TAGS

There are no tags associated with this article.

How to share private container (object storage) to another user

If you want to learn HOW TO USE OBJECT STORAGE? please refer to this article How to use Object Storage?

Another method to access object storage is to use OpenStack Swift commands (https://docs.openstack.org/ocata/cli-reference/swift.html)

To use CLI you should prepare the python environment on your desktop (please see: Openstack CLI)

Container's owner:

Prepare openrc file

Container owner sharing.openrc:

export OS_USERNAME="owner@mail.com"
export OS_TENANT_NAME="cloud_10726 project_with_eo"
export OS_AUTH_URL=https://cf2.cloudferro.com:5000/v3
export OS_TENANT_ID="858a73b1368546e4befeb08bcbc8d753"

  • OS_TENANT_NAME - owner project name
    OS_TENANT_ID - run following command: "openstack user show --format json "${OS_USERNAME}" | jq -r .id"

Download "OpenStack RC File v3" from container Project

source cloud_10726\ project_with_eo-openrc.sh

You can check if you have access to your object storage with the command

swift list
container-1
container-2

Load new config file

source sharing.openrc

Check the sharing url which will be used to access your object storage. You can set a variable to use it for guest configuration or send SURL to another user.

swift auth | awk -F = '/OS_STORAGE_URL/ {print $2}'
SURL="$(swift auth | awk -F = '/OS_STORAGE_URL/ {print $2}')"

We need to have another user OpenStack ID. Guest can check it with the command below, and sent it to us.

openstack user show --format json "${OS_USERNAME}" | jq -r .id
OUID="$(openstack user show --format json "${OS_USERNAME}" | jq -r .id)"

Now, we can share object storage to our guest

swift post --read-acl "*:${OUID}" container-1   # Read access
swift post --write-acl "*:${OUID}" container-1   # Write access

Running as the sharing user create and upload a test file: 

touch test.txt
swift upload container-1 test.txt

Another user:

Prepare openrc file

User's other.openrc:

export OS_USERNAME="otheruser@mail.com"
export OS_PASSWORD=
export OS_TENANT_NAME="cloud_10732 project_with_eo"
export OS_AUTH_URL=https://cf2.cloudferro.com:5000/v3
export OS_TENANT_ID="00277b2d673846c8b2dccffe241a482f"

  • OS_TENANT_NAME - owner project name
    OS_TENANT_ID - run following command: "openstack user show --format json "${OS_USERNAME}" | jq -r .id"

Download "OpenStack RC File v3" from user Project

source cloud_10732 project_with_eo-openrc.sh

Run "openstack user show --format json "${OS_USERNAME}" | jq -r .id" to fill OS_TENANT_ID in  other.openrc.

openstack user show --format json "${OS_USERNAME}" | jq -r .id
source other.openrc

Guest should have a link from the shared owner and use it to access shared object storage. It is more convenient to put it into a variable.

SURL="link from container's owner"

Guest can list shared bucket with the following command

swift --os-storage-url="${SURL}" list container-1

and download the whole bucket

swift --os-storage-url="${SURL}" download container-1

or an object

swift --os-storage-url="${SURL}" download container-1 test.txt

and upload

swift --os-storage-url="${SURL}" upload container-1 "file(s) or folder(s)"