@@ -30,12 +30,13 @@ $BIN_DIR/keystone-manage $* role grant KeystoneServiceAdmin admin

 $BIN_DIR/keystone-manage $* service add nova compute "Nova Compute Service"

 $BIN_DIR/keystone-manage $* service add glance image "Glance Image Service"

 $BIN_DIR/keystone-manage $* service add keystone identity "Keystone Identity Service"

+$BIN_DIR/keystone-manage $* service add swift object-store "Swift Service"

 #endpointTemplates

 $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id%  http://%HOST_IP%:8774/v1.1/%tenant_id% 1 1

 $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne glance http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% 1 1

 $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://%HOST_IP%:5000/v2.0 http://%HOST_IP%:35357/v2.0 http://%HOST_IP%:5000/v2.0 1 1

-# $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%HOST_IP%:8080/v1/AUTH_%tenant_id% http://%HOST_IP%:8080/ http://%HOST_IP%:8080/v1/AUTH_%tenant_id% 1 1

+$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%HOST_IP%:8080/v1/AUTH_%tenant_id% http://%HOST_IP%:8080/ http://%HOST_IP%:8080/v1/AUTH_%tenant_id% 1 1

 # Tokens

 $BIN_DIR/keystone-manage $* token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00

@@ -4,13 +4,18 @@ user = stack

 log_facility = LOG_LOCAL1

 [pipeline:main]

-pipeline = healthcheck cache tempauth proxy-server

+pipeline = healthcheck cache %AUTH_SERVER% proxy-server

 [app:proxy-server]

 use = egg:swift#proxy

 allow_account_management = true

 account_autocreate = true

+[filter:keystone]

+use = egg:swiftkeystone2#keystone2

+keystone_admin_token = %SERVICE_TOKEN%

+keystone_url = http://localhost:35357/v2.0

+

 [filter:tempauth]

 use = egg:swift#tempauth

 user_admin_admin = admin .admin .reseller_admin

@@ -151,6 +151,7 @@ NOVACLIENT_DIR=$DEST/python-novaclient

 OPENSTACKX_DIR=$DEST/openstackx

 NOVNC_DIR=$DEST/noVNC

 SWIFT_DIR=$DEST/swift

+SWIFT_KEYSTONE_DIR=$DEST/swift-keystone2

 # Specify which services to launch.  These generally correspond to screen tabs

 ENABLED_SERVICES=${ENABLED_SERVICES:-g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,horizon,mysql,rabbit,swift}

@@ -363,6 +364,8 @@ function git_clone {

 git_clone $NOVA_REPO $NOVA_DIR $NOVA_BRANCH

 # storage service

 git_clone $SWIFT_REPO $SWIFT_DIR $SWIFT_BRANCH

+# swift + keystone middleware

+git_clone $SWIFT_KEYSTONE_REPO $SWIFT_KEYSTONE_DIR $SWIFT_KEYSTONE_BRANCH

 # image catalog service

 git_clone $GLANCE_REPO $GLANCE_DIR $GLANCE_BRANCH

 # unified auth system (manages accounts/tokens)

@@ -385,6 +388,7 @@ git_clone $OPENSTACKX_REPO $OPENSTACKX_DIR $OPENSTACKX_BRANCH

 # allowing ``import nova`` or ``import glance.client``

 cd $KEYSTONE_DIR; sudo python setup.py develop

 cd $SWIFT_DIR; sudo python setup.py develop

+cd $SWIFT_KEYSTONE_DIR; sudo python setup.py develop

 cd $GLANCE_DIR; sudo python setup.py develop

 cd $NOVACLIENT_DIR; sudo python setup.py develop

 cd $NOVA_DIR; sudo python setup.py develop

@@ -648,9 +652,18 @@ EOF

    # Add rsync file

    sed -e "s,%SWIFT_LOCATION%,$SWIFT_LOCATION," $FILES/swift-rsyncd.conf | sudo tee /etc/rsyncd.conf

    sudo sed -i '/^RSYNC_ENABLE=false/ { s/false/true/ }' /etc/default/rsync

-   

-   # Copy proxy-server configuration

-   cp $FILES/swift-proxy-server.conf /etc/swift/proxy-server.conf

+

+   if [[ "$ENABLED_SERVICES" =~ "key" ]]; then

+       swift_auth_server=keystone

+       # Temporary until we get this integrated in swift.

+       sudo curl -s -o/usr/local/bin/swift \

+           'https://review.openstack.org/gitweb?p=openstack/swift.git;a=blob_plain;f=bin/swift;hb=48bfda6e2fdf3886c98bd15649887d54b9a2574e'

+   else

+       swift_auth_server=tempauth

+   fi

+

+   sed "s/%SERVICE_TOKEN%/${SERVICE_TOKEN}/;s/%AUTH_SERVER%/${swift_auth_server}/" \

+       $FILES/swift-proxy-server.conf|sudo tee  /etc/swift/proxy-server.conf

    # Generate swift.conf, we need to have the swift-hash being random

    # and unique.

@@ -664,6 +677,8 @@ EOF

        local server_type=$1

        local bind_port=$2

        local log_facility=$3

+       local node_number

+       

        for node_number in {1..4};do

            node_path=${SWIFT_LOCATION}/${node_number}

            sed -e "s,%NODE_PATH%,${node_path},;s,%BIND_PORT%,${bind_port},;s,%LOG_FACILITY%,${log_facility}," \

@@ -693,8 +708,7 @@ EOF

    # This should work (tempauth)

    # swift -A http://127.0.0.1:8080/auth/v1.0 -U test:tester -K testing stat

-   unset s swift_hasH

-   

+   unset s swift_hash swift_auth_server tmpd

 fi

 # Volume Service

@@ -976,6 +990,10 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then

     echo "examples on using novaclient command line is in exercise.sh"

     echo "the default users are: admin and demo"

     echo "the password: $ADMIN_PASSWORD"

+    if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then

+        echo "Swift: swift --auth-version 2 -A http://${HOST_IP}:5000/v2.0 -U admin:admin -K $ADMIN_PASSWORD stat"

+    fi

+

 fi

 # indicate how long this took to run (bash maintained variable 'SECONDS')

@@ -6,6 +6,10 @@ NOVA_BRANCH=diablo

 SWIFT_REPO=https://github.com/openstack/swift.git

 SWIFT_BRANCH=1.4.3

+# swift and keystone integration

+SWIFT_KEYSTONE_REPO=https://github.com/cloudbuilders/swift-keystone2.git

+SWIFT_KEYSTONE_BRANCH=master

+

 # image catalog service

 GLANCE_REPO=https://github.com/cloudbuilders/glance.git

 GLANCE_BRANCH=diablo