Created
October 31, 2014 13:37
-
-
Save exit99/f2170432884927a24ebc to your computer and use it in GitHub Desktop.
How to use the python swift client.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Create a new user with permissions | |
1. Get the `super_admin_key` from `/etc/swift/proxy-server.conf` | |
2. Make sure your admin is working: | |
:::bash | |
swift -A https://<url>:8080/auth/v1.0 -U ADMIN_ACCOUNT:ADMIN_USER -K ADMIN_PASSWORD stat -v --insecure | |
3. Create user | |
:::bash | |
swauth-add-user -A https://<url>:8080/auth/ -K SUPERADMINKEY ACCOUNT USER PASSWORD | |
(ACCOUNT should probably match the ADMIN_ACCOUNT. As the USER is in the ADMIN_ACOUNT just with different permissions) | |
4. Check the user was created: Do #2 with the new ACCOUNT USER & PASSWORD | |
*Note: Be sure not to accidently do `-a`. This gives admin privledges.* | |
5. Create a container using the [python-swiftclient](https://pypi.python.org/pypi/python-swiftclient) | |
6. Update the container's permissionsm (Add ACLs) | |
:::bash | |
swift -A https://<url>:8080/auth/v1.0 -U ADMIN_ACCOUNT:ADMIN_USER -K ADMIN_PASSWORD -v --insecure post -r 'ACCOUNT:USER' CONTAINER_NAME | |
`-w` for write, `-r` for read | |
7. Verify Permissions (ACLs) | |
:::bash | |
$ swift -A https://<url>:8080/auth/v1.0 -U ADMIN_ACCOUNT:ADMIN_USER -K ADMIN_PASSWORD -v --insecure stat CONTAINER_NAME | |
... [other output here] ... | |
Read ACL: ACCOUNT:USER | |
... | |
# Deleting stuff | |
```bash | |
$ swift -A https://<url>:8080/auth/v1.0 -U ADMIN_ACCOUNT:ADMIN_USER -K ADMIN_PASSWORD -v --insecure delete [CONTAINER_NAME, OBJECT_NAME, ETC] | |
$ swauth-delete-user -A https://<url>:8080/auth/ -U ADMIN_ACCOUNT:ADMIN_USER -K ADMIN_PASSWORD ACCOUNT USER | |
``` | |
# Adding permissions via python-swiftclient: | |
```python | |
CONNECTION_OBJECT.put_container('CONTAINERNAME', headers={'X-Container-Read':'ACCOUNT:USER'}) | |
``` | |
Or `X-Container-Write` |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment