diff options
| author | Humble Devassy Chirammal <humble.devassy@gmail.com> | 2017-07-31 12:29:37 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-07-31 12:29:37 +0000 |
| commit | e5da35f7f83b2be0b78aadc1056a5dd9d77f4835 (patch) | |
| tree | a854f78176e4406ed65455e778059ce9a46dc0e3 | |
| parent | 4757dd977452d15baae91d46a7895cd3d5b7863e (diff) | |
| parent | b214fff44235d8f011fcd9de12a9d2735deb50ee (diff) | |
| download | gluster-e5da35f7f83b2be0b78aadc1056a5dd9d77f4835.tar.gz gluster-e5da35f7f83b2be0b78aadc1056a5dd9d77f4835.tar.bz2 gluster-e5da35f7f83b2be0b78aadc1056a5dd9d77f4835.tar.xz gluster-e5da35f7f83b2be0b78aadc1056a5dd9d77f4835.zip | |
Merge pull request #50 from vredara/s3_auth_add_user
Added S3 authentication changes
9 files changed, 47 insertions, 7 deletions
diff --git a/.travis.yml b/.travis.yml index e855878..cc7ecb5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -26,7 +26,7 @@ before_install: - sleep 10 - docker exec -it gfedora systemctl is-active glusterd - docker build -t gluster/s3object ./gluster-s3object/CentOS/docker-gluster-s3/ -- docker run -d --name s3object --privileged -v /sys/fs/cgroup:/sys/fs/cgroup:ro -e GLUSTER_VOLUMES=vol gluster/s3object +- docker run -d --name s3object --privileged -v /sys/fs/cgroup:/sys/fs/cgroup:ro -e GLUSTER_VOLUMES=vol -e GLUSTER_USER="admin" -e GLUSTER_PASSWORD="redhat" gluster/s3object - sleep 10 - docker exec -it s3object systemctl is-active swift-object diff --git a/gluster-s3object/CentOS/docker-gluster-s3/Dockerfile b/gluster-s3object/CentOS/docker-gluster-s3/Dockerfile index 9ec1e2f..fdfb0ec 100644 --- a/gluster-s3object/CentOS/docker-gluster-s3/Dockerfile +++ b/gluster-s3object/CentOS/docker-gluster-s3/Dockerfile @@ -54,6 +54,7 @@ COPY swift-proxy.service /lib/systemd/system/ COPY swift-account.service /lib/systemd/system/ COPY swift-container.service /lib/systemd/system/ COPY swift-object.service /lib/systemd/system/ +COPY swift-adduser.service /lib/systemd/system/ # Replace openstack swift conf files with local gluster-swift ones COPY etc/swift/* /etc/swift/ @@ -62,6 +63,9 @@ COPY etc/swift/* /etc/swift/ COPY update_gluster_vol.sh /usr/local/bin/update_gluster_vol.sh RUN chmod +x /usr/local/bin/update_gluster_vol.sh +COPY gluster-swift-add-user /usr/local/bin/gluster-swift-add-user +RUN chmod +x /usr/local/bin/gluster-swift-add-user + # volumes to be exposed as object storage is present in swift-volumes file COPY etc/sysconfig/swift-volumes /etc/sysconfig/swift-volumes @@ -76,7 +80,8 @@ systemctl enable memcached.service;\ systemctl enable swift-proxy.service;\ systemctl enable swift-account.service;\ systemctl enable swift-container.service;\ -systemctl enable swift-object.service; +systemctl enable swift-object.service;\ +systemctl enable swift-adduser.service; ENTRYPOINT ["/usr/local/bin/update_gluster_vol.sh"] CMD ["/usr/sbin/init"] diff --git a/gluster-s3object/CentOS/docker-gluster-s3/README.md b/gluster-s3object/CentOS/docker-gluster-s3/README.md index baa6d28..a8bd935 100644 --- a/gluster-s3object/CentOS/docker-gluster-s3/README.md +++ b/gluster-s3object/CentOS/docker-gluster-s3/README.md @@ -30,7 +30,7 @@ Where tv1 is the volume name. **Example:** ```bash -# docker run -d --privileged -v /sys/fs/cgroup/:/sys/fs/cgroup/:ro -p 8080:8080 -v /mnt/gluster-object:/mnt/gluster-object -e GLUSTER_VOLUMES="tv1" gluster-s3 +# docker run -d --privileged -v /sys/fs/cgroup/:/sys/fs/cgroup/:ro -p 8080:8080 -v /mnt/gluster-object:/mnt/gluster-object -e GLUSTER_VOLUMES="tv1" -e GLUSTER_USER="admin" -e GLUSTER_PASSWORD="redhat" gluster-s3 ``` If you have selinux set to enforced on the host machine, refer to the diff --git a/gluster-s3object/CentOS/docker-gluster-s3/etc/swift/proxy-server.conf b/gluster-s3object/CentOS/docker-gluster-s3/etc/swift/proxy-server.conf index 979b735..8e6ecc5 100644 --- a/gluster-s3object/CentOS/docker-gluster-s3/etc/swift/proxy-server.conf +++ b/gluster-s3object/CentOS/docker-gluster-s3/etc/swift/proxy-server.conf @@ -5,7 +5,7 @@ user = root workers = 1 [pipeline:main] -pipeline = catch_errors gatekeeper healthcheck proxy-logging cache bulk ratelimit swift3 staticweb slo dlo proxy-logging proxy-server +pipeline = catch_errors gatekeeper healthcheck proxy-logging cache bulk ratelimit swift3 gswauth staticweb slo dlo proxy-logging proxy-server [app:proxy-server] use = egg:gluster_swift#proxy @@ -97,3 +97,10 @@ user_test5_tester5 = testing5 service [filter:swift3] use = egg:swift3#swift3 + +[filter:gswauth] +use = egg:gluster_swift#gswauth +set log_name = gswauth +super_admin_key = gswauthkey +metadata_volume = gsmetadata +s3_support = on diff --git a/gluster-s3object/CentOS/docker-gluster-s3/etc/sysconfig/swift-volumes b/gluster-s3object/CentOS/docker-gluster-s3/etc/sysconfig/swift-volumes index 8b49f07..3aeb7ec 100644 --- a/gluster-s3object/CentOS/docker-gluster-s3/etc/sysconfig/swift-volumes +++ b/gluster-s3object/CentOS/docker-gluster-s3/etc/sysconfig/swift-volumes @@ -1,2 +1,4 @@ # Set Gluster volumes to be used by gluster-object service GLUSTER_VOLUMES="tv1" +GLUSTER_USER="admin" +GLUSTER_PASSWORD="redhat" diff --git a/gluster-s3object/CentOS/docker-gluster-s3/gluster-swift-add-user b/gluster-s3object/CentOS/docker-gluster-s3/gluster-swift-add-user new file mode 100755 index 0000000..59eb1b2 --- /dev/null +++ b/gluster-s3object/CentOS/docker-gluster-s3/gluster-swift-add-user @@ -0,0 +1,13 @@ +#!/bin/bash +if [ "$#" -lt 3 ]; then + echo "Incorrect args. invoke gluster-swift-add-user $GLUSTER_USER $GLUSTER_PASSWORD $GLUSTER_VOLUMES" + exit 1 +else + GLUSTER_USER=$1 + GLUSTER_PASSWORD=$2 + GLUSTER_VOLUMES=$(echo $3 | cut -d" " -f1) + sleep 5 + gswauth-prep -A http://0.0.0.0:8080/auth -K gswauthkey + gswauth-add-account -K gswauthkey $GLUSTER_VOLUMES + gswauth-add-user -K gswauthkey -a $GLUSTER_VOLUMES $GLUSTER_USER $GLUSTER_PASSWORD +fi diff --git a/gluster-s3object/CentOS/docker-gluster-s3/swift-adduser.service b/gluster-s3object/CentOS/docker-gluster-s3/swift-adduser.service new file mode 100644 index 0000000..ee4c8d7 --- /dev/null +++ b/gluster-s3object/CentOS/docker-gluster-s3/swift-adduser.service @@ -0,0 +1,11 @@ +[Unit] +Description=Swift Add User +After=swift-object.service + +[Service] +Type=oneshot +EnvironmentFile=-/etc/sysconfig/swift-volumes +ExecStart=/usr/local/bin/gluster-swift-add-user $GLUSTER_USER $GLUSTER_PASSWORD $GLUSTER_VOLUMES + +[Install] +WantedBy=multi-user.target diff --git a/gluster-s3object/CentOS/docker-gluster-s3/swift-gen-builders.service b/gluster-s3object/CentOS/docker-gluster-s3/swift-gen-builders.service index ab30a7c..efafca5 100644 --- a/gluster-s3object/CentOS/docker-gluster-s3/swift-gen-builders.service +++ b/gluster-s3object/CentOS/docker-gluster-s3/swift-gen-builders.service @@ -5,7 +5,7 @@ Before=memcached.service [Service] Type=oneshot EnvironmentFile=-/etc/sysconfig/swift-volumes -ExecStart=/usr/bin/gluster-swift-gen-builders $GLUSTER_VOLUMES +ExecStart=/usr/bin/gluster-swift-gen-builders $GLUSTER_VOLUMES gsmetadata [Install] WantedBy=multi-user.target diff --git a/gluster-s3object/CentOS/docker-gluster-s3/update_gluster_vol.sh b/gluster-s3object/CentOS/docker-gluster-s3/update_gluster_vol.sh index dfb891d..9e9c60e 100644 --- a/gluster-s3object/CentOS/docker-gluster-s3/update_gluster_vol.sh +++ b/gluster-s3object/CentOS/docker-gluster-s3/update_gluster_vol.sh @@ -1,12 +1,14 @@ #!/bin/bash # To update gluster volume name in swift-volumes, used by swift-gen-builders.service -if [ -z "$GLUSTER_VOLUMES" ]; then - echo "You need to set GLUSTER_VOLUMES env variable" +if [[ -z "$GLUSTER_VOLUMES" || -z "$GLUSTER_USER" || -z "$GLUSTER_PASSWORD" ]]; then + echo "You need to set GLUSTER_VOLUMES, GLUSTER_USER, GLUSTER_PASSWORD env variable" exit 1 else echo "GLUSTER_VOLUMES env variable is set. Update in swift-volumes" sed -i.bak '/^GLUSTER_VOLUMES=/s/=.*/='\""$GLUSTER_VOLUMES"\"'/' /etc/sysconfig/swift-volumes + sed -i.bak '/^GLUSTER_USER=/s/=.*/='\""$GLUSTER_USER"\"'/' /etc/sysconfig/swift-volumes + sed -i.bak '/^GLUSTER_PASSWORD=/s/=.*/='\""$GLUSTER_PASSWORD"\"'/' /etc/sysconfig/swift-volumes fi # Hand off to CMD |