[Openstack-operators] Accessing Swift via S3-API(boto) using Keystone authentication.
Salman Toor
salman.toor at it.uu.se
Tue Aug 12 06:42:54 UTC 2014
Hi again,
Thanks yes its working now. But I remembered that 2 years ago when I used the S3 API we don't need to generate AWS credentials using an explicit commend. Is it something that has been changes or I miss understood last time?
/Salman.
On Aug 12, 2014, at 6:48 AM, M Ranga Swami Reddy wrote:
> Use the "keystone ec2-credentials-list" to get the access id and
> secret_key. And use the same to access Swift S3.
>
> $ keystone ec2-credentials-list
>
> +--------+----------------------------------+----------------------------------+
> | tenant | access | secret |
> +--------+----------------------------------+----------------------------------+
> | admin | bf0551537a98b5 | 16e5cd7fc623f405991 |
> | demo | 2efbca009372433 | ab1eac986c589231a4 |
> +--------+----------------------------------+----------------------------------+
>
> On Tue, Aug 12, 2014 at 2:49 AM, Salman Toor <salman.toor at it.uu.se> wrote:
>> Hi,
>>
>> I am hard time accessing my swift store via boto. Command-line and dashboard
>> works fine I have included s3token middleware as well. I am using Havana
>> release.
>>
>> The error is at keystone log file
>>
>> 2014-08-11 22:28:39.915 22694 WARNING keystone.common.wsgi [-] Could not
>> find credential, 8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6
>>
>> I am not sure about the "access_key_id" and "secret_access_key", using
>> following:
>>
>> aws_access_key_id='<tenant-name>:<user-name>',
>> aws_secret_access_key='<user-password>'
>>
>> is this correct?
>>
>> proxy-service.conf
>> ----
>> [pipeline:main]
>> pipeline = catch_errors cache healthcheck swift3 s3token authtoken keystone
>> proxy-server
>>
>> [filter:s3token]
>> paste.filter_factory = keystoneclient.middleware.s3_token:filter_factory
>> auth_port = 35357
>> auth_host = keystone-hostname
>> auth_protocol = http
>>
>>
>> [filter:swift3]
>> use = egg:swift3#swift3
>>
>> [app:proxy-server]
>> use = egg:swift#proxy
>> allow_account_management = true
>> account_autocreate = true
>>
>> [filter:cache]
>> use = egg:swift#memcache
>> memcache_servers = 10.0.11.245:11211
>>
>> [filter:catch_errors]
>> use = egg:swift#catch_errors
>>
>> [filter:healthcheck]
>> use = egg:swift#healthcheck
>>
>> [filter:keystone]
>> use = egg:swift#keystoneauth
>> operator_roles = admin,_member_,SwiftOperator
>> is_admin = true
>> cache = swift.cache
>>
>> [filter:authtoken]
>> paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
>>
>> ----
>>
>> keystone.conf (s3_extension is not in the public api-- )
>> -----
>> [filter:s3_extension]
>> paste.filter_factory = keystone.contrib.s3:S3Extension.factory
>>
>> [pipeline:public_api]
>> pipeline = stats_monitoring url_normalize token_auth admin_token_auth
>> xml_body json_body debug ec2_extension user_crud_extension public_service
>>
>> [pipeline:admin_api]
>> pipeline = stats_monitoring url_normalize token_auth admin_token_auth
>> xml_body json_body debug stats_reporting ec2_extension s3_extension
>> crud_extension admin_service
>>
>> -----
>>
>> Any hint will be appreciated.
>>
>> /Salman.
>>
>>
>> _______________________________________________
>> OpenStack-operators mailing list
>> OpenStack-operators at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>
More information about the OpenStack-operators
mailing list