I am trying to find a way to use Openstack swift to cache static file for a web server such as nginx, the below are request step:
1. nginx is configured as a load balance proxy server and web server. 2. There are several swift , suppose there are 2, that is swift-A,swift-B ,swift-A is control node,and swift-B is storage node 3. client send a request to nginx for url: http://domain.com/filename.txt 4. nginx received the request and it is a cache miss, it need to fetch the content from SWIFT proxy server, 5. nginx send a request to swift proxy server for authentication, the url looks like http://swift-proxy/auth-account, account information is set in header, the response from swift proxy server contains a auth-token for that account if authentication success. 6. then nginx use this auth-token and put it in a new request header, and send the new request to the swift proxy server for the original request content, there could be a map between client request url to the swift proxy url, for example, /filename.txt --> /account/container/filename.txt, so the new request url could be http://swift-proxy/account/container/filename.txt,plus the auth-token. 7. swift proxy server response the content to nginx, then nginx cache the content and pass the response to the client. I have search for the answer on the internet, and referent this solution: https://forum.nginx.org/read.php?2,250458,250463#msg-250463 Then ,I change my nginx configuration like this: server { listen 80; server_name localhost; location / { root html; index index.html index.htm; auth_request /auth/v1.0; } location /auth/v1.0 { proxy_pass http://192.168.1.1:8080; proxy_pass_request_body off; proxy_set_header Content-Length ""; proxy_set_header X-Original-URI $request_uri; } } Port 80 is for nginx,port 8080 is for swift, both can work independently, but after I change the configuration ,use chrome browser enter:10.67. 247.21,it just not working like what I expect, swift proxy return 401 error, swift proxy logs report like this : Mar 1 20:43:48 localhost journal: proxy-logging 192.168.1.1 192.168.1.1 01/Mar/2016/20/43/48 GET /auth/v1.0 HTTP/1.0 401 - Mozilla/5.0%20%28Windows%20NT%206.1%3B%20WOW64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/28.0.1500.72%20Safari/537.36 - - 131 - txbfc24355780143568445c4ddf5d774e3 - 0.0003 - Mar 1 20:43:48 localhost journal: tempauth - 192.168.1.1 01/Mar/2016/20/43/48 GET /auth/v1.0 HTTP/1.0 401 - Mozilla/5.0%20%28Windows%20NT%206.1%3B%20WOW64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/28.0.1500.72%20Safari/537.36 - - - - txbfc24355780143568445c4ddf5d774e3 - 0.0007 I don't know does it matter if I use a chrome browser to send request to swift ,it looks like some unrecognized char are include in the request which is nginx send to swift. while I use curl command to send request, it works fine, like this : [root@localhost ~]# curl -v -H 'X-Storage-User: service:swift' -H 'X-Storage-Pass:swift ' http://192.168.1.1:8080/auth/v1.0 * Trying 192.168.1.1... * Connected to 192.168.1.1 (192.168.1.1) port 8080 (#0) > GET /auth/v1.0 HTTP/1.1 > Host: 192.168.1.1:8080 > User-Agent: curl/7.47.1 > Accept: */* > X-Storage-User: service:swift > X-Storage-Pass:swift > < HTTP/1.1 200 OK < X-Storage-Url: http://192.168.1.1:8080/v1/AUTH_service < X-Auth-Token: AUTH_tk4f2eaa45b35c47b4ab0b955710cce6da < Content-Type: text/html; charset=UTF-8 < X-Storage-Token: AUTH_tk4f2eaa45b35c47b4ab0b955710cce6da < Content-Length: 0 < X-Trans-Id: tx3b90f2a8a3284f52951cc80ca41f104a < Date: Tue, 01 Mar 2016 21:10:50 GMT < * Connection #0 to host 192.168.1.1 left intact It seems swift cannot recognize the request from my nginx which has configed with an addictional module named ngx_http_auth_request_module. Maybe nginx was not passes right user and password to swift. Or shouldn't I use the chrome browser to visit swift through nginx proxy. Below is my swift proxy-server.conf: [DEFAULT] bind_port = 8080 bind_ip = 192.168.1.1 workers = 1 user = swift log_facility = LOG_LOCAL1 eventlet_debug = true [pipeline:main] pipeline = catch_errors healthcheck proxy-logging cache tempurl ratelimit tempauth staticweb proxy-logging proxy-server [filter:catch_errors] use = egg:swift#catch_errors set log_name = cache_errors [filter:healthcheck] use = egg:swift#healthcheck set log_name = healthcheck [filter:proxy-logging] use = egg:swift#proxy_logging set log_name = proxy-logging [filter:ratelimit] use = egg:swift#ratelimit set log_name = ratelimit [filter:crossdomain] use = egg:swift#crossdomain set log_name = crossdomain [filter:tempurl] use = egg:swift#tempurl set log_name = tempurl [filter:tempauth] use = egg:swift#tempauth set log_name = tempauth user_admin_admin = admin .admin .reseller_admin user_test_tester = testing .admin user_test2_tester2 = testing2 .admin user_test_tester3 = testing3 user_service_swift = swift .admin [filter:staticweb] use = egg:swift#staticweb set log_name = staticweb [filter:cache] use = egg:swift#memcache set log_name = memcache [app:proxy-server] use = egg:swift#proxy set log_name = proxy allow_account_management = true account_autocreate = true I have no idea for the 401 error occurred and how to solve this question.Are there some configuration error in my swift or nginx configuration file? Thanks for your time, Amy
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev