Configuring OpenStack Object Storage proxy server
Proxy server is a component that accepts OpenStack Object storage API and raw HTTP files to accept upload files, modify data and to create containers. Clients connect to OpenStack Object Storage via a proxy server. This allows us to scale out our OpenStack Object Storage environment as needed, without affecting the front-end to which the clients connect.
Proxy servers can also use optional cache that is used to deploy memcache.
Assure that you are logged in to your swift virtual machine. To accomplish this, run:
vagrant ssh swift
How to do it…
To configure the OpenStack Object Storage proxy server, we simply create the /etc/swift/proxy-server.conf file, with the following contents:
[DEFAULT] bind_port = 8080 user = swift
swift_dir = /etc/swift
# Order of execution of modules defined below
pipeline = catch_errors healthcheck cache authtoken keystone proxy-server
[app:proxy-server] use = egg:swift#proxy
allow_account_management = true account_autocreate = true
set log_name = swift-proxy set log_facility = LOG_LOCAL0 set log_level = INFO
set access_log_name = swift-proxy set access_log_facility = SYSLOG set access_log_level = INFO
set log_headers = True
use = egg:swift#healthcheck
use = egg:swift#catch_errors
use = egg:swift#memcache set log_name = cache
[filter:authtoken] paste.filter_factory =
keystoneclient.middleware.auth_token:filter_factory auth_protocol = http
auth_host = 172.16.0.200 auth_port = 35357 auth_token = ADMIN service_protocol = http service_host = 172.16.0.200 service_port = 5000
admin_token = ADMIN admin_tenant_name = service admin_user = swift admin_password = openstack delay_auth_decision = 0
signing_dir = /tmp/keystone-signing-swift
use = egg:swift#keystoneauth operator_roles = admin, swift operator
How it works…
The contents of the proxy-server.conf file defines how the OpenStack Object Storage proxy server is configured.
For our purposes, we will run our proxy on port 8080, as the user swift, and it will log to SYSLOG, using the log level of LOCAL1 (this allows us to filter against these messages).
We configure our swift proxy server health check behavior to handle caching (by use of memcached) and TempAuth (local authentication meaning our proxy server will handle basic authentication).
The [filter:authtoken] and [filter:keystone] sections connect our OpenStack Object Storage proxy to our Controller virtual machine.
The endpoint_ URL option is useful when there is a requirement for a specific URL to be returned which differs from the default. This is used in scenarios where the endpoint URL comes back on an address that is inaccessible on the network or you want to present this differently to the end user to fit your network.
Enroll for Instructor Led Live OpenStack Training