Open Stack

Hi ,
 Thanks Dolph for your reply. I applied your suggestion and executed the
command as "curl -k -v -H 'X-Storage-User: openstackDemo:adminUser' -H
'X-Storage-Pass: 1234qwer' http://192.168.20.7:5000/v2.0/" . Now there was
no error but to my surprise, I didn't get the Auth-token and the
Storage-Url as was required to execute the next command.

The output of the command is as follows:

hp2:/etc/swift # curl -k -v -H 'X-Storage-User: openstackDemo:adminUser' -H
'X-Storage-Pass: 1234qwer' http://192.168.20.7:5000/v2.0/
* About to connect() to 192.168.20.7 port 5000 (#0)
*   Trying 192.168.20.7...
* connected
* Connected to 192.168.20.7 (192.168.20.7) port 5000 (#0)
> GET /v2.0/ HTTP/1.1
> User-Agent: curl/7.22.0 (x86_64-unknown-linux-gnu) libcurl/7.25.0
OpenSSL/1.0.1c zlib/1.2.5 libidn/1.22 libssh2/1.4.0
> Host: 192.168.20.7:5000
> Accept: */*
> X-Storage-User: openstackDemo:adminUser
> X-Storage-Pass: 1234qwer
>
< HTTP/1.1 200 OK
< Content-Type: application/json
< Vary: X-Auth-Token
< Content-Length: 610
< Date: Sun, 17 Jun 2012 08:10:01 GMT
<
* Connection #0 to host 192.168.20.7 left intact
* Closing connection #0
{"version": {"status": "beta", "updated": "2011-11-19T00:00:00Z",
"media-types": [{"base": "application/json", "type":
"application/vnd.openstack.identity-v2.0+json"}, {"base":
"application/xml", "type": "application/vnd.openstack.identity-v2.0+xml"}],
"id": "v2.0", "links": [{"href": "http://localhost:5000/v2.0/", "rel":
"self"}, {"href": "
http://docs.openstack.org/api/openstack-identity-service/2.0/content/",
"type": "text/html", "rel": "describedby"}, {"href": "
http://docs.openstack.org/api/openstack-identity-service/2.0/identity-dev-guide-2.0.pdf",
"type": "application/pdf", "rel": "describedby"}]}}

Can anybody help me with this??
Thanks in advance.

--Udit Agarwal


On Sun, Jun 17, 2012 at 1:46 AM, Dolph Mathews <dolph.mathews at gmail.com>wrote:

> The URL http://192.168.20.7:5000/auth/v1.0 is not one supported by
> keystone; does that command work if you use http://<AUTH_HOSTNAME>:5000
> /v2.0 instead?
>
> For anyone interested, direct link to the doc in question:
> http://docs.openstack.org/essex/openstack-compute/install/apt/content/verify-swift-installation.html
>
> -Dolph
>
> On Sat, Jun 16, 2012 at 6:04 AM, udit agarwal <fzdudit at gmail.com> wrote:
>
>> Hi,
>>   I am setting up openstack in my lab. I followed the manual
>> http://docs.openstack.org/essex/openstack-compute/install/apt/content/for installing & configuring it. I have already setup keystone, glance and
>> swift all well on my system. But I am having problems in setting up swift.
>> The command  "swift -V 2.0 -A http://192.168.20.7:5000/v2.0 -U
>> openstackDemo:adminUser -K 1234qwer stat"   worked fine. But when I
>> executed the command "curl -k -v -H 'X-Storage-User:
>> openstackDemo:adminUser' -H 'X-Storage-Pass: 1234qwer'
>> http://192.168.20.7:5000/auth/v1.0", I got the following output:
>>
>> * About to connect() to 192.168.20.7 port 5000 (#0)
>> *   Trying 192.168.20.7...
>> * connected
>> * Connected to 192.168.20.7 (192.168.20.7) port 5000 (#0)
>> > GET /auth/v1.0 HTTP/1.1
>> > User-Agent: curl/7.22.0 (x86_64-unknown-linux-gnu) libcurl/7.25.0
>> OpenSSL/1.0.1c zlib/1.2.5 libidn/1.22 libssh2/1.4.0
>> > Host: 192.168.20.7:5000
>> > Accept: */*
>> > X-Storage-User: openstackDemo:adminUser
>> > X-Storage-Pass: 1234qwer
>> >
>> < HTTP/1.1 404 Not Found
>> < Content-Length: 154
>> < Content-Type: text/html; charset=UTF-8
>> < Date: Sat, 16 Jun 2012 08:04:57 GMT
>> <
>> <html>
>>  <head>
>>   <title>404 Not Found</title>
>>  </head>
>>  <body>
>>   <h1>404 Not Found</h1>
>>   The resource could not be found.<br /><br />
>>
>>
>>
>>  </body>
>> * Connection #0 to host 192.168.20.7 left intact
>> * Closing connection #0
>>
>> My proxy-server.conf file is as follows:
>>
>> [DEFAULT]
>> # bind_ip = 0.0.0.0
>> bind_port = 8888
>> # backlog = 4096
>> # swift_dir = /etc/swift
>> #workers = 8
>> user = swift
>> #cert_file = /etc/swift/cert.crt
>> #key_file = /etc/swift/cert.key
>> # expiring_objects_container_divisor = 86400
>> # You can specify default log routing here if you want:
>> # log_name = swift
>> # log_facility = LOG_LOCAL0
>> # log_level = INFO
>>
>> [pipeline:main]
>> pipeline = catch_errors healthcheck cache authtoken keystone proxy-server
>>
>> [app:proxy-server]
>> use = egg:swift#proxy
>> # You can override the default log routing for this app here:
>> # set log_name = proxy-server
>> # set log_facility = LOG_LOCAL0
>> # set log_level = INFO
>> # set access_log_name = proxy-server
>> # set access_log_facility = LOG_LOCAL0
>> # set access_log_level = INFO
>> # set log_headers = False
>> # recheck_account_existence = 60
>> # recheck_container_existence = 60
>> # object_chunk_size = 8192
>> # client_chunk_size = 8192
>> # node_timeout = 10
>> # client_timeout = 60
>> # conn_timeout = 0.5
>> # How long without an error before a node's error count is reset. This
>> will
>> # also be how long before a node is reenabled after suppression is
>> triggered.
>> # error_suppression_interval = 60
>> # How many errors can accumulate before a node is temporarily ignored.
>> # error_suppression_limit = 10
>> # If set to 'true' any authorized user may create and delete accounts; if
>> # 'false' no one, even authorized, can.
>> #allow_account_management = true
>> # Set object_post_as_copy = false to turn on fast posts where only the
>> metadata
>> # changes are stored anew and the original data file is kept in place.
>> This
>> # makes for quicker posts; but since the container metadata isn't updated
>> in
>> # this mode, features like container sync won't be able to sync posts.
>> # object_post_as_copy = true
>> # If set to 'true' authorized accounts that do not yet exist within the
>> Swift
>> # cluster will be automatically created.
>> account_autocreate = true
>> # If set to a positive value, trying to create a container when the
>> account
>> # already has at least this maximum containers will result in a 403
>> Forbidden.
>> # Note: This is a soft limit, meaning a user might exceed the cap for
>> # recheck_account_existence before the 403s kick in.
>> # max_containers_per_account = 0
>> # This is a comma separated list of account hashes that ignore the
>> # max_containers_per_account cap.
>> # max_containers_whitelist =
>>
>> # [filter:tempauth]
>> # use = egg:swift#tempauth
>> # You can override the default log routing for this filter here:
>> # set log_name = tempauth
>> # set log_facility = LOG_LOCAL0
>> # set log_level = INFO
>> # set log_headers = False
>> # The reseller prefix will verify a token begins with this prefix before
>> even
>> # attempting to validate it. Also, with authorization, only Swift storage
>> # accounts with this prefix will be authorized by this middleware. Useful
>> if
>> # multiple auth systems are in use for one Swift cluster.
>> # reseller_prefix = AUTH
>> # The auth prefix will cause requests beginning with this prefix to be
>> routed
>> # to the auth subsystem, for granting tokens, etc.
>> # auth_prefix = /auth/
>> # token_life = 86400
>> # This is a comma separated list of hosts allowed to send
>> X-Container-Sync-Key
>> # requests.
>> # allowed_sync_hosts = 127.0.0.1
>> # This allows middleware higher in the WSGI pipeline to override auth
>> # processing, useful for middleware such as tempurl and formpost. If you
>> know
>> # you're not going to use such middleware and you want a bit of extra
>> security,
>> # you can set this to false.
>> # allow_overrides = true
>> # Lastly, you need to list all the accounts/users you want here. The
>> format is:
>> #   user_<account>_<user> = <key> [group] [group] [...] [storage_url]
>> # There are special groups of:
>> #   .reseller_admin = can do anything to any account for this auth
>> #   .admin = can do anything within the account
>> # If neither of these groups are specified, the user can only access
>> containers
>> # that have been explicitly allowed for them by a .admin or
>> .reseller_admin.
>> # The trailing optional storage_url allows you to specify an alternate
>> url to
>> # hand back to the user upon authentication. If not specified, this
>> defaults to
>> # http[s]://<ip>:<port>/v1/<reseller_prefix>_<account> where http or https
>> # depends on whether cert_file is specified in the [DEFAULT] section,
>> <ip> and
>> # <port> are based on the [DEFAULT] section's bind_ip and bind_port
>> (falling
>> # back to 127.0.0.1 and 8080), <reseller_prefix> is from this section, and
>> # <account> is from the user_<account>_<user> name.
>> # Here are example entries, required for running the tests:
>> # user_admin_admin = admin .admin .reseller_admin
>> https://192.168.20.7:8080/v1/AUTH_admin
>> # user_test_tester = testing .admin
>> https://192.168.20.7:8080/v1/AUTH_test
>> # user_test2_tester2 = testing2 .admin
>> # user_test_tester3 = testing3
>>
>>
>> # [filter:swauth]
>> #use = egg:swauth#swauth
>> #super_admin_key = 1234qwer
>> #default_swift_cluster = local#https://192.168.20.7:8080/v1
>>
>> [filter:keystone]
>> paste.filter_factory = keystone.middleware.swift_auth:filter_factory
>> operator_roles = admin, swiftoperator
>> #default_swift_cluster = local#http://192.168.20.7:5000/v1
>>
>> [filter:authtoken]
>> paste.filter_factory = keystone.middleware.auth_token:filter_factory
>> delay_auth_decision = 10
>> service_port = 5000
>> service_host = 127.0.0.1
>> auth_port = 35357
>> auth_host = 127.0.0.1
>> auth_token = ADMIN
>> admin_token = ADMIN
>> #default_swift_cluster = local#http://192.168.20.7:5000/v1
>> auth_protocol = http
>>
>> [filter:healthcheck]
>> use = egg:swift#healthcheck
>> # You can override the default log routing for this filter here:
>> # set log_name = healthcheck
>> # set log_facility = LOG_LOCAL0
>> # set log_level = INFO
>> # set log_headers = False
>>
>> [filter:cache]
>> use = egg:swift#memcache
>> # You can override the default log routing for this filter here:
>> set log_name = cache
>> # set log_facility = LOG_LOCAL0
>> # set log_level = INFO
>> # set log_headers = False
>> # Default for memcache_servers is to try to read the property from
>> # memcache.conf (see memcache.conf-sample) or lacking that file, it will
>> # default to the value below. You can specify multiple servers separated
>> with
>> # commas, as in: 10.1.2.3:11211,10.1.2.4:11211
>> #memcache_servers = 192.168.20.7:11211
>>
>> # [filter:ratelimit]
>> # use = egg:swift#ratelimit
>> # You can override the default log routing for this filter here:
>> # set log_name = ratelimit
>> # set log_facility = LOG_LOCAL0
>> # set log_level = INFO
>> # set log_headers = False
>> # clock_accuracy should represent how accurate the proxy servers' system
>> clocks
>> # are with each other. 1000 means that all the proxies' clock are
>> accurate to
>> # each other within 1 millisecond.  No ratelimit should be higher than the
>> # clock accuracy.
>> # clock_accuracy = 1000
>> # max_sleep_time_seconds = 60
>> # log_sleep_time_seconds of 0 means disabled
>> # log_sleep_time_seconds = 0
>> # allows for slow rates (e.g. running up to 5 sec's behind) to catch up.
>> # rate_buffer_seconds = 5
>> # account_ratelimit of 0 means disabled
>> # account_ratelimit = 0
>>
>> # these are comma separated lists of account names
>> # account_whitelist = a,b
>> # account_blacklist = c,d
>>
>> # with container_limit_x = r
>> # for containers of size x limit requests per second to r.  The container
>> # rate will be linearly interpolated from the values given. With the
>> values
>> # below, a container of size 5 will get a rate of 75.
>> # container_ratelimit_0 = 100
>> # container_ratelimit_10 = 50
>> # container_ratelimit_50 = 20
>>
>> # [filter:domain_remap]
>> # use = egg:swift#domain_remap
>> # You can override the default log routing for this filter here:
>> # set log_name = domain_remap
>> # set log_facility = LOG_LOCAL0
>> # set log_level = INFO
>> # set log_headers = False
>> # storage_domain = example.com
>> # path_root = v1
>> # reseller_prefixes = AUTH
>>
>> [filter:catch_errors]
>> use = egg:swift#catch_errors
>> # You can override the default log routing for this filter here:
>> # set log_name = catch_errors
>> # set log_facility = LOG_LOCAL0
>> # set log_level = INFO
>> # set log_headers = False
>>
>> # [filter:cname_lookup]
>> # Note: this middleware requires python-dnspython
>> # use = egg:swift#cname_lookup
>> # You can override the default log routing for this filter here:
>> # set log_name = cname_lookup
>> # set log_facility = LOG_LOCAL0
>> # set log_level = INFO
>> # set log_headers = False
>> # storage_domain = example.com
>> # lookup_depth = 1
>>
>> # Note: Put staticweb just after your auth filter(s) in the pipeline
>> # [filter:staticweb]
>> # use = egg:swift#staticweb
>> # Seconds to cache container x-container-meta-web-* header values.
>> # cache_timeout = 300
>> # You can override the default log routing for this filter here:
>> # set log_name = staticweb
>> # set log_facility = LOG_LOCAL0
>> # set log_level = INFO
>> # set access_log_name = staticweb
>> # set access_log_facility = LOG_LOCAL0
>> # set access_log_level = INFO
>> # set log_headers = False
>>
>> # Note: Put tempurl just before your auth filter(s) in the pipeline
>> # [filter:tempurl]
>> # use = egg:swift#tempurl
>> #
>> # The headers to remove from incoming requests. Simply a whitespace
>> delimited
>> # list of header names and names can optionally end with '*' to indicate a
>> # prefix match. incoming_allow_headers is a list of exceptions to these
>> # removals.
>> # incoming_remove_headers = x-timestamp
>> #
>> # The headers allowed as exceptions to incoming_remove_headers. Simply a
>> # whitespace delimited list of header names and names can optionally end
>> with
>> # '*' to indicate a prefix match.
>> # incoming_allow_headers =
>> #
>> # The headers to remove from outgoing responses. Simply a whitespace
>> delimited
>> # list of header names and names can optionally end with '*' to indicate a
>> # prefix match. outgoing_allow_headers is a list of exceptions to these
>> # removals.
>> # outgoing_remove_headers = x-object-meta-*
>> #
>> # The headers allowed as exceptions to outgoing_remove_headers. Simply a
>> # whitespace delimited list of header names and names can optionally end
>> with
>> # '*' to indicate a prefix match.
>> # outgoing_allow_headers = x-object-meta-public-*
>>
>> # Note: Put formpost just before your auth filter(s) in the pipeline
>> # [filter:formpost]
>> # use = egg:swift#formpost
>>
>> # Note: Just needs to be placed before the proxy-server in the pipeline.
>> # [filter:name_check]
>> # use = egg:swift#name_check
>> # forbidden_chars = '"`<>
>> # maximum_length = 255
>>
>> Can anybody help me with this??
>> Thanks in advance.
>>
>> --Udit Agarwal
>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~openstack
>> Post to     : openstack at lists.launchpad.net
>> Unsubscribe : https://launchpad.net/~openstack
>> More help   : https://help.launchpad.net/ListHelp
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120617/7285af00/attachment.html>