Versions Compared

Old Version 5

changes.mady.by.user Will Stevens

Saved on

compared with

New Version 6

changes.mady.by.user Will Stevens

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Because the object storage data is often large and very network intensive, we do not want the data to actually flow through the CloudStack box as it would introduce a huge bottleneck.  Because of this, there is no Java component of this implementation on CloudStack.  Instead, the traffic is routed to Swift or CloudStack based on the url structure by a load balancer which sits in front of the two services.  The technology used for load balancing (and ssl termination) is not important, but to illustrate the concept, I used HAproxy and Pound for these tasks.

 

 

References

  • mauth - An extensible middleware for OpenStack Swift which enables Swift to authenticate CloudStack users.  (Developed by Will Stevens @ CloudOps)

...

  • 'Object Store' added to the main services menu on the left
  • User can List all containers and objects in their Swift account
  • User can Add/Delete Swift Containers
    • Supports cascade delete, so it will first delete all the objects in the container
  • User can Add/Delete Swift Objects
  • User can Add/Delete Folders in containers to group objects (unique to this implementation)
    • Supports cascade delete of folders, so it will first delete all the objects in the folder
  • User can create containers as Public or Private
    • Public - Each object in the container can be accessed without needing authentication
    • Private - Each object in the container requires the user to authenticate to access it
  • User can modify the Public/Private setting for existing containers
  • A public URL is shown in the details for each object in a public container
  • Supports sharing a Swift account with all users in a specific CS account (global setting)
  • Supports giving each user in a CS account their own Swift account (global setting)


  • When a user logs in, a change had to be made to add the 'api key' to the CS user object in the browser
  • The load balancer exposes the URL that is used by both CloudStack and Swift calls
  • All Swift calls are done using AJAX and the load balancer handles routing the calls to Swift
  • Swift uses the HTTP PUT verb and browsers do not support the PUT verb, so the client sends the requests as POST and the LB translates to PUT
    • This means that the current implementation does not support any of the Swift API calls that require POST
    • More details on this can be found in the HAproxy config attached at the end of this document
  • This functionality requires the 'mauth' middleware to be installed on Swift
  • TODO - A global variable needs to be added to CS to enable/disable the Object Store functionality
  • TODO - Clean up the couple places where text is not translatable
  • TODO - Find a cleaner solution when someone tries to download a folder or container (maybe I should just hide download of those)
  • TODO - Make the public URL for a public object clickable (just text right now)
  • TODO - Reflect the full object path in the breadcrumb when an object is in detail view
  • TODO - Remember what containers and folders were open and reopen them after a new container is added (enhancement)
  • TODO - When a container or folder is clicked, expand/collapse it rather than forcing the arrow to be clicked (CS treeView enhancement)


  • put a summary or a brief description of the feature in question 
  • list what is deliberately not supported or what the feature will not offer - to clear any prospective ambiguities
  • list all open items or unresolved issues the developer is unable to decide about without further discussion
  • quality risks (test guidelines)
    • functional
    • non functional: performance, scalability, stability, overload scenarios, etc
    • corner cases and boundary conditions
    • negative usage scenarios
  • specify supportability characteristics:
    • what new logging (or at least the important one) is introduced
    • how to debug and troubleshoot
    • what are the audit events 
    • list JMX interfaces
    • graceful failure and recovery scenarios
    • possible fallback or work around route if feature does not work as expected, if those workarounds do exist ofcourse.
    • if feature depends other run-time environment related requirements, provide sanity check list for support people to run
  • explain configuration characteristics:
    • configuration parameters or files introduced/changed
    • branding parameters or files introduced/changed
    • highlight parameters for performance tweaking
    • highlight how installation/upgrade scenarios change
  • deployment requirements (fresh install vs. upgrade) if any
  • system requirements: memory, CPU, desk space, etc
  • interoperability and compatibility requirements:
    • OS
    • xenserver, hypervisors
    • storage, networks, other
  • list localization and internationalization specifications 
  • explain the impact and possible upgrade/migration solution introduced by the feature 
  • explain performance & scalability implications when feature is used from small scale to large scale
  • explain security specifications
    • list your evaluation of possible security attacks against the feature and the answers in your design* *
  • explain marketing specifications
  • explain levels or types of users communities of this feature (e.g. admin, user, etc)

...