diff options
Diffstat (limited to 'test/functional_auth/swiftkerbauth')
9 files changed, 12 insertions, 367 deletions
diff --git a/test/functional_auth/swiftkerbauth/__init__.py b/test/functional_auth/swiftkerbauth/__init__.py deleted file mode 100644 index e69de29..0000000 --- a/test/functional_auth/swiftkerbauth/__init__.py +++ /dev/null diff --git a/test/functional_auth/swiftkerbauth/conf/account-server.conf b/test/functional_auth/swiftkerbauth/conf/account-server.conf deleted file mode 100644 index 9ad458a..0000000 --- a/test/functional_auth/swiftkerbauth/conf/account-server.conf +++ /dev/null @@ -1,36 +0,0 @@ -[DEFAULT] -# -# Default gluster mount point to be used for object store,can be changed by -# setting the following value in {account,container,object}-server.conf files. -# It is recommended to keep this value same for all the three services but can -# be kept different if environment demands. -devices = /mnt/gluster-object -# -# Once you are confident that your startup processes will always have your -# gluster volumes properly mounted *before* the account-server workers start, -# you can *consider* setting this value to "false" to reduce the per-request -# overhead it can incur. -mount_check = true -bind_port = 6012 -# -# Override swift's default behaviour for fallocate. -disable_fallocate = true -# -# One or two workers should be sufficient for almost any installation of -# Gluster. -workers = 1 - -[pipeline:main] -pipeline = account-server - -[app:account-server] -use = egg:gluster_swift#account -user = root -log_facility = LOG_LOCAL2 -log_level = WARN -# -# After ensuring things are running in a stable manner, you can turn off -# normal request logging for the account server to unclutter the log -# files. Warnings and errors will still be logged. -log_requests = off - diff --git a/test/functional_auth/swiftkerbauth/conf/container-server.conf b/test/functional_auth/swiftkerbauth/conf/container-server.conf deleted file mode 100644 index a406b4d..0000000 --- a/test/functional_auth/swiftkerbauth/conf/container-server.conf +++ /dev/null @@ -1,36 +0,0 @@ -[DEFAULT] -# -# Default gluster mount point to be used for object store,can be changed by -# setting the following value in {account,container,object}-server.conf files. -# It is recommended to keep this value same for all the three services but can -# be kept different if environment demands. -devices = /mnt/gluster-object -# -# Once you are confident that your startup processes will always have your -# gluster volumes properly mounted *before* the container-server workers -# start, you can *consider* setting this value to "false" to reduce the -# per-request overhead it can incur. -mount_check = true -bind_port = 6011 -# -# Override swift's default behaviour for fallocate. -disable_fallocate = true -# -# One or two workers should be sufficient for almost any installation of -# Gluster. -workers = 1 - -[pipeline:main] -pipeline = container-server - -[app:container-server] -use = egg:gluster_swift#container -user = root -log_facility = LOG_LOCAL2 -log_level = WARN -# -# After ensuring things are running in a stable manner, you can turn off -# normal request logging for the container server to unclutter the log -# files. Warnings and errors will still be logged. -log_requests = off - diff --git a/test/functional_auth/swiftkerbauth/conf/fs.conf b/test/functional_auth/swiftkerbauth/conf/fs.conf deleted file mode 100644 index 6d2a791..0000000 --- a/test/functional_auth/swiftkerbauth/conf/fs.conf +++ /dev/null @@ -1,13 +0,0 @@ -[DEFAULT] -# -# IP address of a node in the GlusterFS server cluster hosting the -# volumes to be served via Swift API. -mount_ip = localhost - -# Performance optimization parameter. When turned off, the filesystem will -# see a reduced number of stat calls, resulting in substantially faster -# response time for GET and HEAD container requests on containers with large -# numbers of objects, at the expense of an accurate count of combined bytes -# used by all objects in the container. For most installations "off" works -# fine. -accurate_size_in_listing = off
\ No newline at end of file diff --git a/test/functional_auth/swiftkerbauth/conf/object-server.conf b/test/functional_auth/swiftkerbauth/conf/object-server.conf deleted file mode 100644 index d10d282..0000000 --- a/test/functional_auth/swiftkerbauth/conf/object-server.conf +++ /dev/null @@ -1,51 +0,0 @@ -[DEFAULT] -# -# Default gluster mount point to be used for object store,can be changed by -# setting the following value in {account,container,object}-server.conf files. -# It is recommended to keep this value same for all the three services but can -# be kept different if environment demands. -devices = /mnt/gluster-object -# -# Once you are confident that your startup processes will always have your -# gluster volumes properly mounted *before* the object-server workers start, -# you can *consider* setting this value to "false" to reduce the per-request -# overhead it can incur. -mount_check = true -bind_port = 6010 -# -# Maximum number of clients one worker can process simultaneously (it will -# actually accept N + 1). Setting this to one (1) will only handle one request -# at a time, without accepting another request concurrently. By increasing the -# number of workers to a much higher value, one can prevent slow file system -# operations for one request from starving other requests. -max_clients = 1024 -# -# If not doing the above, setting this value initially to match the number of -# CPUs is a good starting point for determining the right value. -workers = 1 -# Override swift's default behaviour for fallocate. -disable_fallocate = true - -[pipeline:main] -pipeline = object-server - -[app:object-server] -use = egg:gluster_swift#object -user = root -log_facility = LOG_LOCAL2 -log_level = WARN -# -# For performance, after ensuring things are running in a stable manner, you -# can turn off normal request logging for the object server to reduce the -# per-request overhead and unclutter the log files. Warnings and errors will -# still be logged. -log_requests = off -# -# Adjust this value to match the stripe width of the underlying storage array -# (not the stripe element size). This will provide a reasonable starting point -# for tuning this value. -disk_chunk_size = 65536 -# -# Adjust this value match whatever is set for the disk_chunk_size initially. -# This will provide a reasonable starting point for tuning this value. -network_chunk_size = 65536 diff --git a/test/functional_auth/swiftkerbauth/conf/proxy-server.conf b/test/functional_auth/swiftkerbauth/conf/proxy-server.conf index e6f8aa1..248f87c 100644 --- a/test/functional_auth/swiftkerbauth/conf/proxy-server.conf +++ b/test/functional_auth/swiftkerbauth/conf/proxy-server.conf @@ -5,7 +5,7 @@ user = root workers = 1 [pipeline:main] -pipeline = catch_errors healthcheck proxy-logging cache proxy-logging kerbauth proxy-server +pipeline = catch_errors healthcheck proxy-logging cache tempurl proxy-logging kerbauth proxy-server [app:proxy-server] use = egg:gluster_swift#proxy @@ -48,6 +48,10 @@ object_chunk_size = 65536 # amount of memory available on the system can accommodate increased values # for object_chunk_size. put_queue_depth = 10 +# The following parameter is used by object-expirer and needs to be same +# across all conf files! +auto_create_account_prefix = gs +expiring_objects_account_name = expiring [filter:catch_errors] use = egg:swift#catch_errors @@ -59,12 +63,15 @@ access_log_level = WARN [filter:healthcheck] use = egg:swift#healthcheck -[filter:kerbauth] -use = egg:gluster_swift#kerbauth -ext_authentication_url = http://client.rhelbox.com/cgi-bin/swift-auth - [filter:cache] use = egg:swift#memcache # Update this line to contain a comma separated list of memcache servers # shared by all nodes running the proxy-server service. memcache_servers = localhost:11211 + +[filter:tempurl] +use = egg:swift#tempurl + +[filter:kerbauth] +use = egg:gluster_swift#kerbauth +ext_authentication_url = http://client.rhelbox.com/cgi-bin/swift-auth diff --git a/test/functional_auth/swiftkerbauth/conf/swift.conf b/test/functional_auth/swiftkerbauth/conf/swift.conf deleted file mode 100644 index 0d25209..0000000 --- a/test/functional_auth/swiftkerbauth/conf/swift.conf +++ /dev/null @@ -1,84 +0,0 @@ -[DEFAULT] - - -[swift-hash] -# random unique string that can never change (DO NOT LOSE) -swift_hash_path_suffix = gluster - - -# The swift-constraints section sets the basic constraints on data -# saved in the swift cluster. - -[swift-constraints] -# max_file_size is the largest "normal" object that can be saved in -# the cluster. This is also the limit on the size of each segment of -# a "large" object when using the large object manifest support. -# This value is set in bytes. Setting it to lower than 1MiB will cause -# some tests to fail. -# Default is 1 TiB = 2**30*1024 - -max_file_size = 1099511627776 - -# max_meta_name_length is the max number of bytes in the utf8 encoding -# of the name portion of a metadata header. - -#max_meta_name_length = 128 - - -# max_meta_value_length is the max number of bytes in the utf8 encoding -# of a metadata value - -#max_meta_value_length = 256 - - -# max_meta_count is the max number of metadata keys that can be stored -# on a single account, container, or object - -#max_meta_count = 90 - - -# max_meta_overall_size is the max number of bytes in the utf8 encoding -# of the metadata (keys + values) - -#max_meta_overall_size = 4096 - - -# max_object_name_length is the max number of bytes in the utf8 encoding of an -# object name: Gluster FS can handle much longer file names, but the length -# between the slashes of the URL is handled below. Remember that most web -# clients can't handle anything greater than 2048, and those that do are -# rather clumsy. - -max_object_name_length = 2048 - -# max_object_name_component_length (GlusterFS) is the max number of bytes in -# the utf8 encoding of an object name component (the part between the -# slashes); this is a limit imposed by the underlying file system (for XFS it -# is 255 bytes). - -max_object_name_component_length = 255 - -# container_listing_limit is the default (and max) number of items -# returned for a container listing request - -#container_listing_limit = 10000 - - -# account_listing_limit is the default (and max) number of items returned -# for an account listing request - -#account_listing_limit = 10000 - - -# max_account_name_length is the max number of bytes in the utf8 encoding of -# an account name: Gluster FS Filename limit (XFS limit?), must be the same -# size as max_object_name_component_length above. - -max_account_name_length = 255 - - -# max_container_name_length is the max number of bytes in the utf8 encoding -# of a container name: Gluster FS Filename limit (XFS limit?), must be the same -# size as max_object_name_component_length above. - -max_container_name_length = 255 diff --git a/test/functional_auth/swiftkerbauth/conf/test.conf b/test/functional_auth/swiftkerbauth/conf/test.conf deleted file mode 100644 index 643f2d1..0000000 --- a/test/functional_auth/swiftkerbauth/conf/test.conf +++ /dev/null @@ -1,49 +0,0 @@ -[func_test] -# Swiftkerbauth configuration -auth_host = 127.0.0.1 -auth_port = 8080 -auth_prefix = /auth/ -auth_scheme = http:// -auth_mode = passive -auth_version = 1 -domain_name = RHELBOX.COM - -#All the accounts, users & passwords to be prepared on kerberos server. -# Primary functional test account (needs admin access to the account) -# Note: Account name to be prepared on kerberos server 'AUTH_accoun' -account = test -username = tester -password = testing - -# User on a second account (needs admin access to the account) -account2 = test2 -username2 = tester2 -password2 = testing2 - -# User on same account as first, but without admin access -username3 = tester3 -password3 = testing3 - -# Default constraints if not defined here, the test runner will try -# to set them from /etc/swift/swift.conf. If that file isn't found, -# the test runner will skip tests that depend on these values. -# Note that the cluster must have "sane" values for the test suite to pass. -#max_file_size = 5368709122 -#max_meta_name_length = 128 -#max_meta_value_length = 256 -#max_meta_count = 90 -#max_meta_overall_size = 4096 -#max_object_name_length = 1024 -#container_listing_limit = 10000 -#account_listing_limit = 10000 -#max_account_name_length = 256 -#max_container_name_length = 256 -normalized_urls = True - -collate = C - -[unit_test] -fake_syslog = False - -[probe_test] -# check_server_timeout = 30 diff --git a/test/functional_auth/swiftkerbauth/test_swkrbath_active.py b/test/functional_auth/swiftkerbauth/test_swkrbath_active.py deleted file mode 100644 index 86c79ef..0000000 --- a/test/functional_auth/swiftkerbauth/test_swkrbath_active.py +++ /dev/null @@ -1,93 +0,0 @@ -#!/usr/bin/python - -# Copyright (c) 2010-2014 OpenStack Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import re -import unittest -from nose import SkipTest -import commands -import os -from test import get_config -from swift.common.bufferedhttp import http_connect_raw as http_connect - -config = get_config('func_test') - -class Utils: - @classmethod - def SwiftKerbAuthPrep(self, - user=config['username'],domain=config['domain_name'],\ - passwd=config['password']): - username = '%s@%s' % (user, domain) - return commands.getstatusoutput('kinit %s <<< %s' % (username, passwd)) - - @classmethod - def SwiftKerbAuthCleanAll(self): - return commands.getstatusoutput('kdestroy') - - -class TestSwKrbAthActive(unittest.TestCase): - def setUp(self): - #Perform kinit in active mode. - (status, output) = Utils.SwiftKerbAuthPrep() - self.assertEqual(status, 0, \ - 'swkrbauth prep failed with valid credentials'+output) - self.auth_host = config['auth_host'] - self.auth_port = int(config['auth_port']) - self.auth_prefix = config.get('auth_prefix', '/auth/') - self.auth_version = str(config.get('auth_version', '1')) - self.account_name = config['account'] - self.username = config['username'] - self.password = config['password'] - self.auth_scheme = config['auth_scheme'] - - #Prepare auth_url. e.g. http://client.rhelbox.com:8080/auth/v1.0 - if self.auth_version == "1": - self.auth_path = '%sv1.0' % (self.auth_prefix) - else: - self.auth_path = self.auth_prefix - self.auth_netloc = "%s:%d" % (self.auth_host, self.auth_port) - auth_url = self.auth_scheme + self.auth_netloc + self.auth_path - - #Obtain the X-Auth-Token from kerberos server to use it in furhter - #testing - self.auth_token = None - (status, output) = commands.getstatusoutput('curl -v -u : --negotiate\ - --location-trusted %s' % (auth_url)) - self.assertEqual(status, 0, 'Token negotiation failed:' +output) - match = re.search('X-Auth-Token: AUTH.*', output) - if match: - self.auth_token = match.group(0).split(':')[1].strip() - else: - self.fail('No X-Auth-Token found, failed') - - def tearDown(self): - Utils.SwiftKerbAuthCleanAll() - - - def _get_auth_token(self): - return {'X-Auth-Token' : self.auth_token} - - def testGetAccounts(self): - #TODO: The test case is to perform GET on the account mentioned via - #configuration file. This is a sample test case. The whole test - #suite can be enhanced further to have further complicated test cases. - path = '/v1/AUTH_%s' % (config['account']) - - headers = self._get_auth_token() - conn = http_connect(config['auth_host'], config['auth_port'], 'GET', - path, headers) - resp = conn.getresponse() - self.assertTrue(resp.status == 204) |