...
This document lays out the integration of the OpenStack Swift Object Store into as an object store service made available through the CloudStack UI. This integration allows CloudStack users to authenticate against Swift using their CloudStack credentials as well as using Single Sign On with the CloudStack users.exposing a UI in CloudStack for users to manage their the documents in Swift.
A key enabling component for this integration is a Swift Auth middleware that I wrote called 'mauth'. This middleware currently supports CloudStack by default, but it is also extensible and open source.
To get thing started I will show a curl example using mauth to authenticate a CloudStack user.
In this example, http://127.0.0.1:8080/v1.0 is pointing at the Swift cluster.
The $username and $apikey reflect the CloudStack user and his api key respectively.
Request for authentication curl -v -H "X-Auth-User: $username" -H "X-Auth-Key: $apikey" http://127.0.0.1:8080/v1.0 returns: $auth_token and $swift_storage_url Request container list curl -v -X GET -H "X-Auth-Token: $auth_token" $swift_storage_url
In this example, the user requests authentication and they are given back a token and their storage url for where their objects are stored. They can then use that token and url for subsequent requests.
A UI for Object Store is added to CloudStack in the left hand services menu. When a user clicks on the Object Store menu option, they are authenticated with the Swift backend (assuming they have api keys generated, if they don't, it will notify them that they need to generate an api key to use the service). Once authenticated, the user's containers and objects are listed in the main area using the treeView mechanism. Selecting a container or object gives details about it as well as shows actions that can be taken on it.
There are a few challenges with this integration. I will give a basic overview of the components in play and touch on some of the reasons for the decisions, but more detail will be added later in the document.
...