Skip to content
Commits on Feb 2, 2016
  1. @cschwede

    Document slow option in etc/object-server.conf

    cschwede committed
    Change-Id: Ic9940b0b830a468887878f7b0d7ca42c2cbbebd5
Commits on Dec 2, 2015
  1. @cschwede

    Add functional test for repeated SLO segments

    cschwede committed
    Currently fails on master, passes with change
    If13af444ed301ebd8fd34a0d96a330ded648f0c4 applied.
    
    Change-Id: I05b231cc232d5b4117bccee40eebc7093114c61c
Commits on Oct 13, 2015
  1. @cschwede

    Do not use pre-authenticated requests in staticweb

    cschwede committed
    staticweb middleware uses make_pre_authed_env, this makes it possible to
    anonymously list containers without any read acl set if the metadata
    "web-listings: true" is set on a container. Using make_env enforces correct
    read_acl validation; however it is now also required to add ".rlistings" to the
    read acl.
    
    Also, if the staticweb middleware is put in the proxy pipeline before an
    authentication middleware, it broke authenticated GET and HEAD requests. This
    has some side effects in clients, because a html response is sent that might be
    parsed wrongly by the client. In case of python-swiftclient this was shown as an
    empty container without any ACL or web-listings:true meta set. This might lead
    to information leaks, because a user trusts the output from python-swiftclient
    and assumes an empty, private container even if the container contains public
    readable data. staticweb now checks if "swift.authorize" is included in the
    environ and skips itself if not.
    
    Closes-Bug: 1489749
    Change-Id: Icf159d7e567ac5481e710c5910db686bdcba6336
    Depends-On: Ie24bb995023c377e49796910ad80a256b00daa03
Commits on Oct 12, 2015
  1. @cschwede

    Enable H234 check (assertEquals is deprecated, use assertEqual)

    cschwede committed
    All usages of assertEquals and assertNotEquals are fixed now, so let's enable
    the H234 check to avoid regressions in the future.
    
    Change-Id: I2c2ccb3b268cf9eb11f2db045378ab125a02bc31
Commits on Oct 7, 2015
  1. @cschwede

    Fix ring device checks in probetests

    cschwede committed
    If a device has been removed from one of the rings, it actually is set as None
    within the ring. In that case the length of the devices is not True without
    filtering the None devices. However, if the length matched the condition but
    included a removed device the probetests would fail with a TypeError.
    
    This fix could be done also in swift/common/ring/ring.py, but it seems it only
    affects probetests right now, thus fixing it there and not changing the current
    behavior.
    
    Change-Id: I8ccf9b32a51957e040dd370bc9f711d4328d17b1
Commits on Oct 1, 2015
  1. @cschwede @alistairncoles

    Fix copy requests to service accounts in Keystone

    cschwede committed with alistairncoles
    In case of a COPY request the swift_owner was already set to True, and the
    following PUT request was granted access no matter if a service token was used
    or not.  This allowed to copy data to service accounts without any service
    token.
    
    Service token unit tests have been added to verify that when
    swift_owner is set to True in a request environ, this setting is
    ignored when authorizing another request based on the same
    environ. Applying only this test change on master fails currently, and
    only passes with the fix in this patch.
    
    Tempauth seems to be not affected, however a small doc update has been added to
    make it more clear that a service token is not needed to access a service account
    when an ACL is used.
    
    Further details with an example are available in the bug report
    (https://bugs.launchpad.net/swift/+bug/1483007).
    
    Co-Authored-By: Alistair Coles <alistair.coles@hp.com>
    Co-Authored-By: Hisashi Osanai <osanai.hisashi@jp.fujitsu.com>
    Co-Authored-By: Donagh McCabe <donagh.mccabe@hp.com>
    
    Closes-Bug: 1483007
    Change-Id: I1207b911f018b855362b1078f68c38615be74bbd
Commits on Sep 2, 2015
  1. @cschwede

    Test if container_sweep is executed on unmounted devices

    cschwede committed
    This change ensures that container_sweep is not run if a device is not mounted
    and mount_check is set to True.
    
    Change-Id: I823083c8431d9e61fd426508033ec9188503957b
Commits on Aug 17, 2015
  1. @cschwede @matthewoliver

    Make swift-ring-builder filename usage more consistent

    cschwede committed with matthewoliver
    Sometimes the given argument is internally altered and another filename is used
    without a note to the operator. Even worse, a given .ring.gz filename is
    sometimes written out as builder file, without updating the corresponding
    .builder file.
    
    There is already a method to parse the given argv and return the name of the
    builder and ring file. However, it's rarely used and no warning is given to the
    user if it is altered. This patch uses the already parsed builder and ring file
    name instead of argv[1], and also adds a note to the user if the used filename
    is differently to the one given as argument.
    
    Closes-Bug: 1482096
    Change-Id: I2f8ef23aeab8b07caaa799f7dcd57e684b4b2ad2
Commits on Jul 22, 2015
  1. @cschwede

    Removing commented out code in test/unit/account/test_backend.py

    cschwede committed
    Noticed this while reviewing another change. Looks like the test itself already
    ensures correct functionality of the reclaim() method in AccountBroker without
    the commented code, thus removing this stale code.
    
    Change-Id: I6a26a7591adef9fd794ca68a4e9c493d1127f93c
Commits on Jul 2, 2015
  1. @cschwede

    Ignore invalid PIDs in swift-init

    cschwede committed
    While reviewing ab9f634 I recognized that invalid pids in the pid files raise
    an exceptions (in case it is not a number), and also accept a 0 that is
    impossible to use as a pid for any Swift process. In the latter case the process
    was recognized as runnning, even if it did not - and thus restarting didn't
    worked.
    
    This patch ensures a better handling of any non-numeric value and also removes a
    pid file if it uses 0 as the pid.
    
    Change-Id: I09c415c7a75e4b9a0574a08f46f48fff5bb11d02
Commits on Jun 26, 2015
  1. @cschwede

    Increase httplib._MAXHEADERS

    cschwede committed
    Python 2.7.9+ and 3.2.6+ limits the number of maximum headers in httplib to 100
    [1,2,3]. This setting is too low for Swift.
    
    By default the maximum number of allowed headers depends on the number of max
    allowed metadata settings plus a default value of 32 for regular http headers.
    If for some reason this is not enough (custom middleware for example) it can be
    increased with the extra_header_count constraint.
    
    [1] https://bugs.python.org/issue16037
    [2] https://hg.python.org/cpython/raw-file/15c95b7d81dc/Misc/NEWS
    [3] https://hg.python.org/cpython/raw-file/v3.2.6/Misc/NEWS
    
    Co-Authored-By: Clay Gerrard <clay.gerrard@gmail.com>
    Co-Authored-By: Matthew Oliver <matt@oliver.net.au>
    Co-Authored-By: Thomas Herve <therve@redhat.com>
    
    Change-Id: I388fd697ec88476024b0e9f1ae75ba35ff765282
Commits on Jun 22, 2015
  1. @cschwede

    Add note about updatedb to the docs

    cschwede committed
    Change-Id: Ia1aa0bb1f93ee487e2f7ddf76a7a08efa8f3ba41
Commits on Jun 3, 2015
  1. @cschwede @alistairncoles

    Fix testing issues

    cschwede committed with alistairncoles
    When functional tests are run in tox and an exception is raised when connecting
    to Swift (for example: Swift not running, missing python-keystoneclient package
    used by python-swiftclient) 0 tests are executed, but tox returns a success.
    
    An exception is raised during tests, caused by a missing python-keystoneclient
    in python-swiftclient. Instead of adding python-keystoneclient as a dependency
    in python-swiftclient the package is added to the test-requirements.txt in Swift
    itself. Note that adding python-keystoneclient to the test-requirements in
    python-swiftclient is not sufficient (it's already in there).
    
    The exception in setup_package() is catched by the openstack.nose_plugin, thus
    disabling this plugin for now as well.
    
    Also fixing two test errors seen on the gate regarding the tempurl middleware.
    
    There was also an update to tox, environment variables were no longer passed
    with versions >= 2.0 (http://tox.readthedocs.org/en/latest/changelog.html).
    Swift test environment variables have been added to the passenv to re-enable the
    former behavior, as well as environment variables required to pass proxy
    settings.
    
    This also led to skipped tempauth tests, and together with the missing
    python-keystoneclient no tests were executed.
    
    Related-Bug: 1461440
    Related-Bug: 1455102
    
    Co-Authored-By: Alistair Coles <alistair.coles@hp.com>
    
    Change-Id: Ideea071017d04912c60ed0bc76532adbb446c31d
Commits on Jun 1, 2015
  1. @cschwede

    Make swift-recon compatible for servers without storage policies

    cschwede committed
    Swift recon introduced a new key for storage policies, and the CLI expected this
    key in the server response. However, if one updates the CLI but not yet the
    server an exception will be raised, because there is no default value and no
    check if the key is included in the response.
    
    This change checks if the policies key is included in the response and updates
    one test to ensure backward compability.
    
    Closes-Bug: 1453599
    
    Change-Id: I7c7a90f9933bec2ab45595df9dc600a6cba65666
Commits on May 8, 2015
  1. @cschwede

    Update my mailmap entry

    cschwede committed
    Change-Id: I5d21a55d0fa4cab6eaa6ff426819aa1dc997de2f
Commits on May 6, 2015
  1. @cschwede

    Add missing statsd metrics section for object-reconstructor

    cschwede committed
    Change-Id: Id3f98e5f637ff537a387262b40f21c05876fca91
Commits on Apr 28, 2015
  1. @cschwede @matthewoliver

    Add missing docstring in direct_client

    cschwede committed with matthewoliver
    Added a missing docstring to the direct_delete_container method.
    
    Also checked other docstrings in the same file and fixed a wrong docstring
    element in direct_delete_object. Added raises: docstring entry to all methods
    that raise an Exception.
    
    Change-Id: If463a0f9ddff3fe2d13f6d97fcfa955e91d0f01f
Commits on Apr 15, 2015
  1. @cschwede

    More tests for swift recon

    cschwede committed
    Change-Id: I8d568c0f6fbe1c01d97491740aebf299deb63732
Commits on Apr 14, 2015
  1. @cschwede @notmyname

    Add test for swift_recon.disk_usage

    cschwede committed with notmyname
    Change-Id: I4cab7aa6df3f0e1933e52ee5dbbb829f30604f10
  2. @cschwede @notmyname

    Check if device name is valid when adding to the ring

    cschwede committed with notmyname
    Currently device names can be empty or start and/or end with spaces.
    This can create unexpected results, for example these three commands
    are all valid:
    
    swift-ring-builder account.builder add "r1z1-127.0.0.1:6000/" 1
    swift-ring-builder account.builder add "r1z1-127.0.0.1:6000/sda " 1
    swift-ring-builder account.builder add "r1z1-127.0.0.1:6000/ meta" 1
    
    This patch validates device names and prevents empty names or names
    starting and/or ending with spaces.
    
    Also fixed the test "test_warn_at_risk" - the test passed if the
    exception was not raised.
    
    Closes-Bug: 1438579
    
    Change-Id: I811b0eae7db503279e6429d985275bbab8b29c9f
Commits on Apr 10, 2015
  1. @cschwede

    Set connection timeout in container sync

    cschwede committed
    Container sync might get stuck without a connection timeout if the remote proxy
    is not responding.
    
    This patch sets a default timeout of 5.0 seconds for the connection attempt. The
    value is much higher than other connection timeouts inside Swift (0.5); however
    there might be a much higher latency to the remote peer, thus playing it safe.
    There is also a retry if the attempt timed out.
    
    Note that this setting only applies to the connection request itself. Setting
    this timeout does not apply when the remote proxy goes away during a request.
    
    Also added a short test to ensure urlopen is called with the timeout value.
    
    Co-Authored-By: Alistair Coles <alistair.coles@hp.com>
    
    Change-Id: Ic08a55157fa91fe1316653781adf4d66eead61bc
    Partial-Bug: 1419916
Commits on Mar 16, 2015
  1. @cschwede

    Bump PyECLib version to >= 1.0.3

    cschwede committed with Tushar Gohad
    ECPyECLibException has been removed in 1.0.1, among other
    API/error handling enhancements in 1.0.3. Let's make sure
    the right version is used.
    
    Change-Id: Ie6e0c1b491017dd5096b14c23b610abc22b03d6a
Commits on Feb 10, 2015
  1. @cschwede

    Fix swift-recon --all help message

    cschwede committed
    There are three options missing in the "--all" option help message. Let's add
    them to make it less error-prone if someone wants to copy-paste the command.
    
    Unfortunately a line break "\n" doesn't work, thus forcing all options into a
    single line using tabs.
    
    Change-Id: I38a7a1d8bb267b00b1d9776228f6c6fe794808d0
Commits on Nov 6, 2014
  1. @cschwede

    Rename Swiftbrowser in associated projects

    cschwede committed
    Let's use the full project name to avoid confusion with the recently added
    Swiftbrowser based on AngularJS.
    
    Change-Id: Ib07338268a1593bc2882908b49c1fb4a130ff43d
Commits on Oct 29, 2014
  1. @cschwede

    Return verbose message if account quota exceeded

    cschwede committed
    This message is already used in the container quota middleware, so let's use it
    in the account middleware too.
    
    Change-Id: I136fe6102c28cc8ccc021555c42ec7b0be716444
    Closes-Bug: 1381875
  2. @cschwede

    Update admin guide on handling drive failures

    cschwede committed
    Simply replacing a failed disk requires a very long time if the ring is not
    changed, because all data will be replicated to a single new disk. This extends
    the time to recover from missing replicas, and becomes even more important with
    bigger disks.
    
    This patch updates the doc to include a faster alternative by setting the weight
    of a failed disk to 0.  In this case the partitions from the failed disk are
    distributed and replicated to the remaining disks in the cluster, and because
    each disk gets only a fraction of the partitions it's also much faster.
    
    Change-Id: I16617756359771ad89ca5d4690b58a014f481d9b
Commits on Oct 7, 2014
  1. @cschwede

    Add a reference to the OpenStack security guide

    cschwede committed
    Change-Id: I85b9591a17572eb57f315d7b8e6741455aef5817
Commits on Oct 6, 2014
  1. @cschwede

    Fix minor typo

    cschwede committed
    Fixes minor typo in one method and adds missing parameter in other
    method. Only checked swift/container/reconciler.py for now.
    
    Change-Id: I5c648010f09b6e4b1fb0380bc97b266e680602f8
Commits on Sep 30, 2014
  1. @cschwede

    Limit partition movement when adding a new tier

    cschwede committed
    When adding a new tier (region, zone, node, device) to an existing,
    already balanced ring all existing partitions in the existing tiers of
    the same level are gathered for reassigning, even when there is
    not enough space in the new tier. This will create a lot of unnecessary
    replication traffic in the backend network.
    
    For example, when only one region exists in the ring and a new region is
    added, all existing parts are selected to reassign, even when the new
    region has a total weight of 0. Same for zones, nodes and devices.
    
    This patch limits the number of partitions that are choosen to reassign
    by checking for devices on other tiers that are asking for more
    partitions.
    
    Failed devices are not considered when applying the limit.
    
    Co-Authored By: Florent Flament <florent.flament-ext@cloudwatt.com>
    Change-Id: I6178452e47492da4677a8ffe4fb24917b5968cd9
    Closes-Bug: 1367826
Commits on Sep 29, 2014
  1. @cschwede

    Fix bug in swift-ring-builder list_parts

    cschwede committed
    The number of shown replicas in the partition list might differ from the
    actual number of replicas (as shown in the bugreport).
    
    This codes simply iterates for the builder._replica2part2dev and
    remembers the number of replicas for each partition.
    
    The code to find the partitions was moved to swift/common/ring/utils.py
    to make it easier to test, and a test to ensure the correct number of
    replicas is returned was added.
    
    Closes-Bug: 1370070
    Change-Id: Id6a3ed437bb86df2f43f8b0b79aa8ccb50bbe13e
Commits on Sep 17, 2014
  1. @cschwede

    Return correct number of changed partitions

    cschwede committed
    When a ring is rebalanced the number of changed partitions is counted.
    Before this patch partitions might be rebalanced, but actually no data
    is moved - for example, when a partition is assigned to the same device
    as before. This results in a wrong number of reassigned partitions that
    is shown to the user.
    
    This patch remembers the partition allocation before the rebalance, and
    compares it to the new allocation after a rebalance. Only partitions
    that are stored on a different device than before are counted.
    
    Partial-Bug: 1367826
    Also-By: Florent Flament <florent.flament-ext@cloudwatt.com>
    Change-Id: Iacfd514df3af351791f9191cef78cff1b3e2645f
Commits on Sep 15, 2014
  1. @cschwede

    Allow filtering by region in swift-recon

    cschwede committed
    The option "-r" is already used, thus only "--region" is used to specify
    filter by region.
    
    Change-Id: If769f2f3191c202933b03b48fe0f22b7c94a4dd6
    Closes-Bug: 1369583
  2. @cschwede @alistairncoles

    Fix internal link to keystoneauth in documentation

    cschwede committed with alistairncoles
    This patch fixes a broken link at the end of the table in
    http://docs.openstack.org/developer/swift/logs.html#swift-source
    
    Change-Id: I989173ac93e0f840997333be0d5cec07eb77b304
Commits on Sep 12, 2014
  1. @cschwede

    Fix RingBuilder._build_max_replicas_by_tier docstring

    cschwede committed
    The current docstring doesn't include zones, and the order of the
    entries is not up to date with the current code. Let's fix this.
    
    Change-Id: Ibabd79427b83d9e8c86b2caeb93dee219c8274c0
Commits on Aug 1, 2014
  1. @cschwede

    Fix swift-dispersion-populate bug when using SimpleClient class

    cschwede committed
    Commit 7fcbbeb changed the internal client a little bit and removed the
    class variable self.attempts in SimpleClient. This is currently still
    needed in swift-dispersion-populate to track the number of retries, thus
    re-adding it again.
    
    Closes-Bug: 1351323
    Change-Id: I98ba6441607158b34708b2dbb2d1a63788681d63
Something went wrong with that request. Please try again.