Skip to content

Commit 8a95aed

Browse files
SungJin1212SungJin1212
authored
Support application credential auth for Openstack swift (cortexproject#6255)
1 parent 275a5bf commit 8a95aed

File tree

6 files changed

+119
-37
lines changed

6 files changed

+119
-37
lines changed

CHANGELOG.md

+1
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@
1010
* [FEATURE] Store Gateway: Add an in-memory chunk cache. #6245
1111
* [FEATURE] Chunk Cache: Support multi level cache and add metrics. #6249
1212
* [ENHANCEMENT] S3 Bucket Client: Add a list objects version configs to configure list api object version. #6280
13+
* [ENHANCEMENT] OpenStack Swift: Add application credential configs for Openstack swift object storage backend. #6255
1314
* [ENHANCEMENT] Query Frontend: Add new query stats metrics `cortex_query_samples_scanned_total` and `cortex_query_peak_samples` to track scannedSamples and peakSample per user. #6228
1415
* [ENHANCEMENT] Ingester: Disable chunk trimming. #6270
1516
* [ENHANCEMENT] Ingester: Add `blocks-storage.tsdb.wal-compression-type` to support zstd wal compression type. #6232

docs/blocks-storage/querier.md

+12
Original file line numberDiff line numberDiff line change
@@ -456,6 +456,18 @@ blocks_storage:
456456
# CLI flag: -blocks-storage.swift.auth-url
457457
[auth_url: <string> | default = ""]
458458

459+
# OpenStack Swift application credential ID.
460+
# CLI flag: -blocks-storage.swift.application-credential-id
461+
[application_credential_id: <string> | default = ""]
462+
463+
# OpenStack Swift application credential name.
464+
# CLI flag: -blocks-storage.swift.application-credential-name
465+
[application_credential_name: <string> | default = ""]
466+
467+
# OpenStack Swift application credential secret.
468+
# CLI flag: -blocks-storage.swift.application-credential-secret
469+
[application_credential_secret: <string> | default = ""]
470+
459471
# OpenStack Swift username.
460472
# CLI flag: -blocks-storage.swift.username
461473
[username: <string> | default = ""]

docs/blocks-storage/store-gateway.md

+12
Original file line numberDiff line numberDiff line change
@@ -547,6 +547,18 @@ blocks_storage:
547547
# CLI flag: -blocks-storage.swift.auth-url
548548
[auth_url: <string> | default = ""]
549549

550+
# OpenStack Swift application credential ID.
551+
# CLI flag: -blocks-storage.swift.application-credential-id
552+
[application_credential_id: <string> | default = ""]
553+
554+
# OpenStack Swift application credential name.
555+
# CLI flag: -blocks-storage.swift.application-credential-name
556+
[application_credential_name: <string> | default = ""]
557+
558+
# OpenStack Swift application credential secret.
559+
# CLI flag: -blocks-storage.swift.application-credential-secret
560+
[application_credential_secret: <string> | default = ""]
561+
550562
# OpenStack Swift username.
551563
# CLI flag: -blocks-storage.swift.username
552564
[username: <string> | default = ""]

docs/configuration/config-file-reference.md

+48
Original file line numberDiff line numberDiff line change
@@ -706,6 +706,18 @@ swift:
706706
# CLI flag: -alertmanager-storage.swift.auth-url
707707
[auth_url: <string> | default = ""]
708708

709+
# OpenStack Swift application credential ID.
710+
# CLI flag: -alertmanager-storage.swift.application-credential-id
711+
[application_credential_id: <string> | default = ""]
712+
713+
# OpenStack Swift application credential name.
714+
# CLI flag: -alertmanager-storage.swift.application-credential-name
715+
[application_credential_name: <string> | default = ""]
716+
717+
# OpenStack Swift application credential secret.
718+
# CLI flag: -alertmanager-storage.swift.application-credential-secret
719+
[application_credential_secret: <string> | default = ""]
720+
709721
# OpenStack Swift username.
710722
# CLI flag: -alertmanager-storage.swift.username
711723
[username: <string> | default = ""]
@@ -989,6 +1001,18 @@ swift:
9891001
# CLI flag: -blocks-storage.swift.auth-url
9901002
[auth_url: <string> | default = ""]
9911003

1004+
# OpenStack Swift application credential ID.
1005+
# CLI flag: -blocks-storage.swift.application-credential-id
1006+
[application_credential_id: <string> | default = ""]
1007+
1008+
# OpenStack Swift application credential name.
1009+
# CLI flag: -blocks-storage.swift.application-credential-name
1010+
[application_credential_name: <string> | default = ""]
1011+
1012+
# OpenStack Swift application credential secret.
1013+
# CLI flag: -blocks-storage.swift.application-credential-secret
1014+
[application_credential_secret: <string> | default = ""]
1015+
9921016
# OpenStack Swift username.
9931017
# CLI flag: -blocks-storage.swift.username
9941018
[username: <string> | default = ""]
@@ -4762,6 +4786,18 @@ swift:
47624786
# CLI flag: -ruler-storage.swift.auth-url
47634787
[auth_url: <string> | default = ""]
47644788

4789+
# OpenStack Swift application credential ID.
4790+
# CLI flag: -ruler-storage.swift.application-credential-id
4791+
[application_credential_id: <string> | default = ""]
4792+
4793+
# OpenStack Swift application credential name.
4794+
# CLI flag: -ruler-storage.swift.application-credential-name
4795+
[application_credential_name: <string> | default = ""]
4796+
4797+
# OpenStack Swift application credential secret.
4798+
# CLI flag: -ruler-storage.swift.application-credential-secret
4799+
[application_credential_secret: <string> | default = ""]
4800+
47654801
# OpenStack Swift username.
47664802
# CLI flag: -ruler-storage.swift.username
47674803
[username: <string> | default = ""]
@@ -5053,6 +5089,18 @@ swift:
50535089
# CLI flag: -runtime-config.swift.auth-url
50545090
[auth_url: <string> | default = ""]
50555091

5092+
# OpenStack Swift application credential ID.
5093+
# CLI flag: -runtime-config.swift.application-credential-id
5094+
[application_credential_id: <string> | default = ""]
5095+
5096+
# OpenStack Swift application credential name.
5097+
# CLI flag: -runtime-config.swift.application-credential-name
5098+
[application_credential_name: <string> | default = ""]
5099+
5100+
# OpenStack Swift application credential secret.
5101+
# CLI flag: -runtime-config.swift.application-credential-secret
5102+
[application_credential_secret: <string> | default = ""]
5103+
50565104
# OpenStack Swift username.
50575105
# CLI flag: -runtime-config.swift.username
50585106
[username: <string> | default = ""]

pkg/storage/bucket/swift/bucket_client.go

+22-19
Original file line numberDiff line numberDiff line change
@@ -9,26 +9,29 @@ import (
99
)
1010

1111
// NewBucketClient creates a new Swift bucket client
12-
func NewBucketClient(cfg Config, name string, logger log.Logger) (objstore.Bucket, error) {
12+
func NewBucketClient(cfg Config, _ string, logger log.Logger) (objstore.Bucket, error) {
1313
bucketConfig := swift.Config{
14-
AuthVersion: cfg.AuthVersion,
15-
AuthUrl: cfg.AuthURL,
16-
Username: cfg.Username,
17-
UserDomainName: cfg.UserDomainName,
18-
UserDomainID: cfg.UserDomainID,
19-
UserId: cfg.UserID,
20-
Password: cfg.Password,
21-
DomainId: cfg.DomainID,
22-
DomainName: cfg.DomainName,
23-
ProjectID: cfg.ProjectID,
24-
ProjectName: cfg.ProjectName,
25-
ProjectDomainID: cfg.ProjectDomainID,
26-
ProjectDomainName: cfg.ProjectDomainName,
27-
RegionName: cfg.RegionName,
28-
ContainerName: cfg.ContainerName,
29-
Retries: cfg.MaxRetries,
30-
ConnectTimeout: model.Duration(cfg.ConnectTimeout),
31-
Timeout: model.Duration(cfg.RequestTimeout),
14+
AuthVersion: cfg.AuthVersion,
15+
AuthUrl: cfg.AuthURL,
16+
ApplicationCredentialID: cfg.ApplicationCredentialID,
17+
ApplicationCredentialName: cfg.ApplicationCredentialName,
18+
ApplicationCredentialSecret: cfg.ApplicationCredentialSecret,
19+
Username: cfg.Username,
20+
UserDomainName: cfg.UserDomainName,
21+
UserDomainID: cfg.UserDomainID,
22+
UserId: cfg.UserID,
23+
Password: cfg.Password,
24+
DomainId: cfg.DomainID,
25+
DomainName: cfg.DomainName,
26+
ProjectID: cfg.ProjectID,
27+
ProjectName: cfg.ProjectName,
28+
ProjectDomainID: cfg.ProjectDomainID,
29+
ProjectDomainName: cfg.ProjectDomainName,
30+
RegionName: cfg.RegionName,
31+
ContainerName: cfg.ContainerName,
32+
Retries: cfg.MaxRetries,
33+
ConnectTimeout: model.Duration(cfg.ConnectTimeout),
34+
Timeout: model.Duration(cfg.RequestTimeout),
3235

3336
// Hard-coded defaults.
3437
ChunkSize: swift.DefaultConfig.ChunkSize,

pkg/storage/bucket/swift/config.go

+24-18
Original file line numberDiff line numberDiff line change
@@ -7,24 +7,27 @@ import (
77

88
// Config holds the config options for Swift backend
99
type Config struct {
10-
AuthVersion int `yaml:"auth_version"`
11-
AuthURL string `yaml:"auth_url"`
12-
Username string `yaml:"username"`
13-
UserDomainName string `yaml:"user_domain_name"`
14-
UserDomainID string `yaml:"user_domain_id"`
15-
UserID string `yaml:"user_id"`
16-
Password string `yaml:"password"`
17-
DomainID string `yaml:"domain_id"`
18-
DomainName string `yaml:"domain_name"`
19-
ProjectID string `yaml:"project_id"`
20-
ProjectName string `yaml:"project_name"`
21-
ProjectDomainID string `yaml:"project_domain_id"`
22-
ProjectDomainName string `yaml:"project_domain_name"`
23-
RegionName string `yaml:"region_name"`
24-
ContainerName string `yaml:"container_name"`
25-
MaxRetries int `yaml:"max_retries"`
26-
ConnectTimeout time.Duration `yaml:"connect_timeout"`
27-
RequestTimeout time.Duration `yaml:"request_timeout"`
10+
AuthVersion int `yaml:"auth_version"`
11+
AuthURL string `yaml:"auth_url"`
12+
ApplicationCredentialID string `yaml:"application_credential_id"`
13+
ApplicationCredentialName string `yaml:"application_credential_name"`
14+
ApplicationCredentialSecret string `yaml:"application_credential_secret"`
15+
Username string `yaml:"username"`
16+
UserDomainName string `yaml:"user_domain_name"`
17+
UserDomainID string `yaml:"user_domain_id"`
18+
UserID string `yaml:"user_id"`
19+
Password string `yaml:"password"`
20+
DomainID string `yaml:"domain_id"`
21+
DomainName string `yaml:"domain_name"`
22+
ProjectID string `yaml:"project_id"`
23+
ProjectName string `yaml:"project_name"`
24+
ProjectDomainID string `yaml:"project_domain_id"`
25+
ProjectDomainName string `yaml:"project_domain_name"`
26+
RegionName string `yaml:"region_name"`
27+
ContainerName string `yaml:"container_name"`
28+
MaxRetries int `yaml:"max_retries"`
29+
ConnectTimeout time.Duration `yaml:"connect_timeout"`
30+
RequestTimeout time.Duration `yaml:"request_timeout"`
2831
}
2932

3033
// RegisterFlags registers the flags for Swift storage
@@ -47,6 +50,9 @@ func (cfg *Config) RegisterFlagsWithPrefix(prefix string, f *flag.FlagSet) {
4750
f.StringVar(&cfg.ProjectName, prefix+"swift.project-name", "", "OpenStack Swift project name (v2,v3 auth only).")
4851
f.StringVar(&cfg.ProjectDomainID, prefix+"swift.project-domain-id", "", "ID of the OpenStack Swift project's domain (v3 auth only), only needed if it differs the from user domain.")
4952
f.StringVar(&cfg.ProjectDomainName, prefix+"swift.project-domain-name", "", "Name of the OpenStack Swift project's domain (v3 auth only), only needed if it differs from the user domain.")
53+
f.StringVar(&cfg.ApplicationCredentialID, prefix+"swift.application-credential-id", "", "OpenStack Swift application credential ID.")
54+
f.StringVar(&cfg.ApplicationCredentialName, prefix+"swift.application-credential-name", "", "OpenStack Swift application credential name.")
55+
f.StringVar(&cfg.ApplicationCredentialSecret, prefix+"swift.application-credential-secret", "", "OpenStack Swift application credential secret.")
5056
f.StringVar(&cfg.RegionName, prefix+"swift.region-name", "", "OpenStack Swift Region to use (v2,v3 auth only).")
5157
f.StringVar(&cfg.ContainerName, prefix+"swift.container-name", "", "Name of the OpenStack Swift container to put chunks in.")
5258
f.IntVar(&cfg.MaxRetries, prefix+"swift.max-retries", 3, "Max retries on requests error.")

0 commit comments

Comments
 (0)