||
# Boolean, true if there is a dedicated replication network.
|
# Boolean, true if there is a dedicated replication network.
|
||||||
swift_has_replication_network: "{{ swift_storage_interface != swift_replication_interface }}"
|
swift_has_replication_network: "{{ swift_storage_interface != swift_replication_interface }}"
|
||||||
|
@ -10,7 +10,7 @@ log_level = {{ swift_log_level }}
|
|||||||
workers = {{ openstack_service_workers }}
|
workers = {{ openstack_service_workers }}
|
||||||
|
|
||||||
[pipeline:main]
|
[pipeline:main]
|
||||||
pipeline = catch_errors gatekeeper healthcheck cache container_sync bulk tempurl ratelimit authtoken keystoneauth container_quotas account_quotas slo dlo {% if enable_ceilometer | bool %}ceilometer {% endif %}proxy-server
|
pipeline = catch_errors gatekeeper healthcheck cache container_sync bulk tempurl ratelimit authtoken {% if enable_swift_s3api | bool %}s3api s3token {% endif %}keystoneauth container_quotas account_quotas slo dlo {% if enable_ceilometer | bool %}ceilometer {% endif %}proxy-server
|
||||||
|
|
||||||
[app:proxy-server]
|
[app:proxy-server]
|
||||||
use = egg:swift#proxy
|
use = egg:swift#proxy
|
||||||
@ -91,3 +91,12 @@ use = egg:swift#dlo
|
|||||||
[filter:versioned_writes]
|
[filter:versioned_writes]
|
||||||
use = egg:swift#versioned_writes
|
use = egg:swift#versioned_writes
|
||||||
allow_versioned_writes = True
|
allow_versioned_writes = True
|
||||||
|
|
||||||
|
{% if enable_swift_s3api | bool %}
|
||||||
|
[filter:s3api]
|
||||||
|
use = egg:swift#s3api
|
||||||
|
|
||||||
|
[filter:s3token]
|
||||||
|
use = egg:swift#s3token
|
||||||
|
www_authenticate_uri = {{ keystone_internal_url }}/v3
|
||||||
|
{% endif %}
|
||||||
|
@ -1,8 +1,8 @@
|
|||||||
.. _swift-guide:
|
.. _swift-guide:
|
||||||
|
|
||||||
=============================
|
==============================
|
||||||
Swift- Object storage service
|
Swift - Object storage service
|
||||||
=============================
|
==============================
|
||||||
|
|
||||||
Overview
|
Overview
|
||||||
~~~~~~~~
|
~~~~~~~~
|
||||||
@ -266,3 +266,12 @@ A very basic smoke test:
|
|||||||
| Containers | 1 |
|
| Containers | 1 |
|
||||||
| Objects | 1 |
|
| Objects | 1 |
|
||||||
+------------+---------------------------------------+
|
+------------+---------------------------------------+
|
||||||
|
|
||||||
|
S3 API
|
||||||
|
~~~~~~
|
||||||
|
|
||||||
|
The Swift S3 API can be enabled by setting ``enable_swift_s3api`` to ``true``
|
||||||
|
in ``globals.yml``. It is disabled by default. In order to use this API it is
|
||||||
|
necessary to obtain EC2 credentials from Keystone. See the `Swift documentation
|
||||||
|
<https://docs.openstack.org/swift/latest/middleware.html#module-swift.common.middleware.s3api.s3api>`__
|
||||||
|
for details.
|
||||||
|
4
releasenotes/notes/swift-s3api-2b51917b169fff78.yaml
Normal file
4
releasenotes/notes/swift-s3api-2b51917b169fff78.yaml
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
Adds support for the Swift S3 API, enabled via the ``enable_swift_s3api`` flag.
|
Loading…
Reference in New Issue
Block a user