swift/doc/source/install/controller-include.txt
wangqi 708b24aef1 Deprecate auth_uri option
Option auth_uri from group keystone_authtoken is deprecated[1].
Use option www_authenticate_uri from group keystone_authtoken.

[1]https://review.openstack.org/#/c/508522/

Change-Id: I43bbc8b8c986e54a9a0829a0631d78d4077306f8
2018-04-18 02:07:11 +00:00

85 lines
2.2 KiB
Plaintext

Edit the ``/etc/swift/proxy-server.conf`` file and complete the
following actions:
* In the ``[DEFAULT]`` section, configure the bind port, user, and
configuration directory:
.. code-block:: none
[DEFAULT]
...
bind_port = 8080
user = swift
swift_dir = /etc/swift
* In the ``[pipeline:main]`` section, remove the ``tempurl`` and
``tempauth`` modules and add the ``authtoken`` and ``keystoneauth``
modules:
.. code-block:: none
[pipeline:main]
pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk ratelimit authtoken keystoneauth container-quotas account-quotas slo dlo versioned_writes proxy-logging proxy-server
.. note::
Do not change the order of the modules.
.. note::
For more information on other modules that enable additional features,
see the `Deployment Guide <https://docs.openstack.org/swift/latest/deployment_guide.html>`__.
* In the ``[app:proxy-server]`` section, enable automatic account creation:
.. code-block:: console
[app:proxy-server]
use = egg:swift#proxy
...
account_autocreate = True
* In the ``[filter:keystoneauth]`` section, configure the operator roles:
.. code-block:: console
[filter:keystoneauth]
use = egg:swift#keystoneauth
...
operator_roles = admin,user
* In the ``[filter:authtoken]`` section, configure Identity service access:
.. code-block:: none
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
...
www_authenticate_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = swift
password = SWIFT_PASS
delay_auth_decision = True
Replace ``SWIFT_PASS`` with the password you chose for the ``swift`` user
in the Identity service.
.. note::
Comment out or remove any other options in the ``[filter:authtoken]``
section.
* In the ``[filter:cache]`` section, configure the ``memcached`` location:
.. code-block:: none
[filter:cache]
use = egg:swift#memcache
...
memcache_servers = controller:11211