openstack/swift - swift - OpenDev: Free Software Needs Free Tools

- Add two optional flags that let you limit swift-dispersion-report to only
reporting on containers OR objects.
- Also make dispersion.conf and swift-dispersion-report manpages
 current.
DocImpact
Change-Id: Iad56133cad261241db27d0e2103098e3c2f3c245

Currently the timeout for a wsgi server successfully binding to a port
and for a probetest background service to finish starting are hard coded
to 30 seconds. While a reasonable default for most configurations, a
small virtualized environment may need a little more time in order for
probe tests to complete successfully.
This patch adds a 'bind_timeout' option to the DEFAULT section of the
main wsgi servers' config. Also a new [probe_test] section and
'check_server_timeout' option to test.conf
DocImpact
Change-Id: Ibcaff153c7633bbf32e460fd9dbf04932eddb56f

A deployer may want to remove a Swift node from a load balancer for
maintenance or upgrade. This patch provides an optional mechanism for
this. The healthcheck filter config can specify "disable_path" which is
a filesystem path. If a file is present at that location, the
healthcheck middleware returns a 503 with a body of "DISABLED BY FILE".
So a deployer can configure "disable_path" and then touch that
filesystem path, wait for the proxy to be removed from the load balancer
pool, perform maintenance/upgrade, and then remove the "disable_path"
file.
Also cleaned up the conf file man pages a bit.
Change-Id: I1759c78c74910a54c720f298d4d8e6fa57a4dab4

Change-Id: I5fe38f28896d086e56ba9e718b02227d87dd4a2d
Signed-off-by: Peter Portante <peter.portante@redhat.com>

E.g. if HOME is not set, swift-proxy will create the
keystone_signing file not in HOME but in /root.
This is because the swift user doesn't have a shell
in /etc/passwd and so it doesn't set environment variables
when impersonating.
Change-Id: I3013007e0dadf6ddccc176e142b7c78c5d63a351

The container and account servers should respond with 406 if the Accept header
isn't satisfiable. This behavior is defined in RFC 2616 section 14.1.
Change-Id: I8a67ccafe33dc70ef4f7794686a54fbc8581f4dc

Change-Id: I7cfe77b3f03172814814f2e2bae04a3ae184efb0

It was discovered that uploading items with ? in their names (encoded
with %3F of course) made Swob fail in that it trimmed off everything
after the ? as if it were a query string.
Change-Id: Ie686db9a2177aafad2e77c307ffc3f446646fbb5

When showing the disk usage dispersion graph it is often useful to
know what those top full drives are so you can do further research.
Now you can run 'swift-recon -d --top 10' to list the top ten devices
by fullness after the usual dispersion graph.
Change-Id: I7ddb2141e55e0613f69750fabe544940192c2d48

Updates the proxy-server.conf-sample and docs to use
the new Keystoneclient middleware class name.
Change-Id: I3727f7b7328a2513347b8ef257c270126df36d7b

path_info_pop didn't behave as the webob one did with single segment
paths like /one and with root-only paths /
Now it should.
Change-Id: Ib88344de386ab9e8975e7f48c1afc47731992ee2

Change-Id: I720a0e0e886d25eec52556e8ce93bf9c49f6b452

Change-Id: I824ba5f231e252b923abc895f757137855a93d3a

This required a bunch of whitespace-poking of the scripts in bin, but
that's all. Now every file in swift/ and bin/ is pep8-1.3.3-compliant,
so hopefully we can be done with this pep8 stuff for a good long time.
Change-Id: I44fdb41d219c57400a4c396ab7eb0ffa9dcd8db8

Two improvements: first, document that the container-sync process
connects to the remote cluster's proxy server, so outbound
connectivity is required.
Second, rewrite the behind-the-scenes container-sync example and add
some ASCII-art diagrams.
Fixes bug 1068430.
Bonus fix of docstring in wsgi.py to squelch a sphinx warning.
Change-Id: I85bd56c2bd14431e13f7c57a43852777f14014fb

If the CONTRIBUTING[.md] file exists, Github will show a link to it to
anyone who files an issue on Github or opens a pull request on
Github. We don't want people to do that, so this file points people at
the OpenStack wiki page with instructions on how to contribute
properly. This should cut down on the number of pull requests and
Github issues that we then have to spend our valuable time ignoring.
See also <https://github.com/blog/1184-contributing-guidelines>.
Change-Id: Icd23b65c642c5ae748ca1f7f397e2c8d63173492

Change-Id: Ieef65f05e66b12347752c0e02648858e3242d8e7

Change-Id: I2ae277b6f435f56549560684697486b56d24d46d

Change-Id: I1ed6afe4336c238044174c93ae1e0078fbcef971

Change-Id: I0466fd2a462e94e5a1e0f88adf901de9f5ac131d

Bug 1079439
Change-Id: I1985a7176f34931ecb0f24c0289f18df5e934598

The determination of the client IP looked at the X-Cluster-Client-Ip
and X-Forwarded-For headers in the incoming HTTP request. This is
trivially spoofable by a malicious client, so there's no security
gained by having the check there.
Worse, having the check there provides a false sense of security to
cluster operators. It sounds like it's based on the client IP, so an
attacker would have to do IP spoofing to defeat it. However, it's
really just a shared secret, and there's already a secret key set
up. Basically, it looks like 2-factor auth (IP+key), but it's really
1-factor (key).
Now, the one case where this might provide some security is where the
Swift cluster is behind an external load balancer that strips off the
X-Cluster-Client-Ip and X-Forwarded-For headers and substitutes its
own. I don't think it's worth the tradeoff, hence this commit.
Fixes bug 1068420 for very small values of "fixes".
DocImpact
Change-Id: I2bef64c2e1e4df8a612a5531a35721202deb6964

When responding to a GET request for a manifest, it was intended that
the proxy server lazily fetch the pieces of the container
listing. That way, a single client request doesn't immediately turn
into a bunch of requests to backends. The additional requests should
only get made if the client is putting in the work of receiving the
object body.
However, commit 156f27c accidentally changed this so that all the
pieces of the container listing are eagerly fetched up-front. Better
yet, if an object has more than CONTAINER_LISTING_LIMIT (default
10,000) segments, the container listing is then fetched a second time,
albeit lazily, while streaming out the response.
This commit restores the laziness and adds tests for it.
Change-Id: I49840a7059e6f999ce19199ecb10cdb77358526b

We use a delta timeout value for timeouts under 30 days (in seconds)
since that is the limit which the memcached protocols will recognize a
timeout as a delta. Greater than 30 days and it interprets it as an
absolute time in seconds since the epoch.
This helps to address an often difficult-to-debug problem of time
drift between memcache clients and the memcache servers. Prior to this
change, if a client's time drifts behind the servers, short timeouts
run the danger of not being cached at all. If a client's time drifts
ahead of the servers, short timeouts run the danger of persisting too
long. Using delta's avoids this affect. For absolute timeouts 30 days
or more in the future small time drifts between clients and servers
are inconsequential.
See also bug 1076148 (https://bugs.launchpad.net/swift/+bug/1076148).
This also fixes incr and decr to handle timeout values in the same way
timeouts are handled for set operations.
Change-Id: Ie36dbcedfe9b4db9f77ed4ea9b70ff86c5773310
Signed-off-by: Peter Portante <peter.portante@redhat.com>

Change-Id: I889c5eecf860cc947763c5d79148419f9741a2c2
Signed-off-by: Peter Portante <peter.portante@redhat.com>

The auth_token middleware has moved, updating the doc.
Change-Id: I8133b876a53d61bf94169cf08c8b1fa6bbf9681a