It seems that something is confusing the authentication.
My setup has the Swift proxy and the Keystone authentication service
on different servers.
Now i have this error:
$ amlabel DailySet1 DailySet1-1 slot 1
Reading label...
Error reading volume label: s3_open2 failed: This server could not
verify that you are authorized to access the document you requested.
Either you supplied the wrong credentials (e.g., bad password), or
your browser does not understand how to supply the credentials
required.
Authentication required (Unauthorized) (HTTP 401)
Not writing label.
amanda.conf is:
org DailySet1
infofile /srv/amanda/state/curinfo
logdir /srv/amanda/state/log
indexdir /srv/amanda/state/index
dumpuser amandabackup
mailto
define tapetype S3 {
comment S3 Bucket
length 100 gigabytes # Bucket size
}
device_property S3_SUBDOMAIN no
device_property S3_SSL ON#
Curl needs to have S3 Certification Authority (Verisign today)
# in its CA list. If connection fails, try setting this no NO
device_property S3_STORAGE_CLASS STANDARD
device-property SSL_CA_INFO /etc/amanda/.ca-bundle
device-property S3_HOST swift-proxy-url:443
device-property VERBOSE YES
device-property S3_SERVICE_PATH /v2.0/tokens
device-property LEOM on
device-property STORAGE_API SWIFT-2.0
device-property USERNAME amanda
device-property PASSWORD xxx
device-property TENANT_NAME x
device-property TENANT_ID x
tpchanger
chg-multi:s3:xx-backups/DailySet1/slot-{01,02,03,04,05,06,07,08,09,10}
# Number of tapes in your tapecycle
changerfile s3-statefile
# Amanda will create this file
tapetype S3
define dumptype simple-gnutar-remote {
auth ssh
ssh_keys /etc/amanda/MyConfig/ssh-key
compress none
program GNUTAR
}
holdingdisk hd1 {
directory /srv/amanda/holding
use 200 gbytes
chunksize 1 mbyte
}
log now has this:
# cat amlabel.20130620111031.debug
Thu Jun 20 11:10:31 2013: thd-0x1da6200: amlabel: pid 10078 ruid 63998
euid 63998 version 3.3.3: start at Thu Jun 20 11:10:31 2013
Thu Jun 20 11:10:31 2013: thd-0x1da6200: amlabel: Arguments: DailySet1
DailySet1-1 slot 1
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: pid 10078 ruid 63998
euid 63998 version 3.3.3: rename at Thu Jun 20 11:10:32 2013
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: Using state file:
/etc/amanda/DailySet1/s3-statefile
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: S3 driver using
bucket 'x-backups', prefix 'DailySet1/slot-01'
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: Create 1 threads
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: About to connect()
to swift-proxy-url port 443 (#0)
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: Trying
xx.xx.xx.xx...
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: connected
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: successfully set
certificate verify locations:
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: CAfile:
/etc/amanda/x.ca-bundle
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: CApath:
/etc/ssl/certs
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: SSLv3, TLS
handshake, Client hello (1):
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: SSLv3, TLS
handshake, Server hello (2):
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: SSLv3, TLS
handshake, CERT (11):
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: SSLv3, TLS
handshake, Server key exchange (12):
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: SSLv3, TLS
handshake, Server finished (14):
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: SSLv3, TLS
handshake, Client key exchange (16):
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: SSLv3, TLS change
cipher, Client hello (1):
Thu Jun 20 11:10:32 2013: thd-0x1da6200: amlabel: SSLv3, TLS
handshake, Finished (20):
Thu Jun 20 11:10:33 2013: thd-0x1da6200: amlabel: SSLv3, TLS change
cipher, Client hello (1):
Thu Jun 20 11:10:33 2013: thd-0x1da6200: amlabel: SSLv3, TLS
handshake, Finished (20):
Thu Jun 20 11:10:33 2013: thd-0x1da6200: amlabel: SSL connection using
DHE-RSA-AES256-SHA
Thu Jun 20 11:10:33 2013: thd-0x1da6200: amlabel: Server certificate:
Thu Jun 20 11:10:33 2013: thd-0x1da6200: amlabel:subject:
OU=Domain Control Validated; OU=EssentialSSL Wildcard;
CN=*.xxx.com
Thu Jun 20 11:10:33 2013: thd-0x1da6200: amlabel:start date:
2013-05-08 00:00:00 GMT
Thu Jun 20 11:10:33 2013: thd-0x1da6200: amlabel:expire date:
2015-05-08 23:59:59 GMT
Thu Jun 20 11:10:33 2013: thd-0x1da6200: amlabel:
subjectAltName: xxx..com matched
Thu Jun 20 11:10:33 2013: thd-0x1da6200: amlabel:issuer: C=GB;
ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=EssentialSSL
CA
Thu Jun 20 11:10:33 2013: thd-0x1da6200: amlabel:SSL
certificate verify ok.
Thu Jun 20 11:10:33 2013: thd-0x1da6200: amlabel: Hdr Out: POST
/v2.0/tokens