我正在尝试使用Bluemix Object Storage来存储一些用户内容(图像)。 它运行Openstack Swift。
根据bluemix guide,它在绑定上下文中的unbound context或Keystone v3中支持Keystone V2身份验证。 由于我的主应用程序不在同一个Bluemix环境中,我更喜欢使用未绑定,但也可以通过虚拟应用程序使用绑定。
根据Fog gem和雾源代码的一些发行说明,支持两种auth方法。我正在使用Fog 1.31.0。
使用未绑定方法,我在创建Bluemix服务后获得以下凭据。出于隐私原因,所有值都略有变化。
{
"credentials": {
"auth_url": "https://identity.open.softlayer.com",
"project": "object_storage_af31119c",
"projectId": "82e592b46bb84232370f9657fec2b576",
"region": "dallas",
"userId": "02faa40ff3f342faaafdty1a75bd901a",
"username": "user_28uigjab0a2ef799eb5280c786a2ff503c978aaf",
"password": "V3i~]oYU8/UMNvVm",
"domainId": "3f160e53e6114a748a34724005a458ea",
"domainName": "779543"
}
}
雾openstack文档包含this配置示例:
service = Fog::Storage.new({
:provider => 'OpenStack', # OpenStack Fog provider
:openstack_username => USERNAME, # Your OpenStack Username
:openstack_api_key => PASSWORD, # Your OpenStack Password
:openstack_auth_url => 'http://YOUR_OPENSTACK_ENDPOINT:PORT/v2.0/tokens'
})
我填写了我的凭据并使用https://identity.open.softlayer.com/v2.0/tokens作为auth_url。 这是我得到的错误:
Uncaught exception: Expected([200, 204]) <=> Actual(401 Unauthorized)
excon.error.response
:body => "{\"error\": {\"message\": \"The request you have made requires
authentication.\", \"code\": 401, \"title\": \"Unauthorized \"}}"
:headers => {
"Content-Length" => "114"
"Content-Type" => "application/json"
"Date" => "Fri, 06 Nov 2015 15:08:55 GMT"
"Server" => "Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_wsgi/3.4 Python/2.7.5"
"Vary" => "X-Auth-Token"
"WWW-Authenticate" => "Keystone uri=\"https://identity.open.softlayer.com\""
"x-openstack-request-id" => "req-2f68188e-2a9e-45ad-ae18-289ac88b78ae" }
:local_address => "10.0.2.15"
:local_port => 59407
:reason_phrase => "Unauthorized"
:remote_ip => "198.23.119.11"
:status => 401
:status_line => "HTTP/1.1 401 Unauthorized\r\n"
/home/startupdeltadev/.rbenv/versions/1.9.3-p551/lib/ruby/gems/1.9.1/gems/excon-0.45.3/lib/excon/middlewares/expects.rb:10:in `response_call'
/home/startupdeltadev/.rbenv/versions/1.9.3-p551/lib/ruby/gems/1.9.1/gems/excon-0.45.3/lib/excon/middlewares/response_parser.rb:8:in `response_call'
/home/startupdeltadev/.rbenv/versions/1.9.3-p551/lib/ruby/gems/1.9.1/gems/excon-0.45.3/lib/excon/connection.rb:372:in `response'
/home/startupdeltadev/.rbenv/versions/1.9.3-p551/lib/ruby/gems/1.9.1/gems/excon-0.45.3/lib/excon/connection.rb:236:in `request'
/home/startupdeltadev/.rbenv/versions/1.9.3-p551/lib/ruby/gems/1.9.1/gems/fog-core-1.31.1/lib/fog/core/connection.rb:81:in `request'
/home/startupdeltadev/.rbenv/versions/1.9.3-p551/lib/ruby/gems/1.9.1/gems/fog-1.31.0/lib/fog/openstack/core.rb:331:in `retrieve_tokens_v2'
显然,我的凭据未正确发送。任何提示?
答案 0 :(得分:0)
您的Openstack用户属于'779543'域。 Identity(Keystone)v3 API支持域。关于如何使用Keystone v3和Fog,我找不到任何好的例子。
答案 1 :(得分:0)
OpenStack Identity(Keystone)v2
v2令牌请求是对POST的请求 https://identity.open.softlayer.com/v2.0/tokens如图所示 跟随curl命令:
curl -i \
-H "Content-Type: application/json" \
-d '
{
"auth": {
"tenantId": "0f47b41b06d047f9aae3b33f1db061ed",
"passwordCredentials": {
"userId": "ad78b2a3f843466988afd077731c61fc",
"password": "K/jyIi2jR=1?D.TP "
}
}
}' \
https://identity.open.softlayer.com/v2.0/tokens ; echo
注意:OpenStack标识中未记录此请求方法 v2网站。 您不能使用tenantName和用户名。
Fog :: OpenStack(和许多其他库)使用用户名而不是 userId
您应该以这种方式使用 OpenStack Identity(Keystone)v3 :
storage = Fog::OpenStack.new({
:provider => 'OpenStack',
:openstack_auth_url => credentials['auth_url'],
:openstack_api_key => credentials['password'],
:openstack_project_id => credentials['projectId'],
:openstack_username => credentials['username'],
:openstack_domain_name => credentials['domainName'],#required if you use :openstack_username (otherwise set :openstack_userid)
:openstack_region => credentials['region']
})