24 Commits

Author SHA1 Message Date
Lukas Bezdicka
9d592f61e4 Add swift::proxy::crossdomain class
Change-Id: Ie7e5dfc3732ad552063293f16aa04a791bc5add8
swift::proxy::crossdomain class is used to configure crossdomain middleware.
2014-06-03 16:00:01 +02:00
Chris Ricker
a20a178c42 Fix swift quota filter names
Align account_quotas and container_quotas filter names to prevent
swift-proxy from tracing back when quotas are enabled.

Change-Id: I835b05fa5d9eb1fb00cc8309d78bafcd4969d0d3
Closes-Bug: #1323761
2014-05-27 13:17:55 -04:00
Jenkins
23119310ac Merge "Add proxyserver gatekeeper middleware" 2014-03-14 21:04:33 +00:00
Xingchao Yu
69f677de0b Add swift::proxy::slo class
swift::proxy::slo class is used to configure proxy slo middleware.

Change-Id: Ic751d2e89de39478b55e3323ddf220610b1b7541
Implements: blueprint icehouse-proxyserver-middlewares
2014-02-10 23:07:24 +08:00
Xingchao Yu
e2c9415a35 Add proxyserver gatekeeper middleware
swift::proxy::gatekeeper class will be used to configure
gatekeeper middlerware.

Change-Id: I2f90ae41ba98f9b7d2bd7f3c5ed92fdbcd8fa999
Implements: blueprint icehouse-proxyserver-middlewares
2014-02-10 12:13:43 +08:00
Emilien Macchi
2fc0354936 Set include_service_catalog to False
include_service_catalog is a parameter in swift authtoken configuration.
Set to False improves performances.

Closes-Bug #1257738
Signed-off-by: Emilien Macchi <emilien.macchi@enovance.com>

Change-Id: Ie5dd2de45fce79e4da7ccb5b37d7c69ee1cb5198
2013-12-09 11:45:20 +01:00
Chmouel Boudjnah
000d63b654 Fix auth_token configuration.
- cache=swift.cache need to be in auth_token configuration not in
  keystoneauth.
- Make auth_token using the same facility for logging than main swift.

Closes-Bug: #1254487

Change-Id: If5a09da4d18f247dc42b99e6f666bc2867d06dcb
2013-11-24 18:52:48 +01:00
Jenkins
328a805f1a Merge "Add Bulk middleware support" 2013-11-19 22:52:26 +00:00
Emilien Macchi
c7a6239b9b Add Bulk middleware support
Bring Bulk middleware configurable in module.

Change-Id: Iddec3f50402e6e2536fb7586f4966c06a1b75831
Signed-off-by: Emilien Macchi <emilien.macchi@enovance.com>
2013-11-18 21:07:31 +01:00
Emilien Macchi
4157cb9a41 Add Quota middlewares support
Two middlewares exist for managing quotas:
- account_quotas
- container_quotas

Change-Id: Ic6d539db480d8749769279b44e1f38302ac0fa62
Signed-off-by: Emilien Macchi <emilien.macchi@enovance.com>
2013-10-30 16:17:35 +01:00
Daneyon Hansen
f71d159c4d Improve Proxy Signing Directory Support
1. The signing_dir was being created on every swift node
when it's only needed on proxies:

  http://docs.openstack.org/grizzly/openstack-compute/install/apt/content/installing-and-configuring-the-proxy-node.html

2. The signing_dir was not configurable, even though
the OpenStack doc's show multiple references
(/var/cache/swift and /home/swift/keystone-signing).

Change-Id: I3eb00046fc535a32d7a1800d15489e9fe071373b
2013-08-12 18:39:15 +00:00
Dan Bode
cb2e06556d Add signing dir
Currently, my swift installation fails with the following
error message:

  [Errno 13] Permission denied: '/root/keystone-signing

and the proxy server can never service requests.

This is b/c by default the client side directory for
pki-signing seems to use $HOME. This commits sets the
directory to be /var/cache/swift/ and resolves my
swift-proxy issues.

Change-Id: Ice904a9d53432ba1a1ae9516cd0ee6204ade63bb
2013-07-29 07:21:48 -07:00
William Van Hevelingen
75e29ee2be Fix Puppet 3.2.x deprecation warnings
Change-Id: I4f6075fb189474ee071fa9b80944a5fe5c062193
2013-07-12 15:40:02 -07:00
Chris Ricker
fb293273ea Unset default signing dir
Unset default signing dir to allow the keystoneclient to set its own.
The specified /etc/swift location is not ideal and breaks on recent
keystoneclients

Change-Id: I16aadb77ee85e84645fe6745760a2c6edee49c2b
2013-06-24 19:57:24 -07:00
François Charlier
09a78bfd9d Add auth_admin_prefix and custom auth_uri params
auth_admin_prefix allows the prepend of a prefix to the URL used for
admin tasks.  See: https://review.openstack.org/#/c/7156/ for
implementation in Keystone.

auth_uri allows to specify the public authentication url (Keystone's
public endpoint) if it can't be guessed from $auth_host + $auth_protocol

Implements blueprint serve-keystone-from-wsgi

Change-Id: Ic66727f78406d70b5ab5bc07fcc074477df2303c
2013-06-05 20:50:37 +02:00
Derek Higgins
e6591fdd49 Use new keystoneclient middleware.
Change-Id: I04bba12dbe765b4ee16d026a37dbb26f737822f1
2013-05-01 06:12:19 -04:00
François Charlier
015be53c81 Add the ceilometer middleware
Change-Id: Ibcdaa1218c8d027dc3e4b6d2cd394e9d0af8c6da
2013-04-29 10:30:33 +02:00
Dan Prince
ab00ec58e2 Update keystone fragment to use egg.
Update keystone.conf.erb to use egg:swift#keystoneauth.

This resolves issues in trying to configure keystone with the
latest Swift releases.

Change-Id: Idf160eb143150bed9a9c7081a6900c6169887be8
2013-04-11 10:03:43 -04:00
Mehdi Abaakouk
3ac424cc42 Add some middlewares (tempurl, staticweb, formpost) 2012-11-16 19:16:08 +01:00
Joe Topjian
020b7723cb Several changes:
* `python-swiftclient` is now installed by default.
* Fixed swift3.
* Fixed s3token.
* Recreated authtoken - it used to be configured in the Keystone module.
* Created proxy-logging filter
2012-11-01 17:48:12 -06:00
Sergio Rubio
b1192564ea String no longer has '.to_a', fixes compatibility with ruby 1.9,
I believe the following patch fixes compat with ruby 1.9 while
preserving behaviour. The following test was broken:

      1) swift::proxy::cache with overridden memcache server
         Failure/Error: it { should contain_file(fragment_file).with_content(/memcache_servers = 10\.0\.0\.1:1/) }
         Puppet::Error:
           Failed to parse template swift/proxy/cache.conf.erb:
             Filepath: /tmp/puppetlabs-swift/spec/fixtures/modules/swift/templates/proxy/cache.conf.erb
             Line: 3
             Detail: undefined method `to_a' for "10.0.0.1:1":String
            at /tmp/puppetlabs-swift/spec/fixtures/modules/swift/manifests/proxy/cache.pp:32 on node blueleaf
         # ./spec/classes/swift_proxy_cache_spec.rb:39:in `block (3 levels) in <top (required)>'
2012-09-24 20:07:51 +02:00
François Charlier
caad4e3732 Implement additional proxy middlewares
This commit implements additional proxy middlewares
  - catch_errors - handles errors
  - ratelimit    - limits incoming requests
  - s3token - misddleware for s3auth
  - swift3 - implement swift APIs

These middlewares needed to be modeled b/c they
are configurable interfaces that needed to be
configurable via Puppet.
2012-06-04 13:47:52 -07:00
François Charlier
2304e86317 The “operator_roles” list should be coma separated
As seen in the documentation :
https://github.com/openstack/keystone/blob/master/doc/source/configuringservices.rst#configuring-swift-to-use-keystone
2012-05-14 21:59:00 +02:00
Dan Bode
24a01d1bea Implement proxy pipline into fragments
The swift pipeline is commonly used to plug
capabilities in.

This pipeline should be implemented in a way that
is easier to extend as people desire additional
pipelines.

This commit implements classes that can be used
to configure the following pipelines:
  - proxy::cache
  - proxy::healthcheck
  - proxy::keystone
  - proxy::swauth

It also reimplements swift::proxy to utilize those
pipelines for configuration.
2012-04-22 12:11:27 -07:00