Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Cloud:OpenStack:Grizzly
openstack-swift
swift-dispersion-insecure-ssl.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File swift-dispersion-insecure-ssl.patch of Package openstack-swift
From: Vincent Untz <vuntz@suse.com> Date: Fri, 12 Jul 2013 06:11:27 +0000 (+0200) Subject: Allow dispersion tools to use keystone server with insecure certificate X-Git-Url: https://review.openstack.org/gitweb?p=openstack%2Fswift.git;a=commitdiff_plain;h=82986ab4bfab3ae7bd192bdd42795d56f9711c9d Allow dispersion tools to use keystone server with insecure certificate The swift-dispersion-populate and swift-dispersion-report tools now accept a --insecure option. Also, dispersion.conf now has a keystone_api_insecure option. Default is obviously to use the secure path. Change-Id: I4000352e547d9ce5b08ade54e0c886281caff891 --- diff --git a/bin/swift-dispersion-populate b/bin/swift-dispersion-populate index 324c644..20159c9 100755 --- a/bin/swift-dispersion-populate +++ b/bin/swift-dispersion-populate @@ -18,7 +18,8 @@ import traceback from ConfigParser import ConfigParser from cStringIO import StringIO -from sys import exit, argv, stdout +from optparse import OptionParser +from sys import exit, stdout from time import time from uuid import uuid4 @@ -27,7 +28,10 @@ from eventlet.pools import Pool from swiftclient import Connection, get_auth from swift.common.ring import Ring -from swift.common.utils import compute_eta, get_time_units +from swift.common.utils import compute_eta, get_time_units, config_true_value + + +insecure = False def put_container(connpool, container, report): @@ -79,10 +83,19 @@ if __name__ == '__main__': patcher.monkey_patch() conffile = '/etc/swift/dispersion.conf' - if len(argv) == 2: - conffile = argv[1] - elif len(argv) > 2: - exit('Syntax: %s [conffile]' % argv[0]) + + parser = OptionParser(usage=''' +Usage: %%prog [options] [conf_file] + +[conf_file] defaults to %s'''.strip() % conffile) + parser.add_option('--insecure', action='store_true', default=False, + help='Allow accessing insecure keystone server. ' + 'The keystone\'s certificate will not be verified.') + options, args = parser.parse_args() + + if args: + conffile = args.pop(0) + c = ConfigParser() if not c.read(conffile): exit('Unable to read config file: %s' % conffile) @@ -92,6 +105,8 @@ if __name__ == '__main__': retries = int(conf.get('retries', 5)) concurrency = int(conf.get('concurrency', 25)) endpoint_type = str(conf.get('endpoint_type', 'publicURL')) + insecure = options.insecure \ + or config_true_value(conf.get('keystone_api_insecure', 'no')) coropool = GreenPool(size=concurrency) retries_done = 0 @@ -101,14 +116,16 @@ if __name__ == '__main__': url, token = get_auth(conf['auth_url'], conf['auth_user'], conf['auth_key'], auth_version=conf.get('auth_version', '1.0'), - os_options=os_options) + os_options=os_options, + insecure=insecure) account = url.rsplit('/', 1)[1] connpool = Pool(max_size=concurrency) connpool.create = lambda: Connection(conf['auth_url'], conf['auth_user'], conf['auth_key'], retries=retries, preauthurl=url, preauthtoken=token, - os_options=os_options) + os_options=os_options, + insecure=insecure) container_ring = Ring(swift_dir, ring_name='container') parts_left = dict((x, x) for x in xrange(container_ring.partition_count)) diff --git a/bin/swift-dispersion-report b/bin/swift-dispersion-report index f96baab..dd7219c 100755 --- a/bin/swift-dispersion-report +++ b/bin/swift-dispersion-report @@ -37,6 +37,7 @@ unmounted = [] notfound = [] json_output = False debug = False +insecure = False def get_error_log(prefix): @@ -322,6 +323,9 @@ Usage: %%prog [options] [conf_file] help='Only run container report') parser.add_option('--object-only', action='store_true', default=False, help='Only run object report') + parser.add_option('--insecure', action='store_true', default=False, + help='Allow accessing insecure keystone server. ' + 'The keystone\'s certificate will not be verified.') options, args = parser.parse_args() if args: @@ -344,6 +348,8 @@ Usage: %%prog [options] [conf_file] and not options.container_only if not (object_report or container_report): exit("Neither container or object report is set to run") + insecure = options.insecure \ + or config_true_value(conf.get('keystone_api_insecure', 'no')) if options.debug: debug = True @@ -354,12 +360,14 @@ Usage: %%prog [options] [conf_file] url, token = get_auth(conf['auth_url'], conf['auth_user'], conf['auth_key'], auth_version=conf.get('auth_version', '1.0'), - os_options=os_options) + os_options=os_options, + insecure=insecure) account = url.rsplit('/', 1)[1] connpool = Pool(max_size=concurrency) connpool.create = lambda: Connection( conf['auth_url'], conf['auth_user'], conf['auth_key'], retries=retries, - preauthurl=url, preauthtoken=token, os_options=os_options) + preauthurl=url, preauthtoken=token, os_options=os_options, + insecure=insecure) container_ring = Ring(swift_dir, ring_name='container') object_ring = Ring(swift_dir, ring_name='object') diff --git a/doc/manpages/dispersion.conf.5 b/doc/manpages/dispersion.conf.5 index ec6029a..b1188a6 100644 --- a/doc/manpages/dispersion.conf.5 +++ b/doc/manpages/dispersion.conf.5 @@ -67,6 +67,7 @@ Whether to run the object report. The default is yes. .IP "auth_user = dpstats:dpstats" .IP "auth_key = dpstats" .IP "swift_dir = /etc/swift" +.IP "# keystone_api_insecure = no" .IP "# dispersion_coverage = 1" .IP "# retries = 5" .IP "# concurrency = 25" diff --git a/doc/manpages/swift-dispersion-populate.1 b/doc/manpages/swift-dispersion-populate.1 index 63fd36e..7fa132d 100644 --- a/doc/manpages/swift-dispersion-populate.1 +++ b/doc/manpages/swift-dispersion-populate.1 @@ -24,7 +24,7 @@ .SH SYNOPSIS .LP -.B swift-dispersion-populate +.B swift-dispersion-populate [--insecure] [conf_file] .SH DESCRIPTION .PP @@ -56,6 +56,13 @@ same configuration file, /etc/swift/dispersion.conf . The account used by these tool should be a dedicated account for the dispersion stats and also have admin privileges. +.SH OPTIONS +.RS 0 +.PD 1 +.IP "\fB--insecure\fR" +Allow accessing insecure keystone server. The keystone's certificate will not +be verified. + .SH CONFIGURATION .PD 0 Example \fI/etc/swift/dispersion.conf\fR: diff --git a/doc/manpages/swift-dispersion-report.1 b/doc/manpages/swift-dispersion-report.1 index 6f19b34..a1273bf 100644 --- a/doc/manpages/swift-dispersion-report.1 +++ b/doc/manpages/swift-dispersion-report.1 @@ -24,7 +24,7 @@ .SH SYNOPSIS .LP -.B swift-dispersion-report [-d|--debug] [-j|--dump-json] [-p|--partitions] [--container-only|--object-only] [conf_file] +.B swift-dispersion-report [-d|--debug] [-j|--dump-json] [-p|--partitions] [--container-only|--object-only] [--insecure] [conf_file] .SH DESCRIPTION .PP @@ -84,6 +84,13 @@ Only run the container report .IP "\fB--object-only\fR" Only run the object report +.SH OPTIONS +.RS 0 +.PD 1 +.IP "\fB--insecure\fR" +Allow accessing insecure keystone server. The keystone's certificate will not +be verified. + .SH CONFIGURATION .PD 0 Example \fI/etc/swift/dispersion.conf\fR: diff --git a/etc/dispersion.conf-sample b/etc/dispersion.conf-sample index fb62b86..fb36519 100644 --- a/etc/dispersion.conf-sample +++ b/etc/dispersion.conf-sample @@ -7,6 +7,7 @@ auth_key = testing # auth_key = testing # auth_version = 2.0 # endpoint_type = publicURL +# keystone_api_insecure = no # # swift_dir = /etc/swift # dispersion_coverage = 1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor