Incorporate Swauth into Swift
Swauth was started as a separate project https:/
Blueprint information
- Status:
- Complete
- Approver:
- Rick Clark
- Priority:
- Low
- Drafter:
- gholt
- Direction:
- Needs approval
- Assignee:
- gholt
- Definition:
- Approved
- Series goal:
- Accepted for 1.2
- Implementation:
- Implemented
- Milestone target:
- 1.2.0
- Started by
- Thierry Carrez
- Completed by
- Thierry Carrez
Whiteboard
Incorporated Swauth into Swift as an optional DevAuth replacement. Swauth was created to fulfill the use case of DevAuth (already in the swift project). It was mainly created to fill in DevAuth's main shortcoming: scalability.
The best place to start looking at this is to build the docs and read doc/build/
New things:
- Scalable. As scalable as Swift itself. web+scale2.0
- List accounts.
- List users.
- List groups.
- Delete accounts.
- Delete users.
- Update account service end points.
- Update users.
- Preliminary support for multiple clusters and services under one auth.
To switch to Swauth from DevAuth on an SAIO:
$ resetswift
$ mv /etc/swift/
Edit /etc/swift/
Change 'auth' in your pipeline to 'swauth'
Add the following section:
use = egg:swift#swauth
Edit ~/bin/startmain and comment out 'swift-init auth-server start'
Edit ~/bin/startrest and comment out
Create ~/bin/recreatea
#!/bin/bash
# Replace swauthkey with whatever your super_admin_key is
# (recorded in /etc/swift/
swauth-prep -K swauthkey
swauth-add-user -K swauthkey -a test tester testing
swauth-add-user -K swauthkey -a test2 tester2 testing2
swauth-add-user -K swauthkey test tester3 testing3
swauth-add-user -K swauthkey -a -r reseller reseller reseller
Edit /etc/swift/
Change auth_port to 8080
Add 'auth_prefix = /auth/'
$ startmain
$ recreateaccounts
$ ./.functests
$ ./.probetests
If you just really, really have to have your exact accounts from your old auth.db, you can use the swift-auth-
Work Items
Dependency tree
* Blueprints in grey have been implemented.