modify default_swift_cluster option format
This commit is contained in:
Michael Barton
parent
b3c914e875
commit
2fac1d53ef
@ -515,7 +515,7 @@ auth_prefix /auth/ The HTTP request path
|
||||
reserves anything
|
||||
beginning with the
|
||||
letter `v`.
|
||||
default_swift_cluster local:http://127.0.0.1:8080/v1 The default Swift
|
||||
default_swift_cluster local#http://127.0.0.1:8080/v1 The default Swift
|
||||
cluster to place newly
|
||||
created accounts on.
|
||||
token_life 86400 The number of seconds a
|
||||
|
||||
@ -138,7 +138,7 @@ Configure the Proxy node
|
||||
# Only needed for Swauth
|
||||
[filter:swauth]
|
||||
use = egg:swift#swauth
|
||||
default_swift_cluster = https://<PROXY_LOCAL_NET_IP>:8080/v1
|
||||
default_swift_cluster = local#https://<PROXY_LOCAL_NET_IP>:8080/v1
|
||||
# Highly recommended to change this key to something else!
|
||||
super_admin_key = swauthkey
|
||||
|
||||
@ -437,7 +437,7 @@ See :ref:`config-proxy` for the initial setup, and then follow these additional
|
||||
# For Swauth, in /etc/swift/proxy-server.conf
|
||||
[filter:swauth]
|
||||
use = egg:swift#swauth
|
||||
default_swift_cluster = local:http://<LOAD_BALANCER_HOSTNAME>/v1
|
||||
default_swift_cluster = local#http://<LOAD_BALANCER_HOSTNAME>/v1
|
||||
# Highly recommended to change this key to something else!
|
||||
super_admin_key = swauthkey
|
||||
|
||||
|
||||
@ -66,15 +66,15 @@ use = egg:swift#swauth
|
||||
# The auth prefix will cause requests beginning with this prefix to be routed
|
||||
# to the auth subsystem, for granting tokens, creating accounts, users, etc.
|
||||
# auth_prefix = /auth/
|
||||
# Cluster strings are of the format name:url where name is a short name for the
|
||||
# Cluster strings are of the format name#url where name is a short name for the
|
||||
# Swift cluster and url is the url to the proxy server(s) for the cluster.
|
||||
# default_swift_cluster = local:http://127.0.0.1:8080/v1
|
||||
# You may also use the format name::url::url where the first url is the one
|
||||
# default_swift_cluster = local#http://127.0.0.1:8080/v1
|
||||
# You may also use the format name#url#url where the first url is the one
|
||||
# given to users to access their account (public url) and the second is the one
|
||||
# used by swauth itself to create and delete accounts (private url). This is
|
||||
# useful when a load balancer url should be used by users, but swauth itself is
|
||||
# behind the load balancer. Example:
|
||||
# default_swift_cluster = local::https://public.com:8080/v1::http://private.com:8080/v1
|
||||
# default_swift_cluster = local#https://public.com:8080/v1#http://private.com:8080/v1
|
||||
# token_life = 86400
|
||||
# node_timeout = 10
|
||||
# Highly recommended to change this.
|
||||
|
||||
@ -61,24 +61,23 @@ class Swauth(object):
|
||||
self.auth_prefix += '/'
|
||||
self.auth_account = '%s.auth' % self.reseller_prefix
|
||||
self.default_swift_cluster = conf.get('default_swift_cluster',
|
||||
'local:http://127.0.0.1:8080/v1')
|
||||
'local#http://127.0.0.1:8080/v1')
|
||||
# This setting is a little messy because of the options it has to
|
||||
# provide. The basic format is cluster_name:url, such as the default
|
||||
# value of local:http://127.0.0.1:8080/v1. But, often the url given to
|
||||
# the user needs to be different than the url used by Swauth to
|
||||
# create/delete accounts. So there's a more complex format of
|
||||
# cluster_name::url::url, such as
|
||||
# local::https://public.com:8080/v1::http://private.com:8080/v1.
|
||||
# The double colon is what sets the two apart.
|
||||
if '::' in self.default_swift_cluster:
|
||||
self.dsc_name, self.dsc_url, self.dsc_url2 = \
|
||||
self.default_swift_cluster.split('::', 2)
|
||||
self.dsc_url = self.dsc_url.rstrip('/')
|
||||
self.dsc_url2 = self.dsc_url2.rstrip('/')
|
||||
# provide. The basic format is cluster_name#url, such as the default
|
||||
# value of local#http://127.0.0.1:8080/v1.
|
||||
# If the URL given to the user needs to differ from the url used by
|
||||
# Swauth to create/delete accounts, there's a more complex format:
|
||||
# cluster_name#url#url, such as
|
||||
# local#https://public.com:8080/v1#http://private.com:8080/v1.
|
||||
cluster_parts = self.default_swift_cluster.split('#', 2)
|
||||
self.dsc_name = cluster_parts[0]
|
||||
if len(cluster_parts) == 3:
|
||||
self.dsc_url = cluster_parts[1].rstrip('/')
|
||||
self.dsc_url2 = cluster_parts[2].rstrip('/')
|
||||
elif len(cluster_parts) == 2:
|
||||
self.dsc_url = self.dsc_url2 = cluster_parts[1].rstrip('/')
|
||||
else:
|
||||
self.dsc_name, self.dsc_url = \
|
||||
self.default_swift_cluster.split(':', 1)
|
||||
self.dsc_url = self.dsc_url2 = self.dsc_url.rstrip('/')
|
||||
raise Exception('Invalid cluster format')
|
||||
self.dsc_parsed = urlparse(self.dsc_url)
|
||||
if self.dsc_parsed.scheme not in ('http', 'https'):
|
||||
raise Exception('Cannot handle protocol scheme %s for url %s' %
|
||||
|
||||
@ -151,21 +151,21 @@ class TestAuth(unittest.TestCase):
|
||||
app = FakeApp()
|
||||
self.assertRaises(Exception, auth.filter_factory({
|
||||
'super_admin_key': 'supertest',
|
||||
'default_swift_cluster': 'local:badscheme://host/path'}), app)
|
||||
'default_swift_cluster': 'local#badscheme://host/path'}), app)
|
||||
ath = auth.filter_factory({'super_admin_key': 'supertest'})(app)
|
||||
self.assertEquals(ath.default_swift_cluster,
|
||||
'local:http://127.0.0.1:8080/v1')
|
||||
'local#http://127.0.0.1:8080/v1')
|
||||
ath = auth.filter_factory({'super_admin_key': 'supertest',
|
||||
'default_swift_cluster': 'local:http://host/path'})(app)
|
||||
'default_swift_cluster': 'local#http://host/path'})(app)
|
||||
self.assertEquals(ath.default_swift_cluster,
|
||||
'local:http://host/path')
|
||||
'local#http://host/path')
|
||||
ath = auth.filter_factory({'super_admin_key': 'supertest',
|
||||
'default_swift_cluster': 'local:https://host/path/'})(app)
|
||||
'default_swift_cluster': 'local#https://host/path/'})(app)
|
||||
self.assertEquals(ath.dsc_url, 'https://host/path')
|
||||
self.assertEquals(ath.dsc_url2, 'https://host/path')
|
||||
ath = auth.filter_factory({'super_admin_key': 'supertest',
|
||||
'default_swift_cluster':
|
||||
'local::https://host/path/::http://host2/path2/'})(app)
|
||||
'local#https://host/path/#http://host2/path2/'})(app)
|
||||
self.assertEquals(ath.dsc_url, 'https://host/path')
|
||||
self.assertEquals(ath.dsc_url2, 'http://host2/path2')
|
||||
|
||||
@ -2882,7 +2882,7 @@ class TestAuth(unittest.TestCase):
|
||||
|
||||
def test_get_conn_default_https(self):
|
||||
local_auth = auth.filter_factory({'super_admin_key': 'supertest',
|
||||
'default_swift_cluster': 'local:https://1.2.3.4/v1'})(FakeApp())
|
||||
'default_swift_cluster': 'local#https://1.2.3.4/v1'})(FakeApp())
|
||||
conn = local_auth.get_conn()
|
||||
self.assertEquals(conn.__class__, auth.HTTPSConnection)
|
||||
self.assertEquals(conn.host, '1.2.3.4')
|
||||
@ -2890,7 +2890,7 @@ class TestAuth(unittest.TestCase):
|
||||
|
||||
def test_get_conn_overridden(self):
|
||||
local_auth = auth.filter_factory({'super_admin_key': 'supertest',
|
||||
'default_swift_cluster': 'local:https://1.2.3.4/v1'})(FakeApp())
|
||||
'default_swift_cluster': 'local#https://1.2.3.4/v1'})(FakeApp())
|
||||
conn = \
|
||||
local_auth.get_conn(urlparsed=auth.urlparse('http://5.6.7.8/v1'))
|
||||
self.assertEquals(conn.__class__, auth.HTTPConnection)
|
||||
@ -2899,7 +2899,7 @@ class TestAuth(unittest.TestCase):
|
||||
|
||||
def test_get_conn_overridden_https(self):
|
||||
local_auth = auth.filter_factory({'super_admin_key': 'supertest',
|
||||
'default_swift_cluster': 'local:http://1.2.3.4/v1'})(FakeApp())
|
||||
'default_swift_cluster': 'local#http://1.2.3.4/v1'})(FakeApp())
|
||||
conn = \
|
||||
local_auth.get_conn(urlparsed=auth.urlparse('https://5.6.7.8/v1'))
|
||||
self.assertEquals(conn.__class__, auth.HTTPSConnection)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user