da01dd7bd0
This patch fixes the order of the middlewares defined in the Swift proxy server pipeline. Sources for the order: https://github.com/openstack/swift/blob/master/etc/proxy-server.conf-sample#L91-L99 http://docs.openstack.org/developer/swift/middleware.html# https://github.com/openstack/swift3/blob/master/etc/proxy-server.conf-sample#L9 https://github.com/openstack/ceilometermiddleware/blob/master/ceilometermiddleware/swift.py#L21-L22 These are all values in order: 10 catch_errors 20 gatekeeper 30 healthcheck 40 (reserved for proxy_logging, see below) 50 cache 60 container_sync 70 swift3 80 s3token 90 ratelimit 100 crossdomain 110 bulk 120 tempurl 130 formpost 140 copy 150 tempauth 160 swauth 170 authtoken 180 keystone 190 staticweb 200 copy 210 account_quotas 220 container_quotas 230 slo 240 dlo 250 versioned_writes 260 ceilometer 270 proxy-logging 280 proxy-server The copy and versioned_writes middlewares have been added too. The proxy_logging should be added a second time at position 40, but the actual value is 270 to have the final proxy-logging just before the proxy-server. Also renamed the suffix 'swauth' in the 'tempauth' manifest to be 'tempauth'; 'swauth' is used in a different manifest. Closes-Bug: 1618514 Change-Id: I99433720e32dc3557b809c8d42ce3d5981c199c3
46 lines
1.2 KiB
Puppet
46 lines
1.2 KiB
Puppet
#
|
|
# This class can be set to manage keystone middleware for swift proxy
|
|
#
|
|
# == Parameters
|
|
#
|
|
# [*operator_roles*]
|
|
# (Optional) a list of keystone roles a user must have to gain access to Swift.
|
|
# Defaults to ['admin', 'SwiftOperator']
|
|
# Must be an array of strings
|
|
# Swift operator roles must be defined in swift::keystone::auth because
|
|
# keystone API access is usually not available on Swift proxy nodes.
|
|
#
|
|
# [*reseller_prefix*]
|
|
# (Optional) The prefix used for reseller URL.
|
|
# Defaults to 'AUTH_'
|
|
#
|
|
# DEPRECATED PARAMETERS
|
|
# [*is_admin*]
|
|
# Deprecated, this parameter does nothing.
|
|
#
|
|
# == Authors
|
|
#
|
|
# Dan Bode dan@puppetlabs.com
|
|
# Francois Charlier fcharlier@ploup.net
|
|
#
|
|
class swift::proxy::keystone(
|
|
$operator_roles = ['admin', 'SwiftOperator'],
|
|
$reseller_prefix = 'AUTH_',
|
|
# DEPRECATED PARAMETERS
|
|
$is_admin = undef
|
|
) {
|
|
|
|
include ::swift::deps
|
|
|
|
if $is_admin {
|
|
warning('is_admin parameter is deprecated, has no effect and will be removed in a future release.')
|
|
}
|
|
|
|
concat::fragment { 'swift_keystone':
|
|
target => '/etc/swift/proxy-server.conf',
|
|
content => template('swift/proxy/keystone.conf.erb'),
|
|
order => '180',
|
|
}
|
|
|
|
}
|