Rclone for openstack swift v3

MrCalv1n · January 10, 2024, 9:04am

Hi,

I'm having some issues trying to use Openstack swift for v3.

This is the HTTP request currently made by rclone (I'm only including the relevant part):

POST /auth/tokens HTTP/1.1
...

{
  "auth": {
    "identity": {
      "methods": [
        "password"
      ],
      "password": {
        "user": {
          "name": "admin",
          "password": "devstacker"
        }
      }
    },
    "scope": {
      "project": {
        "name": "storage",
        "domain": {
          "name": "Default"
        }
      }
    }
  }
}

and this is the HTTP request currently accepted by a V3 API endpoint using Openstack (I'm only including the relevant part):

POST /v3/auth/tokens HTTP/1.1
...

{
    "auth": {
        "identity": {
            "methods": [
                "password"
            ],
            "password": {
                "user": {
                    "name": "admin",
                    "domain": {
                        "name": "Default"
                    },
                    "password": "devstacker"
                }
            }
        }
    }
}

(taken from: here)

I don't follow the development of Openstack and I don't know if this is an isolated case and if for other storage services the current structure works, however, I would like to draw your attention to this fact, since it may be necessary to update the way swift makes requests for v3.

There may also be a way to define these changes in the rclone configuration, but I confess I'm not aware of it.

I opened an issue on GitHub here but I have decided to post here anyway as this is a suitable place for discussion.

Thank you in advance.

ncw · January 10, 2024, 9:27am

Can you post the things I asked for in the issue here and close the issue - thanks!

MrCalv1n · January 10, 2024, 10:13am

Hi @ncw,

Thank you for your reply.

Not sure whether this is relevant providing the storage service but I'm using Blomp in this case. The configuration shown below was already presented in previous discussions, here in the forum.

[blomp]
type = swift
env_auth = false
user = XXX
key = XXX
auth = https://authenticate.blomp.com
tenant = XXX
auth_version = 3
endpoint_type = public

This was working until recently but it seems they moved to V3 and closed V2. The only thing I changed was the auth_version. Then I noticed that the HTTP request is not quite what the endpoint expects, but it works the one presented in the Openstack documentation.

I'm bringing this topic here because maybe this is something that needs to be modified to work for different swift v3 endpoints.

Thanks.

ncw · January 11, 2024, 10:00am

I can't find any blomp docs about the v3 auth - can you?

You can put domain = Default in the config and you'll get something which looks very much like your openstack example, but I'm not sure what the domain value should be for blomp. I have tenant = storage, I tried domain = Default and domain = storage neither of which worked.

ncw · January 11, 2024, 10:07am

Actually I just noticed if you use

auth = https://authenticate.ain.net

Then it works with auth_version = 2

ncw · January 11, 2024, 10:07am

So I'd guess this is probably a bug / misconfig that you should report.

MrCalv1n · January 11, 2024, 11:33am

Thanks @ncw,

I will check that but making the changes I've indicated also works.

They don't have much information (documentation) about how to use their API endpoints. I ended up arriving at those results by trial and error and by consulting the OpenStack documentation for v3 (here).

I just pointed this out because it seems that the structure of the rclone requests for openstack V3 looks different from what is in their documentation, and this makes all the difference, at least in Blomp's case, so if it also makes a difference for other storage services that use OpenStack V3, I think it's worth a review of the request structure for v3.

BR.

MrCalv1n · January 11, 2024, 11:38am

Actually I just noticed if you use
auth = https://authenticate.ain.net
Then it works with auth_version = 2

I can confirm this works too.

ncw · January 12, 2024, 9:14am

What changes were those? When I try this it does not work.

[blomp-swift]
type = swift
user = XXX
key = XXX
auth = https://authenticate.blomp.com
tenant = storage
auth_version = 3
no_chunk = true

What are you using?

MrCalv1n · January 12, 2024, 1:38pm

Hi @ncw,

I was talking about changing the structure of the HTTP request (please see the first message).

If you change the structure (don't forget the /v3/ on the endpoint), keeping the settings you just said it will also work.

BR,
André

system · February 11, 2024, 1:39pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.