details on how to make swift work with keystonw

You can separate these two projects for debugging.

1. Make sure that your keystone working well for authenticating a username/ password

2. Does Keystone return X-Storage-Url and X-Auth-Token for you . While test it with curl command.

3. Does Swift works with tempauth ?

4. Can you access swift by a validated token ?

There're too many possibles in your case though . Let's decrease the scope .

yes keystone is working well for authenticating
yes swift works well with tempauth
this is output with curl
 curl -d '{"auth": {"tenantName": "demoTenant", "passwordCredentials":{"username": "demoUser", "password": "password"}}}' -H "Content-type: application/json" http://130.237.215.18:35357/v2.0/tokens | python -mjson.tool
  % Total % Received % Xferd Average Speed Time Time Time Current
                                 Dload Upload Total Spent Left Speed
100 1309 100 1199 100 110 4541 416 --:--:-- --:--:-- --:--:-- 4558
{
    "access": {
        "serviceCatalog": [
            {
                "endpoints": [
                    {
                        "adminURL": "http://130.237.215.18:8774/v1.1/2",
                        "internalURL": "http://130.237.215.18:8774/v1.1/2",
                        "publicURL": "http://130.237.215.18:8774/v1.1/2",
                        "region": "RegionOne"
                    }
                ],
                "name": "nova",
                "type": "compute"
            },
            {
                "endpoints": [
                    {
                        "adminURL": "http://130.237.215.18:9292/v1",
                        "internalURL": "http://130.237.215.18:9292/v1",
                        "publicURL": "http://130.237.215.18:9292/v1",
                        "region": "RegionOne"
                    }
                ],
                "name": "glance",
                "type": "image"
            },
            {
                "endpoints": [
                    {
                        "adminURL": "http://130.237.215.18:35357/v2.0",
                        "internalURL": "http://130.237.215.18:5000/v2.0",
                        "publicURL": "http://130.237.215.18:5000/v2.0",
                        "region": "RegionOne"
                    }
                ],
                "name": "identity",
                "type": "identity"
            },
            {
                "endpoints": [
                    {
                        "adminURL": "http://130.237.215.18:8080/v1.0",
                        "internalURL": "http://130.237.215.18:8080/v1.0",
                        "publicURL": "http://130.230.215.18:8080/v1.0",
                        "region": "RegionOne"
                    }
                ],
                "name": "swift",
                "type": "object-store"
            }
        ],
        "token": {
            "expires": "2012-03-30T11:53:27",
            "id": "e87623ed-0e75-474c-9437-a98d06c6ddb0",
            "tenant": {
                "id": "2",
                "name": "demoTenant"
            }
        },
        "user": {
            "id": "2",
            "name": "demoUser",
            "roles": [
                {
                    "id": "2",
                    "name": "Member",
                    "tenantId": "2"
                },
                {
                    "id": "2",
                    "name": "Member"
                }
            ]
        }
    }

{
                "endpoints": [
                    {
                        "adminURL": "http://130.237.215.18:8080/v1.0",
                        "internalURL": "http://130.237.215.18:8080/v1.0",
                        "publicURL": "http://130.230.215.18:8080/v1.0",
                        "region": "RegionOne"
                    }
                ],
                "name": "swift",
                "type": "object-store"
            }

The end point url of swift-proxy is incorrect .

the object-store should look like

http://130.237.215.18:8080/v1/AUTH_%tenant_id%

Other endpointTemplates could refer
https://github.com/openstack/keystone/blob/master/etc/default_catalog.templates

hi still having the problem with swift and keystone intregation.
i defined end point templates for swift in the followint manner.
sudo keystone-manage endpointTemplates add RegionOne swift http://130.237.215.18:8080/v1/AUTH_%tenant_id% http://130.237.215.18:8080/v1/ http://130.237.215.18:8080/v1/AUTH_%tenant_id% 1 1. here is my swift proxy server.conf

proxy-server.conf

[DEFAULT]
bind_port = 8080
user = swift

[pipeline:main]
pipeline = catch_errors healthcheck cache authtoken swiftauth proxy-server

[app:proxy-server]
use = egg:swift#proxy
allow_autocreate = true

[filter:swiftauth]
use = egg:keystone#swiftauth
keystone_url = http://130.237.215.18/v2.0
keystone_admin_token = 999888777666
keystone_tenant_user_admin = true
keystone_swiftoperator_roles = Admin, swiftoperator

[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
auth_protocol = http
service_port = 5000
service_host = 130.237.215.18
auth_port = 35357
auth_host = 130.237.215.18
admin_token = 999888777666
delay_auth_decision = 0

[filter:healthcheck]
use = egg:swift#healthcheck

[filter:cache]
use = egg:swift#memcache
set log_name = cache
memcache_servers = 130.237.215.18:11211

[filter:catch_errors]
use = egg:swift#catch_errors

here is my keystone .conf

[DEFAULT]
# Show more verbose log output (sets INFO log level output)
verbose = False

# Show debugging output in logs (sets DEBUG log level output)
debug = False

# Which backend store should Keystone use by default.
# Default: 'sqlite'
# Available choices are 'sqlite' [future will include LDAP, PAM, etc]
default_store = sqlite

# Log to this file. Make sure you do not set the same log
# file for both the API and registry servers!
log_dir = /var/log/keystone
log_file = keystone.log

# List of backends to be configured
backends = keystone.backends.sqlalchemy
#For LDAP support, add: ,keystone.backends.ldap

# Dictionary Maps every service to a header.Missing services would get header
# X_(SERVICE_NAME) Key => Service Name, Value => Header Name
service-header-mappings = {
 'nova' : 'X-Server-Management-Url',
 'swift' : 'X-Storage-Url',
 'cdn' : 'X-CDN-Management-Url'}

# Address to bind the API server
# TODO Properties defined within app not available via pipeline.
service_host = 0.0.0.0

# Port the bind the API server to
service_port = 5000

# Address to bind the Admin API server
admin_host = 0.0.0.0

# Port the bind the Admin API server to
admin_port = 35357

#Role that allows to perform admin operations.
keystone-admin-role = Admin

#Role that allows to perform service admin operations.
keystone-service-admin-role = KeystoneServiceAdmin

#Tells whether password user need to be hashed in the backend
hash-password = True

[keystone.backends.sqlalchemy]
# SQLAlchemy connection string for the reference implementation registry
# server. Any valid SQLAlchemy connection string is fine.
# See: http://bit.ly/ideIpI
sql_connection = mysql://keystone:keystone@130.237.215.18/keystone
backend_entities = ['UserRoleAssociation', 'Endpoints', 'Role', 'Tenant',
                    'User', 'Credentials', 'EndpointTemplates', 'Token',
                    'Service']

# Period in seconds after which SQLAlchemy should reestablish its connection
# to the database.
sql_idle_timeout = 30

[pipeline:admin]
pipeline =
    urlrewritefilter
    admin_api

[pipeline:keystone-legacy-auth]
pipeline =
    urlrewritefilter
    legacy_auth
    RAX-KEY-extension
    service_api

[app:service_api]
paste.app_factory = keystone.server:service_app_factory

[app:admin_api]
paste.app_factory = keystone.server:admin_app_factory

[filter:urlrewritefilter]
paste.filter_factory = keystone.middleware.url:filter_factory

[filter:legacy_auth]
paste.filter_factory = keystone.frontends.legacy_token_auth:filter_factory

[filter:RAX-KEY-extension]
paste.filter_factory = keystone.contrib.extensions.service.raxkey.frontend:filter_factory

[filter:debug]
paste.filter_factory = keystone.common.wsgi:debug_filter_factory

i dont know whats wrong with my configuration. can u please help me.

hi i figured it out . i just define the service catlog in wrong way. but
now i am facing other error. whenever i try to verify that keystone is
providing authentication to swift i saw error .
the error says
account head failed . 500 internal server error.
this may be due to by default keystone use https. in order to resolv it i
change auth_urí to http and auth_protocol to http in both keystone.conf and
proxy.conf but still facing same error .
any suggestion please its urgent

On Mon, Apr 2, 2012 at 5:15 PM, sanjaya dahal <
<email address hidden>> wrote:

> Your question #192041 on Keystone changed:
> https://answers.launchpad.net/keystone/+question/192041
>
> Status: Answered => Open
>
> You are still having a problem:
> hi still having the problem with swift and keystone intregation.
> i defined end point templates for swift in the followint manner.
> sudo keystone-manage endpointTemplates add RegionOne swift
> http://130.237.215.18:8080/v1/AUTH_%tenant_id%
> http://130.237.215.18:8080/v1/
> http://130.237.215.18:8080/v1/AUTH_%tenant_id% 1 1. here is my swift
> proxy server.conf
>
> proxy-server.conf
>
> [DEFAULT]
> bind_port = 8080
> user = swift
>
> [pipeline:main]
> pipeline = catch_errors healthcheck cache authtoken swiftauth proxy-server
>
>
> [app:proxy-server]
> use = egg:swift#proxy
> allow_autocreate = true
>
> [filter:swiftauth]
> use = egg:keystone#swiftauth
> keystone_url = http://130.237.215.18/v2.0
> keystone_admin_token = 999888777666
> keystone_tenant_user_admin = true
> keystone_swiftoperator_roles = Admin, swiftoperator
>
>
> [filter:authtoken]
> paste.filter_factory = keystone.middleware.auth_token:filter_factory
> auth_protocol = http
> service_port = 5000
> service_host = 130.237.215.18
> auth_port = 35357
> auth_host = 130.237.215.18
> admin_token = 999888777666
> delay_auth_decision = 0
>
> [filter:healthcheck]
> use = egg:swift#healthcheck
>
> [filter:cache]
> use = egg:swift#memcache
> set log_name = cache
> memcache_servers = 130.237.215.18:11211
>
> [filter:catch_errors]
> use = egg:swift#catch_errors
>
>
> here is my keystone .conf
>
> [DEFAULT]
> # Show more verbose log output (sets INFO log level output)
> verbose = False
>
> # Show debugging output in logs (sets DEBUG log level output)
> debug = False
>
> # Which backend store should Keystone use by default.
> # Default: 'sqlite'
> # Available choices are 'sqlite' [future will include LDAP, PAM, etc]
> default_store = sqlite
>
> # Log to this file. Make sure you do not set the same log
> # file for both the API and registry servers!
> log_dir = /var/log/keystone
> log_file = keystone.log
>
> # List of backends to be configured
> backends = keystone.backends.sqlalchemy
> #For LDAP support, add: ,keystone.backends.ldap
>
> # Dictionary Maps every service to a header.Missing services would get
> header
> # X_(SERVICE_NAME) Key => Service Name, Value => Header Name
> service-header-mappings = {
> 'nova' : 'X-Server-Management-Url',
> 'swift' : 'X-Storage-Url',
> 'cdn' : 'X-CDN-Management-Url'}
>
> # Address to bind the API server
> # TODO Properties defined within app not available via pipeline.
> service_host = 0.0.0.0
>
> # Port the bind the API server to
> service_port = 5000
>
> # Address to bind the Admin API server
> admin_host = 0.0.0.0
>
> # Port the bind the Admin API server to
> admin_port = 35357
>
> #Role that allows to perform admin operations.
> keystone-admin-role = Admin
>
> #Role that allows to perform service admin operations.
> keystone-service-admin-role = KeystoneServiceAdmin
>
> #Tells whether password user need to be hashed in the backend
> hash-password = True
>
> [keystone.backends.sqlalchemy]
> # SQLAlchemy connection string for the reference implementation registry
> # server. Any valid SQLAlchemy connection string is fine.
> # See: http://bit.ly/ideIpI
> sql_connection = mysql://keystone:keystone@130.237.215.18/keystone
> backend_entities = ['UserRoleAssociation', 'Endpoints', 'Role', 'Tenant',
> 'User', 'Credentials', 'EndpointTemplates', 'Token',
> 'Service']
>
> # Period in seconds after which SQLAlchemy should reestablish its
> connection
> # to the database.
> sql_idle_timeout = 30
>
> [pipeline:admin]
> pipeline =
> urlrewritefilter
> admin_api
>
> [pipeline:keystone-legacy-auth]
> pipeline =
> urlrewritefilter
> legacy_auth
> RAX-KEY-extension
> service_api
>
> [app:service_api]
> paste.app_factory = keystone.server:service_app_factory
>
> [app:admin_api]
> paste.app_factory = keystone.server:admin_app_factory
>
> [filter:urlrewritefilter]
> paste.filter_factory = keystone.middleware.url:filter_factory
>
> [filter:legacy_auth]
> paste.filter_factory = keystone.frontends.legacy_token_auth:filter_factory
>
> [filter:RAX-KEY-extension]
> paste.filter_factory =
> keystone.contrib.extensions.service.raxkey.frontend:filter_factory
>
>
> [filter:debug]
> paste.filter_factory = keystone.common.wsgi:debug_filter_factory
>
>
> i dont know whats wrong with my configuration. can u please help me.
>
> --
> You received this question notification because you asked the question.
>

hi still getting error can u help me plaese
this is output from my dashboard
Environment:

Request Method: GET
Request URL: http://130.237.215.18/dash/1/containers/

Django Version: 1.3
Python Version: 2.7.2
Installed Applications:
['dashboard',
 'django.contrib.contenttypes',
 'django.contrib.sessions',
 'django.contrib.messages',
 'django.contrib.staticfiles',
 'django_openstack',
 'django_openstack.templatetags',
 'mailer']
Installed Middleware:
('django.middleware.common.CommonMiddleware',
 'django.middleware.csrf.CsrfViewMiddleware',
 'django.contrib.sessions.middleware.SessionMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware',
 'django_openstack.middleware.keystone.AuthenticationMiddleware',
 'django.middleware.doc.XViewMiddleware',
 'django.middleware.locale.LocaleMiddleware',
 'dashboard.middleware.DashboardLogUnhandledExceptionsMiddleware')

Traceback:
File "/usr/lib/pymodules/python2.7/django/core/handlers/base.py" in get_response
  111. response = callback(request, *callback_args, **callback_kwargs)
File "/usr/lib/pymodules/python2.7/django/contrib/auth/decorators.py" in _wrapped_view
  23. return view_func(request, *args, **kwargs)
File "/usr/lib/pymodules/python2.7/django_openstack/dash/views/containers.py" in index
  74. containers = api.swift_get_containers(request)
File "/usr/lib/pymodules/python2.7/django_openstack/api.py" in swift_get_containers
  775. return [Container(c) for c in swift_api(request).get_all_containers()]
File "/usr/lib/pymodules/python2.7/cloudfiles/connection.py" in get_all_containers
  306. return ContainerResults(self, self.list_containers_info(**parms))
File "/usr/lib/pymodules/python2.7/cloudfiles/connection.py" in list_containers_info
  389. raise ResponseError(response.status, response.reason)

Exception Type: ResponseError at /dash/1/containers/
Exception Value: 500: Internal Server Error

i also tried this command in order to check

swift -A http://130.237.215.18:5000/v2.0 -U adminTenant:adminUser -K password -V 2.0 stat -v
Account HEAD failed: http://130.237.215.18:8080/v1/AUTH_1 500 Internal Server Error

i cant resolv it out and have no idea what is causing problem so can u please help me

Could you please try to authenticate user/password from Keystone API endpoint first ?

Example for API v1.0 :

curl -v -H "X-Auth_User: %username%" -H "X-Auth-Key: %password% "http://%keystone_ip%:%service_port%/v1.0

In your swift client response , I think keystone should work properly .
And Keystone will return
X-AUTH-TOKEN and X-Storage-Url Headers

After That , please send request to Swift-proxy API endpoint directly for creating an account . Example as follow.

curl -X PUT -v -H "X-AUTH-Token: %Token%" http://%Swift-Proxy_IP%/v1/AUTH_1

In normal condition , you will receive 201 created.

If sill failed , you have to check the permission of target disk mounting point .