Hi,<br><br>I've built an OpenStack (Folsom) demo VM (Ubuntu 12.10) and manually installed Swift. I am trying to get Swift to use Keystone for authentication, but am having trouble finding what I need to do to the /etc/swift/swift-proxy.conf file. The instructions I have been following say I should "Configure the paste file for swift-proxy
(`/etc/swift/swift-proxy.conf`)", but I don't know what needs to be done. The document I am following is here: <a href="http://docs.openstack.org/folsom/openstack-compute/admin/content/configuring-swift-to-use-keystone.html" target="_blank">http://docs.openstack.org/folsom/openstack-compute/admin/content/configuring-swift-to-use-keystone.html</a><br>
<br>I've only been using OpenStack for about a week, so my apologies if this is obvious, but I can't figure it out. I've tried googling the config file, but I just get the document I am using (or the previous Wessex version) and there's no sample file in the Swift distribution.<br>
<br>The second config file I need to edit is the /etc/swift/proxy-swift.conf file. I have a couple of questions about this too. There's a section I need to paste into it as follows:<br><br>===<br>[filter:authtoken]<br>
paste.filter_factory = keystone.middleware.auth_token:filter_factory<br># Delaying the auth decision is required to support token-less<br># usage for anonymous referrers ('.r:*').<br>delay_auth_decision = 10<br>service_port = 5000<br>
service_host = 127.0.0.1<br>auth_port = 35357<br>auth_host = 127.0.0.1<br>auth_protocol = http<br>auth_uri = <a href="http://127.0.0.1:5000/" target="_blank">http://127.0.0.1:5000/</a><br>auth_token = 012345SECRET99TOKEN012345<br>
admin_token = 012345SECRET99TOKEN012345<br>
admin_tenant_name = service<br>admin_user = swift<br>admin_password = swift<br>===<br><br>Do I need to change the auth port? I can run the following command successfully:<br><br>===<br>root@openstack02:/home/stack/bin# curl -v -H 'X-Storage-User:
admin:admin' -H 'X-Storage-Pass: admin' <a href="http://127.0.0.1:8080/auth/v1.0" target="_blank">http://127.0.0.1:8080/auth/v1.0</a><br>* About to connect() to 127.0.0.1 port 8080 (#0)<br>* Trying 127.0.0.1...<br>
* connected<br>
* Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0)<br>> GET /auth/v1.0 HTTP/1.1<br>> User-Agent: curl/7.27.0<br>> Host: <a href="http://127.0.0.1:8080" target="_blank">127.0.0.1:8080</a><br>> Accept: */*<br>
> X-Storage-User: admin:admin<br>
> X-Storage-Pass: admin<br>><br>* additional stuff not fine transfer.c:1037: 0 0<br>* HTTP 1.1 or later with persistent connection, pipelining supported<br>< HTTP/1.1 200 OK<br>< X-Storage-Url: <a href="http://127.0.0.1:8080/v1/AUTH_admin" target="_blank">http://127.0.0.1:8080/v1/AUTH_admin</a><br>
< X-Auth-Token: AUTH_tk0022e539fae64647883b9fa529311982<br>< Content-Type: text/html; charset=UTF-8<br>< X-Storage-Token: AUTH_tk0022e539fae64647883b9fa529311982<br>< Content-Length: 0<br>< Date: Wed, 28 Feb 2013 15:00:02 GMT<br>
<<br>* Connection #0 to host 127.0.0.1 left intact<br>* Closing connection #0<br>root@openstack02:/home/stack/bin#<br>===<br><br>So does that mean by auth_port is 8080? I assume that the X-Auth-Token is both the admin_token and auth_token? Is the admin_user (given the example above) going to be "admin:admin"?<br>
<br>Any assistance would very much be appreciated!<br><br>Regards,<br>Julian.<br>
<br>