Extract the account ACLs from the given account_info, and return the ACLs.
Parameters: | info – a dict of the form returned by get_account_info |
---|---|
Returns: | None (no ACL system metadata is set), or a dict of the form:: {‘admin’: [...], ‘read-write’: [...], ‘read-only’: [...]} |
Raises ValueError: | |
on a syntactically invalid header |
Returns a cleaned ACL header value, validating that it meets the formatting requirements for standard Swift ACL strings.
The ACL format is:
[item[,item...]]
Each item can be a group name to give access to or a referrer designation to grant or deny based on the HTTP Referer header.
The referrer designation format is:
.r:[-]value
The .r can also be .ref, .referer, or .referrer; though it will be shortened to just .r for decreased character count usage.
The value can be * to specify any referrer host is allowed access, a specific host name like www.example.com, or if it has a leading period . or leading *. it is a domain name specification, like .example.com or *.example.com. The leading minus sign - indicates referrer hosts that should be denied access.
Referrer access is applied in the order they are specified. For example, .r:.example.com,.r:-thief.example.com would allow all hosts ending with .example.com except for the specific host thief.example.com.
Example valid ACLs:
.r:*
.r:*,.r:-.thief.com
.r:*,.r:.example.com,.r:-thief.example.com
.r:*,.r:-.thief.com,bobs_account,sues_account:sue
bobs_account,sues_account:sue
Example invalid ACLs:
.r:
.r:-
By default, allowing read access via .r will not allow listing objects in the container – just retrieving objects from the container. To turn on listings, use the .rlistings directive.
Also, .r designations aren’t allowed in headers whose names include the word ‘write’.
ACLs that are “messy” will be cleaned up. Examples:
Original | Cleaned |
bob, sue | bob,sue |
bob , sue | bob,sue |
bob,,,sue | bob,sue |
.referrer : * | .r:* |
.ref:*.example.com | .r:.example.com |
.r:*, .rlistings | .r:*,.rlistings |
Parameters: |
|
---|---|
Returns: | The value, cleaned of extraneous formatting. |
Raises ValueError: | |
If the value does not meet the ACL formatting requirements; the error message will indicate why. |
Compatibility wrapper to help migrate ACL syntax from version 1 to 2. Delegates to the appropriate version-specific format_acl method, defaulting to version 1 for backward compatibility.
Parameters: | kwargs – keyword args appropriate for the selected ACL syntax version (see format_acl_v1() or format_acl_v2()) |
---|
Returns a standard Swift ACL string for the given inputs.
Caller is responsible for ensuring that :referrers: parameter is only given if the ACL is being generated for X-Container-Read. (X-Container-Write and the account ACL headers don’t support referrers.)
Parameters: |
|
---|---|
Returns: | a Swift ACL string for use in X-Container-{Read,Write}, X-Account-Access-Control, etc. |
Returns a version-2 Swift ACL JSON string.
JSON will be forced ASCII (containing six-char uNNNN sequences rather than UTF-8; UTF-8 is valid JSON but clients vary in their support for UTF-8 headers), and without extraneous whitespace.
Advantages over V1: forward compatibility (new keys don’t cause parsing exceptions); Unicode support; no reserved words (you can have a user named .rlistings if you want).
Parameters: | acl_dict – dict of arbitrary data to put in the ACL; see specific auth systems such as tempauth for supported values |
---|---|
Returns: | a JSON string which encodes the ACL |
Compatibility wrapper to help migrate ACL syntax from version 1 to 2. Delegates to the appropriate version-specific parse_acl method, attempting to determine the version from the types of args/kwargs.
Parameters: |
|
---|---|
Returns: | the return value of parse_acl_v1() or parse_acl_v2() |
Parses a standard Swift ACL string into a referrers list and groups list.
See clean_acl() for documentation of the standard Swift ACL format.
Parameters: | acl_string – The standard Swift ACL string to parse. |
---|---|
Returns: | A tuple of (referrers, groups) where referrers is a list of referrer designations (without the leading .r:) and groups is a list of groups to allow access. |
Parses a version-2 Swift ACL string and returns a dict of ACL info.
Parameters: | data – string containing the ACL data in JSON format |
---|---|
Returns: | A dict (possibly empty) containing ACL info, e.g.: {“groups”: [...], “referrers”: [...]} |
Returns: | None if data is None, is not valid JSON or does not parse as a dict |
Returns: | empty dictionary if data is an empty string |
Returns True if the referrer should be allowed based on the referrer_acl list (as returned by parse_acl()).
See clean_acl() for documentation of the standard Swift ACL format.
Parameters: |
|
---|---|
Returns: | True if the referrer should be allowed; False if not. |
Monkey Patch httplib.HTTPResponse to buffer reads of headers. This can improve performance when making large numbers of small HTTP requests. This module also provides helper functions to make HTTP connections using BufferedHTTPResponse.
Warning
If you use this, be sure that the libraries you are using do not access the socket directly (xmlrpclib, I’m looking at you :/), and instead make all calls through httplib.
Bases: httplib.HTTPConnection
HTTPConnection class that uses BufferedHTTPResponse
alias of BufferedHTTPResponse
Bases: httplib.HTTPResponse
HTTPResponse class that buffers reading of headers
Terminate the socket with extreme prejudice.
Closes the underlying socket regardless of whether or not anyone else has references to it. Use this when you are certain that nobody else you care about has a reference to this socket.
Helper function to create an HTTPConnection object. If ssl is set True, HTTPSConnection will be used. However, if ssl=False, BufferedHTTPConnection will be used, which is buffered for backend Swift services.
Parameters: |
|
---|---|
Returns: | HTTPConnection object |
Helper function to create an HTTPConnection object. If ssl is set True, HTTPSConnection will be used. However, if ssl=False, BufferedHTTPConnection will be used, which is buffered for backend Swift services.
Parameters: |
|
---|---|
Returns: | HTTPConnection object |
Query string format= values to their corresponding content-type values
Validate if ‘x-delete’ headers are have correct values values should be positive integers and correspond to a time in the future.
Parameters: | request – the swob request object |
---|---|
Returns: | HTTPBadRequest in case of invalid values or None if values are ok |
Verify that the path to the device is a directory and is a lesser constraint that is enforced when a full mount_check isn’t possible with, for instance, a VM using loopback or partitions.
Parameters: |
|
---|---|
Returns: | True if it is a valid directoy, False otherwise |
Helper function for checking if a string can be converted to a float.
Parameters: | string – string to be verified as a float |
---|---|
Returns: | True if the string can be converted to a float, False otherwise |
Check metadata sent in the request headers. This should only check that the metadata in the request given is valid. Checks against account/container overall metadata should be forwarded on to its respective server to be checked.
Parameters: |
|
---|---|
Returns: | HTTPBadRequest with bad metadata otherwise None |
Verify that the path to the device is a mount point and mounted. This allows us to fast fail on drives that have been unmounted because of issues, and also prevents us for accidentally filling up the root partition.
Parameters: |
|
---|---|
Returns: | True if it is a valid mounted device, False otherwise |
Validate that the header contains valid account or container name.
Parameters: |
|
---|---|
Returns: | A properly encoded account name or container name |
Raise: | HTTPPreconditionFailed if account header is not well formatted. |
Check to ensure that everything is alright about an object to be created.
Parameters: |
|
---|---|
Returns: | HTTPRequestEntityTooLarge – the object is too large |
Returns: | HTTPLengthRequired – missing content-length header and not a chunked request |
Returns: | HTTPBadRequest – missing or bad content-type header, or bad metadata |
Returns: | HTTPNotImplemented – unsupported transfer-encoding header value |
Validate if a string is valid UTF-8 str or unicode and that it does not contain any null character.
Parameters: | string – string to be validated |
---|---|
Returns: | True if the string is valid utf-8 str or unicode and contains no null characters, False otherwise |
Parse SWIFT_CONF_FILE and reset module level global contraint attrs, populating OVERRIDE_CONSTRAINTS AND EFFECTIVE_CONSTRAINTS along the way.
Checks if the requested version is valid.
Currently Swift only supports “v1” and “v1.0”.
Helper function to extract a timestamp from requests that require one.
Parameters: | request – the swob request object |
---|---|
Returns: | a valid Timestamp instance |
Raises: | HTTPBadRequest on missing or invalid X-Timestamp |
Bases: object
Loads and parses the container-sync-realms.conf, occasionally checking the file’s mtime to see if it needs to be reloaded.
Returns a list of clusters for the realm.
Returns the endpoint for the cluster in the realm.
Returns the hexdigest string of the HMAC-SHA1 (RFC 2104) for the information given.
Parameters: |
|
---|---|
Returns: | hexdigest str of the HMAC-SHA1 for the request. |
Returns the key for the realm.
Returns the key2 for the realm.
Returns a list of realms.
Forces a reload of the conf file.
Internal client library for making calls directly to the servers rather than through the proxy.
Delete container directly from the container server.
Parameters: |
|
---|---|
Raises ClientException: | |
HTTP DELETE request failed |
Delete object directly from the object server.
Parameters: |
|
---|---|
Raises ClientException: | |
HTTP DELETE request failed |
Get listings directly from the account server.
Parameters: |
|
---|---|
Returns: | a tuple of (response headers, a list of containers) The response headers will HeaderKeyDict. |
Get container listings directly from the container server.
Parameters: |
|
---|---|
Returns: | a tuple of (response headers, a list of objects) The response headers will be a HeaderKeyDict. |
Get object directly from the object server.
Parameters: |
|
---|---|
Returns: | a tuple of (response headers, the object’s contents) The response headers will be a HeaderKeyDict. |
Raises ClientException: | |
HTTP GET request failed |
Get suffix hashes directly from the object server.
Parameters: |
|
---|---|
Returns: | dict of suffix hashes |
Raises ClientException: | |
HTTP REPLICATE request failed |
Request container information directly from the container server.
Parameters: |
|
---|---|
Returns: | a dict containing the response’s headers in a HeaderKeyDict |
Raises ClientException: | |
HTTP HEAD request failed |
Request object information directly from the object server.
Parameters: |
|
---|---|
Returns: | a dict containing the response’s headers in a HeaderKeyDict |
Raises ClientException: | |
HTTP HEAD request failed |
Direct update to object metadata on object server.
Parameters: |
|
---|---|
Raises ClientException: | |
HTTP POST request failed |
Put object directly from the object server.
Parameters: |
|
---|---|
Returns: | etag from the server response |
Raises ClientException: | |
HTTP PUT request failed |
Helper function to retry a given function a number of times.
Parameters: |
|
---|---|
Returns: | result of func |
Raises ClientException: | |
all retries failed |
Bases: eventlet.timeout.Timeout
Bases: eventlet.timeout.Timeout
Bases: exceptions.Exception
Bases: eventlet.timeout.Timeout
Bases: exceptions.Exception
Bases: eventlet.timeout.Timeout
Bases: exceptions.OSError
Bases: exceptions.Exception
Bases: exceptions.Exception
Bases: eventlet.timeout.Timeout
Bases: exceptions.Exception
Bases: object
Wrapper for file object to compress object while reading.
Can be used to wrap file objects passed to InternalClient.upload_object().
Used in testing of InternalClient.
Parameters: |
|
---|
Reads a chunk from the file object.
Params are passed directly to the underlying file object’s read().
Returns: | Compressed chunk from file object. |
---|
Sets the object to the state needed for the first read.
Bases: object
An internal client that uses a swift proxy app to make requests to Swift.
This client will exponentially slow down for retries.
Parameters: |
|
---|
Checks to see if a container exists.
Parameters: |
|
---|---|
Raises: |
|
Returns: | True if container exists, false otherwise. |
Creates container.
Parameters: |
|
---|---|
Raises: |
|
Deletes a container.
Parameters: |
|
---|---|
Raises: |
|
Deletes an object.
Parameters: |
|
---|---|
Raises: |
|
Returns (container_count, object_count) for an account.
Parameters: |
|
---|---|
Raises: |
|
Gets account metadata.
Parameters: |
|
---|---|
Returns: | Returns dict of account metadata. Keys will be lowercase. |
Raises: |
|
Gets container metadata.
Parameters: |
|
---|---|
Returns: | Returns dict of container metadata. Keys will be lowercase. |
Raises: |
|
Returns a 3-tuple (status, headers, iterator of object body)
Gets object metadata.
Parameters: |
|
---|---|
Returns: | Dict of object metadata. |
Raises: |
|
Returns an iterator of containers dicts from an account.
Parameters: |
|
---|---|
Raises: |
|
Returns an iterator of object lines from an uncompressed or compressed text object.
Uncompress object as it is read if the object’s name ends with ‘.gz’.
Parameters: |
|
---|---|
Raises: |
|
Returns an iterator of object dicts from a container.
Parameters: |
|
---|---|
Raises: |
|
Returns a swift path for a request quoting and utf-8 encoding the path parts as need be.
Parameters: |
|
---|---|
Raises ValueError: | |
Is raised if obj is specified and container is not. |
Makes a request to Swift with retries.
Parameters: |
|
---|---|
Returns: | Response object on success. |
Raises: |
|
Sets account metadata. A call to this will add to the account metadata and not overwrite all of it with values in the metadata dict. To clear an account metadata value, pass an empty string as the value for the key in the metadata dict.
Parameters: |
|
---|---|
Raises: |
|
Sets container metadata. A call to this will add to the container metadata and not overwrite all of it with values in the metadata dict. To clear a container metadata value, pass an empty string as the value for the key in the metadata dict.
Parameters: |
|
---|---|
Raises: |
|
Sets an object’s metadata. The object’s metadata will be overwritten by the values in the metadata dict.
Parameters: |
|
---|---|
Raises: |
|
Parameters: |
|
---|---|
Raises: |
|
Bases: object
Simple client that is used in bin/swift-dispersion-* and container sync
Bases: exceptions.Exception
Exception raised on invalid responses to InternalClient.make_request().
Parameters: |
|
---|
For usage with container sync
For usage with container sync
For usage with container sync
Bases: object
Main class for performing commands on groups of servers.
Parameters: | servers – list of server names as strings |
---|
alias for reload
Find and return the decorated method named like cmd
Parameters: | cmd – the command to get, a string, if not found raises UnknownCommandError |
---|
stop a server (no error if not running)
Get all publicly accessible commands
Returns: | a list of string tuples (cmd, help), the method names who are decorated as commands |
---|
start a server interactively
spawn server and return immediately
start server and run one pass on supporting daemons
graceful shutdown then restart on supporting servers
stops then restarts server
Find the named command and run it
Parameters: | cmd – the command name to run |
---|
allow current requests to finish on supporting servers
starts a server
display status of tracked pids for server
stops a server
Bases: object
Manage operations on a server or group of servers of similar type
Parameters: | server – name of server |
---|
Get conf files for this server
Param: | number, if supplied will only lookup the nth server |
---|---|
Returns: | list of conf files |
Translate pid_file to a corresponding conf_file
Parameters: | pid_file – a pid_file for this server, a string |
---|---|
Returns: | the conf_file for this pid_file |
Translate conf_file to a corresponding pid_file
Parameters: | conf_file – an conf_file for this server, a string |
---|---|
Returns: | the pid_file for this conf_file |
Get running pids
Returns: | a dict mapping pids (ints) to pid_files (paths) |
---|
wait on spawned procs to terminate
Generator, yields (pid_file, pids)
Kill running pids
Parameters: | graceful – if True, attempt SIGHUP on supporting servers |
---|---|
Returns: | a dict mapping pids (ints) to pid_files (paths) |
Collect conf files and attempt to spawn the processes for this server
Get pid files for this server
Param: | number, if supplied will only lookup the nth server |
---|---|
Returns: | list of pid files |
Send a signal to pids for this server
Parameters: | sig – signal to send |
---|---|
Returns: | a dict mapping pids (ints) to pid_files (paths) |
Launch a subprocess for this server.
Parameters: |
|
---|---|
Returns: | the pid of the spawned process |
Display status of server
Param: | pids, if not supplied pids will be populated automatically |
---|---|
Param: | number, if supplied will only lookup the nth server |
Returns: | 1 if server is not running, 0 otherwise |
Send stop signals to pids for this server
Returns: | a dict mapping pids (ints) to pid_files (paths) |
---|
wait on spawned procs to start
Decorator to declare which methods are accessible as commands, commands always return 1 or 0, where 0 should indicate success.
Parameters: | func – function to make public |
---|
Send signal to process group
: param pid: process id : param sig: signal to send
Send signal to process and check process name
: param pid: process id : param sig: signal to send : param name: name to ensure target process
Try to increase resource limits of the OS. Move PYTHON_EGG_CACHE to /tmp
Monitor a collection of server pids yielding back those pids that aren’t responding to signals.
Parameters: | server_pids – a dict, lists of pids [int,...] keyed on Server objects |
---|
Why our own memcache client? By Michael Barton
python-memcached doesn’t use consistent hashing, so adding or removing a memcache server from the pool invalidates a huge percentage of cached items.
If you keep a pool of python-memcached client objects, each client object has its own connection to every memcached server, only one of which is ever in use. So you wind up with n * m open sockets and almost all of them idle. This client effectively has a pool for each server, so the number of backend connections is hopefully greatly reduced.
python-memcache uses pickle to store things, and there was already a huge stink about Swift using pickles in memcache (http://osvdb.org/show/osvdb/86581). That seemed sort of unfair, since nova and keystone and everyone else use pickles for memcache too, but it’s hidden behind a “standard” library. But changing would be a security regression at this point.
Also, pylibmc wouldn’t work for us because it needs to use python sockets in order to play nice with eventlet.
Lucid comes with memcached: v1.4.2. Protocol documentation for that version is at:
http://github.com/memcached/memcached/blob/1.4.2/doc/protocol.txt
Bases: eventlet.pools.Pool
Connection pool for Memcache Connections
The server parameter can be a hostname, an IPv4 address, or an IPv6 address with an optional port. See swift.common.utils.parse_socket_string() for details.
Bases: object
Simple, consistent-hashed memcache client.
Decrements a key which has a numeric value by delta. Calls incr with -delta.
Parameters: |
|
---|---|
Returns: | result of decrementing |
Raises MemcacheConnectionError: | |
Deletes a key/value pair from memcache.
Parameters: | key – key to be deleted |
---|
Gets the object specified by key. It will also unserialize the object before returning if it is serialized in memcache with JSON, or if it is pickled and unpickling is allowed.
Parameters: | key – key |
---|---|
Returns: | value of the key in memcache |
Gets multiple values from memcache for the given keys.
Parameters: |
|
---|---|
Returns: | list of values |
Increments a key which has a numeric value by delta. If the key can’t be found, it’s added as delta or 0 if delta < 0. If passed a negative number, will use memcached’s decr. Returns the int stored in memcached Note: The data memcached stores as the result of incr/decr is an unsigned int. decr’s that result in a number below 0 are stored as 0.
Parameters: |
|
---|---|
Returns: | result of incrementing |
Raises MemcacheConnectionError: | |
Set a key/value pair in memcache
Parameters: |
|
---|---|
Min_compress_len: | |
minimum compress length, this parameter was added to keep the signature compatible with python-memcached interface. This implementation ignores it. |
Sets multiple key/value pairs in memcache.
Parameters: |
|
---|---|
Min_compress_len: | |
minimum compress length, this parameter was added to keep the signature compatible with python-memcached interface. This implementation ignores it |
Sanitize a timeout value to use an absolute expiration time if the delta is greater than 30 days (in seconds). Note that the memcached server translates negative values to mean a delta of 30 days in seconds (and 1 additional second), client beware.
Miscellaneous utility functions for use in generating responses.
Why not swift.common.utils, you ask? Because this way we can import things from swob in here without creating circular imports.
Bases: object
Iterable that returns the object contents for a large object.
Parameters: |
|
---|
swob.Response will only respond with a 206 status in certain cases; one of those is if the body iterator responds to .app_iter_range().
However, this object (or really, its listing iter) is smart enough to handle the range stuff internally, so we just no-op this out for swob.
Called when the client disconnect. Ensure that the connection to the backend server is closed.
Start fetching object data to ensure that the first segment (if any) is valid. This is to catch cases like “first segment is missing” or “first segment’s etag doesn’t match manifest”.
Note: this does not validate that you have any segments. A zero-segment large object is not erroneous; it is just empty.
Will copy desired subset of headers from from_r to to_r.
Parameters: |
|
---|
Determine the content type to use for an account or container listing response.
Parameters: | req – request object |
---|---|
Returns: | content type as a string (e.g. text/plain, application/json) |
Raises: | HTTPNotAcceptable if the requested content type is not acceptable |
Raises: | HTTPBadRequest if the ‘format’ query param is provided and not valid UTF-8 |
Utility function to split and validate the request path and storage policy. The storage policy index is extracted from the headers of the request and converted to a StoragePolicy instance. The remaining args are passed through to split_and_validate_path().
Returns: | a list, result of split_and_validate_path() with the BaseStoragePolicy instance appended on the end |
---|---|
Raises: | HTTPServiceUnavailable if the path is invalid or no policy exists with the extracted policy_index. |
Returns the Object Transient System Metadata header for key. The Object Transient System Metadata namespace will be persisted by backend object servers. These headers are treated in the same way as object user metadata i.e. all headers in this namespace will be replaced on every POST request.
Parameters: | key – metadata key |
---|---|
Returns: | the entire object transient system metadata header for key |
Get parameters from an HTTP request ensuring proper handling UTF-8 encoding.
Parameters: |
|
---|---|
Returns: | HTTP request parameter value (as UTF-8 encoded str, not unicode object) |
Raises: | HTTPBadRequest if param not valid UTF-8 byte sequence |
Returns the prefix for system metadata headers for given server type.
This prefix defines the namespace for headers that will be persisted by backend servers.
Parameters: | server_type – type of backend server i.e. [account|container|object] |
---|---|
Returns: | prefix string for server type’s system metadata headers |
Returns the prefix for user metadata headers for given server type.
This prefix defines the namespace for headers that will be persisted by backend servers.
Parameters: | server_type – type of backend server i.e. [account|container|object] |
---|---|
Returns: | prefix string for server type’s user metadata headers |
Takes a successful object-GET HTTP response and turns it into an iterator of (first-byte, last-byte, length, headers, body-file) 5-tuples.
The response must either be a 200 or a 206; if you feed in a 204 or something similar, this probably won’t work.
Parameters: | response – HTTP response, like from bufferedhttp.http_connect(), not a swob.Response. |
---|
Tests if a header key starts with and is longer than the prefix for object transient system metadata.
Parameters: | key – header key |
---|---|
Returns: | True if the key satisfies the test, False otherwise |
Tests if a header key starts with and is longer than the system metadata prefix for given server type.
Parameters: |
|
---|---|
Returns: | True if the key satisfies the test, False otherwise |
Tests if a header key starts with and is longer than the user or system metadata prefix for given server type.
Parameters: |
|
---|---|
Returns: | True if the key satisfies the test, False otherwise |
Tests if a header key starts with and is longer than the user metadata prefix for given server type.
Parameters: |
|
---|---|
Returns: | True if the key satisfies the test, False otherwise |
Removes items from a dict whose keys satisfy the given condition.
Parameters: |
|
---|---|
Returns: | a dict, possibly empty, of headers that have been removed |
Helper function to resolve an alternative etag value that may be stored in metadata under an alternate name.
The value of the request’s X-Backend-Etag-Is-At header (if it exists) is a comma separated list of alternate names in the metadata at which an alternate etag value may be found. This list is processed in order until an alternate etag is found.
The left most value in X-Backend-Etag-Is-At will have been set by the left most middleware, or if no middleware, by ECObjectController, if an EC policy is in use. The left most middleware is assumed to be the authority on what the etag value of the object content is.
The resolver will work from left to right in the list until it finds a value that is a name in the given metadata. So the left most wins, IF it exists in the metadata.
By way of example, assume the encrypter middleware is installed. If an object is not encrypted then the resolver will not find the encrypter middleware’s alternate etag sysmeta (X-Object-Sysmeta-Crypto-Etag) but will then find the EC alternate etag (if EC policy). But if the object is encrypted then X-Object-Sysmeta-Crypto-Etag is found and used, which is correct because it should be preferred over X-Object-Sysmeta-Crypto-Etag.
Parameters: |
|
---|---|
Returns: | an alternate etag value if any is found, otherwise None |
Utility function to split and validate the request path.
Returns: | result of split_path() if everything’s okay |
---|---|
Raises: | HTTPBadRequest if something’s not okay |
Removes the object transient system metadata prefix from the start of a header key.
Parameters: | key – header key |
---|---|
Returns: | stripped header key |
Removes the system metadata prefix for a given server type from the start of a header key.
Parameters: |
|
---|---|
Returns: | stripped header key |
Removes the user metadata prefix for a given server type from the start of a header key.
Parameters: |
|
---|---|
Returns: | stripped header key |
Helper function to update an X-Backend-Etag-Is-At header whose value is a list of alternative header names at which the actual object etag may be found. This informs the object server where to look for the actual object etag when processing conditional requests.
Since the proxy server and/or middleware may set alternative etag header names, the value of X-Backend-Etag-Is-At is a comma separated list which the object server inspects in order until it finds an etag value.
Parameters: |
|
---|
Implementation of WSGI Request and Response objects.
This library has a very similar API to Webob. It wraps WSGI request environments and response values into objects that are more friendly to interact with.
Why Swob and not just use WebOb? By Michael Barton
We used webob for years. The main problem was that the interface wasn’t stable. For a while, each of our several test suites required a slightly different version of webob to run, and none of them worked with the then-current version. It was a huge headache, so we just scrapped it.
This is kind of a ton of code, but it’s also been a huge relief to not have to scramble to add a bunch of code branches all over the place to keep Swift working every time webob decides some interface needs to change.
Bases: object
Wraps a Request’s Accept header as a friendly object.
Parameters: | headerval – value of the header as a str |
---|
Returns the item from “options” that best matches the accept header. Returns None if no available options are acceptable to the client.
Parameters: | options – a list of content-types the server can respond with |
---|
Bases: _abcoll.MutableMapping
A dict-like object that proxies requests to a wsgi environ, rewriting header keys to environ keys.
For example, headers[‘Content-Range’] sets and gets the value of headers.environ[‘HTTP_CONTENT_RANGE’]
Bases: object
Wraps a Request’s If-[None-]Match header as a friendly object.
Parameters: | headerval – value of the header as a str |
---|
Bases: object
Wraps a Request’s Range header as a friendly object. After initialization, “range.ranges” is populated with a list of (start, end) tuples denoting the requested ranges.
If there were any syntactically-invalid byte-range-spec values, the constructor will raise a ValueError, per the relevant RFC:
“The recipient of a byte-range-set that includes one or more syntactically invalid byte-range-spec values MUST ignore the header field that includes that byte-range-set.”
According to the RFC 2616 specification, the following cases will be all considered as syntactically invalid, thus, a ValueError is thrown so that the range header will be ignored. If the range value contains at least one of the following cases, the entire range is considered invalid, ValueError will be thrown so that the header will be ignored.
Every syntactically valid range will be added into the ranges list even when some of the ranges may not be satisfied by underlying content.
Parameters: | headerval – value of the header as a str |
---|
This method is used to return multiple ranges for a given length which should represent the length of the underlying content. The constructor method __init__ made sure that any range in ranges list is syntactically valid. So if length is None or size of the ranges is zero, then the Range header should be ignored which will eventually make the response to be 200.
If an empty list is returned by this method, it indicates that there are unsatisfiable ranges found in the Range header, 416 will be returned.
if a returned list has at least one element, the list indicates that there is at least one range valid and the server should serve the request with a 206 status code.
The start value of each range represents the starting position in the content, the end value represents the ending position. This method purposely adds 1 to the end number because the spec defines the Range to be inclusive.
The Range spec can be found at the following link: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35.1
Parameters: | length – length of the underlying content |
---|
Bases: object
WSGI Request object.
Retrieve and set the accept property in the WSGI environ, as a Accept object
Get and set the swob.ACL property in the WSGI environment
Create a new request object with the given parameters, and an environment otherwise filled in with non-surprising default values.
Parameters: |
|
---|
Get and set the request body str
Get and set the wsgi.input property in the WSGI environment
Calls the application with this request’s environment. Returns the status, headers, and app_iter for the response as a tuple.
Parameters: | application – the WSGI application to call |
---|
Retrieve and set the content-length header as an int
Makes a copy of the request, converting it to a GET.
Calls the application with this request’s environment. Returns a Response object that wraps up the application’s result.
Parameters: | application – the WSGI application to call |
---|
Get and set the HTTP_HOST property in the WSGI environment
Get url for request/response up to path
Retrieve and set the if-match property in the WSGI environ, as a Match object
Retrieve and set the if-modified-since header as a datetime, set it with a datetime, int, or str
Retrieve and set the if-none-match property in the WSGI environ, as a Match object
Retrieve and set the if-unmodified-since header as a datetime, set it with a datetime, int, or str
Properly determine the message length for this request. It will return an integer if the headers explicitly contain the message length, or None if the headers don’t contain a length. The ValueError exception will be raised if the headers are invalid.
Raises: |
|
---|
Get and set the REQUEST_METHOD property in the WSGI environment
Provides QUERY_STRING parameters as a dictionary
Provides the full path of the request, excluding the QUERY_STRING
Get and set the PATH_INFO property in the WSGI environment
Takes one path portion (delineated by slashes) from the path_info, and appends it to the script_name. Returns the path segment.
The path of the request, without host but with query string.
Get and set the QUERY_STRING property in the WSGI environment
Retrieve and set the range property in the WSGI environ, as a Range object
Get and set the HTTP_REFERER property in the WSGI environment
Get and set the HTTP_REFERER property in the WSGI environment
Get and set the REMOTE_ADDR property in the WSGI environment
Get and set the REMOTE_USER property in the WSGI environment
Get and set the SCRIPT_NAME property in the WSGI environment
Validate and split the Request’s path.
Examples:
['a'] = split_path('/a')
['a', None] = split_path('/a', 1, 2)
['a', 'c'] = split_path('/a/c', 1, 2)
['a', 'c', 'o/r'] = split_path('/a/c/o/r', 1, 3, True)
Parameters: |
|
---|---|
Returns: | list of segments with a length of maxsegs (non-existent segments will return as None) |
Raises: | ValueError if given an invalid path |
Provides QUERY_STRING parameters as a dictionary
Provides the account/container/object path, sans API version.
This can be useful when constructing a path to send to a backend server, as that path will need everything after the “/v1”.
Provides the full url of the request
Get and set the HTTP_USER_AGENT property in the WSGI environment
Bases: object
WSGI Response object.
Respond to the WSGI request.
Warning
This will translate any relative Location header value to an absolute URL using the WSGI environment’s HOST_URL as a prefix, as RFC 2616 specifies.
However, it is quite common to use relative redirects, especially when it is difficult to know the exact HOST_URL the browser would have used when behind several CNAMEs, CDN services, etc. All modern browsers support relative redirects.
To skip over RFC enforcement of the Location header value, you may set env['swift.leave_relative_location'] = True in the WSGI environment.
Attempt to construct an absolute location.
Retrieve and set the accept-ranges header
Retrieve and set the response app_iter
Retrieve and set the Response body str
Retrieve and set the response charset
The conditional_etag keyword argument for Response will allow the conditional match value of a If-Match request to be compared to a non-standard value.
This is available for Storage Policies that do not store the client object data verbatim on the storage nodes, but still need support conditional requests.
It’s most effectively used with X-Backend-Etag-Is-At which would define the additional Metadata key(s) where the original ETag of the clear-form client request data may be found.
Retrieve and set the content-length header as an int
Retrieve and set the content-range header
Retrieve and set the response Content-Type header
Retrieve and set the response Etag header
You may call this once you have set the content_length to the whole object length and body or app_iter to reset the content_length properties on the request.
It is ok to not call this method, the conditional response will be maintained for you when you __call__ the response.
Get url for request/response up to path
Retrieve and set the last-modified header as a datetime, set it with a datetime, int, or str
Retrieve and set the location header
Retrieve and set the Response status, e.g. ‘200 OK’
Construct a suitable value for WWW-Authenticate response header
If we have a request and a valid-looking path, the realm is the account; otherwise we set it to ‘unknown’.
Bases: object
A dict-like object that returns HTTPException subclasses/factory functions where the given key is the status code.
Bases: StringIO.StringIO
This class adds support for the additional wsgi.input methods defined on eventlet.wsgi.Input to the BytesIO class which would otherwise be a fine stand-in for the file-like object in the WSGI environment.
A decorator for translating functions which take a swob Request object and return a Response object into WSGI callables. Also catches any raised HTTPExceptions and treats them as a returned Response.
Miscellaneous utility functions for use with Swift.
Bases: object
Like itertools.chain, but with a close method that will attempt to invoke its sub-iterators’ close methods, if any.
Bases: eventlet.greenpool.GreenPool
GreenPool subclassed to kill its coros when it gets gc’ed
Bases: object
Runs jobs in a pool of green threads, and the results can be retrieved by using this object as an iterator.
This is very similar in principle to eventlet.GreenPile, except it returns results as they become available rather than in the order they were launched.
Correlating results with jobs (if necessary) is left to the caller.
Spawn a job in a green thread on the pile.
Wait timeout seconds for any results to come in.
Parameters: | timeout – seconds to wait for results |
---|---|
Returns: | list of results accrued in that time |
Wait up to timeout seconds for first result to come in.
Parameters: | timeout – seconds to wait for results |
---|---|
Returns: | first item to come back, or None |
Bases: object
Wrap an iterator to ensure that only one greenthread is inside its next() method at a time.
This is useful if an iterator’s next() method may perform network IO, as that may trigger a greenthread context switch (aka trampoline), which can give another greenthread a chance to call next(). At that point, you get an error like “ValueError: generator already executing”. By wrapping calls to next() with a mutex, we avoid that error.
Bases: object
File-like object that counts bytes read. To be swapped in for wsgi.input for accounting purposes.
Pass read request to the underlying file-like object and add bytes read to total.
Pass readline request to the underlying file-like object and add bytes read to total.
Bases: object
Decorator for size/time bound memoization that evicts the least recently used members.
Bases: logging.LoggerAdapter, object
A Logger like object which performs some reformatting on calls to exception(). Can be used to store a threadlocal transaction id and client ip.
Convenience function for syslog priority LOG_NOTICE. The python logging lvl is set to 25, just above info. SysLogHandler is monkey patched to map this log lvl to the LOG_NOTICE syslog priority.
Add extra info to message
The StatsD client prefix defaults to the “name” of the logger. This method may override that default with a specific value. Currently used in the proxy-server to differentiate the Account, Container, and Object controllers.
Factory to create methods which delegate to methods on self.logger.statsd_client (an instance of StatsdClient). The created methods conditionally delegate to a method whose name is given in ‘statsd_func_name’. The created delegate methods are a no-op when StatsD logging is not configured.
Parameters: | statsd_func_name – the name of a method on StatsdClient. |
---|
Bases: urlparse.ParseResult
Parse results class for urlparse.
Give __NR_ioprio_set value for your system.
Bases: object
A no-op logger for eventlet wsgi.
Bases: object
Mutex using a pipe. Works across both greenlets and real threads, even at the same time.
Acquire the mutex.
If called with blocking=False, returns True if the mutex was acquired and False if it wasn’t. Otherwise, blocks until the mutex is acquired and returns True.
This lock is recursive; the same greenthread may acquire it as many times as it wants to, though it must then release it that many times too.
Close the mutex. This releases its file descriptors.
You can’t use a mutex after it’s been closed.
Release the mutex.
Bases: object
Wrap an iterator to only yield elements at a rate of N per second.
Parameters: |
|
---|
Bases: swift.common.utils.GreenAsyncPile
Runs jobs in a pool of green threads, spawning more jobs as results are retrieved and worker threads become available.
When used as a context manager, has the same worker-killing properties as ContextPool.
This is the same as itertools.starmap(), except that func is executed in a separate green thread for each item, and results won’t necessarily have the same order as inputs.
Bases: logging.Formatter
Custom logging.Formatter will append txn_id to a log message if the record has one and the message does not. Optionally it can shorten overly long log lines.
Bases: object
Internal Representation of Swift Time.
The normalized form of the X-Timestamp header looks like a float with a fixed width to ensure stable string sorting - normalized timestamps look like “1402464677.04188”
To support overwrites of existing data without modifying the original timestamp but still maintain consistency a second internal offset vector is append to the normalized timestamp form which compares and sorts greater than the fixed width float format but less than a newer timestamp. The internalized format of timestamps looks like “1402464677.04188_0000000000000000” - the portion after the underscore is the offset and is a formatted hexadecimal integer.
The internalized form is not exposed to clients in responses from Swift. Normal client operations will not create a timestamp with an offset.
The Timestamp class in common.utils supports internalized and normalized formatting of timestamps and also comparison of timestamp values. When the offset value of a Timestamp is 0 - it’s considered insignificant and need not be represented in the string format; to support backwards compatibility during a Swift upgrade the internalized and normalized form of a Timestamp with an insignificant offset are identical. When a timestamp includes an offset it will always be represented in the internalized form, but is still excluded from the normalized form. Timestamps with an equivalent timestamp portion (the float part) will compare and order by their offset. Timestamps with a greater timestamp portion will always compare and order greater than a Timestamp with a lesser timestamp regardless of it’s offset. String comparison and ordering is guaranteed for the internalized string format, and is backwards compatible for normalized timestamps which do not include an offset.
Turns an affinity config value into a function suitable for passing to sort(). After doing so, the array will be sorted with respect to the given ordering.
For example, if affinity_str is “r1=1, r2z7=2, r2z8=2”, then the array will be sorted with all nodes from region 1 (r1=1) first, then all the nodes from region 2 zones 7 and 8 (r2z7=2 and r2z8=2), then everything else.
Note that the order of the pieces of affinity_str is irrelevant; the priority values are what comes after the equals sign.
If affinity_str is empty or all whitespace, then the resulting function will not alter the ordering of the nodes.
Parameters: | affinity_str – affinity config value, e.g. “r1z2=3” or “r1=1, r2z1=2, r2z2=2” |
---|---|
Returns: | single-argument function |
Raises: | ValueError if argument invalid |
Turns a write-affinity config value into a predicate function for nodes. The returned value will be a 1-arg function that takes a node dictionary and returns a true value if it is “local” and a false value otherwise. The definition of “local” comes from the affinity_str argument passed in here.
For example, if affinity_str is “r1, r2z2”, then only nodes where region=1 or where (region=2 and zone=2) are considered local.
If affinity_str is empty or all whitespace, then the resulting function will consider everything local
Parameters: | affinity_str – affinity config value, e.g. “r1z2” or “r1, r2z1, r2z2” |
---|---|
Returns: | single-argument function, or None if affinity_str is empty |
Raises: | ValueError if argument invalid |
Given a devices path and a data directory, yield (path, device, partition) for all files in that directory
Parameters: |
|
---|
A generator returning lines from a file starting with the last line, then the second last line, etc. i.e., it reads lines backwards. Stops when the first line (if any) is read. This is useful when searching for recent activity in very large files.
Parameters: |
|
---|
Get memcache connection pool from the environment (which had been previously set by the memcache middleware
Parameters: | env – wsgi environment dict |
---|---|
Returns: | swift.common.memcached.MemcacheRing from environment |
Log unhandled exceptions, close stdio, capture stdout and stderr.
param logger: Logger object to use
Like contextlib.closing(), but doesn’t crash if the object lacks a close() method.
PEP 333 (WSGI) says: “If the iterable returned by the application has a close() method, the server or gateway must call that method upon completion of the current request[.]” This function makes that easier.
Compute an ETA. Now only if we could also have a progress bar...
Parameters: |
|
---|---|
Returns: | ETA as a tuple of (length of time, unit of time) where unit of time is one of (‘h’, ‘m’, ‘s’) |
Returns default if value is None or ‘auto’. Returns value as an int or raises ValueError otherwise.
Returns fallocate reserve_value as an int or float. Returns is_percent as a boolean. Returns a ValueError on invalid fallocate value.
Read prefixed options from configuration
Parameters: |
|
---|---|
Returns: | a dict containing the options |
Read reseller_prefix option and associated options from configuration
Reads the reseller_prefix option, then reads options that may be associated with a specific reseller prefix. Reads options such that an option without a prefix applies to all reseller prefixes unless an option has an explicit prefix.
Parameters: |
|
---|---|
Returns: | tuple of an array of reseller prefixes and a dict of option values |
Returns True if the value is either True or a string in TRUE_VALUES. Returns False otherwise.
Appends an item to a comma-separated string.
If the comma-separated string is empty/None, just returns item.
Parses a string of the form generated by encode_timestamps and returns a tuple of the three component timestamps. If explicit is False, component timestamps that are not explicitly encoded will be assumed to have zero delta from the previous component and therefore take the value of the previous component. If explicit is True, component timestamps that are not explicitly encoded will be returned with value None.
Takes an iterator of range iters and turns it into an appropriate HTTP response body, whether that’s multipart/byteranges or not.
This is almost, but not quite, the inverse of request_helpers.http_response_to_document_iters(). This function only yields chunks of the body, not any headers.
Parameters: |
|
---|
Takes an iterator of range iters and yields a multipart/byteranges MIME document suitable for sending as the body of a multi-range 206 response.
See document_iters_to_http_response_body for parameter descriptions.
Drop ‘buffer’ cache for the given range of the given file.
Parameters: |
|
---|
Sets the userid/groupid of the current process, get session leader, etc.
Parameters: | user – User name to change privileges to |
---|
Update recon cache values
Parameters: |
|
---|
Encode up to three timestamps into a string. Unlike a Timestamp object, the encoded string does NOT used fixed width fields and consequently no relative chronology of the timestamps can be inferred from lexicographic sorting of encoded timestamp strings.
i.e. if t1 = t2 = t3 then just the string representation of t1 is returned, otherwise the time offsets for t2 and t3 are appended. If explicit is True then the offsets for t2 and t3 are always appended even if zero.
Note: any offset value in t1 will be preserved, but offsets on t2 and t3 are not preserved. In the anticipated use cases for this method (and the inverse decode_timestamps method) the timestamps passed as t2 and t3 are not expected to have offsets as they will be timestamps associated with a POST request. In the case where the encoding is used in a container objects table row, t1 could be the PUT or DELETE time but t2 and t3 represent the content type and metadata times (if different from the data file) i.e. correspond to POST timestamps. In the case where the encoded form is used in a .meta file name, t1 and t2 both correspond to POST timestamps.
Expand ipv6 address. :param address: a string indicating valid ipv6 address :returns: a string indicating fully expanded ipv6 address
Parameters: | content_type – a content-type string |
---|---|
Returns: | a tuple of (content-type, swift_bytes or None) |
Pre-allocate disk space for a file.
Parameters: |
|
---|
Sync modified file data to disk.
Parameters: | fd – file descriptor |
---|
Sync modified file data and metadata to disk.
Parameters: | fd – file descriptor |
---|
Sync directory entries to disk.
Parameters: | dirpath – Path to the directory to be synced. |
---|
Returns a expiring object container name for given X-Delete-At and a/c/o.
Returns the hexdigest string of the HMAC-SHA1 (RFC 2104) for the request.
Parameters: |
|
---|---|
Returns: | hexdigest str of the HMAC-SHA1 for the request. |
Checks whether poll is available and falls back on select if it isn’t.
Note about epoll:
Review: https://review.openstack.org/#/c/18806/
There was a problem where once out of every 30 quadrillion connections, a coroutine wouldn’t wake up when the client closed its end. Epoll was not reporting the event or it was getting swallowed somewhere. Then when that file descriptor was re-used, eventlet would freak right out because it still thought it was waiting for activity from it in some other coro.
Make a line for logging that matches the documented log line format for backend servers.
Parameters: |
|
---|---|
Returns: | a properly formatted line for logging. |
Get the current system logger using config settings.
Log config and defaults:
log_facility = LOG_LOCAL0
log_level = INFO
log_name = swift
log_max_line_length = 0
log_udp_host = (disabled)
log_udp_port = logging.handlers.SYSLOG_UDP_PORT
log_address = /dev/log
log_statsd_host = (disabled)
log_statsd_port = 8125
log_statsd_default_sample_rate = 1.0
log_statsd_sample_rate_factor = 1.0
log_statsd_metric_prefix = (empty-string)
Parameters: |
|
---|
Get an MD5 socket file descriptor. One can MD5 data with it by writing it to the socket with os.write, then os.read the 16 bytes of the checksum out later.
NOTE: It is the caller’s responsibility to ensure that os.close() is called on the returned file descriptor. This is a bare file descriptor, not a Python object. It doesn’t close itself.
Returns the appropriate index of the storage policy for the request from a proxy server
Parameters: |
|
---|---|
Returns: | string index of storage policy, or None |
Returns information about the swift cluster that has been previously registered with the register_swift_info call.
Parameters: |
|
---|---|
Returns: | dictionary of information about the swift cluster. |
Get a nomralized length of time in the largest unit of time (hours, minutes, or seconds.)
Parameters: | time_amount – length of time in seconds |
---|---|
Returns: | A touple of (length of time, unit of time) where unit of time is one of (‘h’, ‘m’, ‘s’) |
Get valid parts of utf-8 str from str, unicode and even invalid utf-8 str
Parameters: | str_or_unicode – a string or an unicode which can be invalid utf-8 |
---|
Get the canonical hash for an account/container/object
Parameters: |
|
---|---|
Returns: | hash string |
Returns the number in a human readable format; for example 1048576 = “1Mi”.
Return True if the provided ip is a valid IP-address
Return True if the provided ip is a valid IPv4-address
Returns True if the provided ip is a valid IPv6-address
Test whether a path is a mount point. This will catch any exceptions and translate them into a False return value Use ismount_raw to have the exceptions raised instead.
Test whether a path is a mount point. Whereas ismount will catch any exceptions and just return False, this raw version will not catch exceptions.
This is code hijacked from C Python 2.6.8, adapted to remove the extra lstat() system call.
Get a value from the wsgi environment
Parameters: |
|
---|---|
Returns: | the value from the environment |
Given a multi-part-mime-encoded input file object and boundary, yield file-like objects for each part. Note that this does not split each part into headers and body; the caller is responsible for doing that if necessary.
Parameters: |
|
---|---|
Returns: | A generator of file-like objects for each part. |
Raises: | MimeInvalid if the document is malformed |
Convert a last modified date (like you’d get from a container listing, e.g. 2014-02-28T23:22:36.698390) to a float.
Creates a link to file descriptor at target_path specified. This method does not close the fd for you. Unlike rename, as linkat() cannot overwrite target_path if it exists, we unlink and try again.
Attempts to fix / hide race conditions like empty object directories being removed by backend processes during uploads, by retrying.
Parameters: |
|
---|
Splits the str given and returns a properly stripped list of the comma separated values.
Attempt to find the function in libc, otherwise return a no-op func.
Parameters: |
|
---|
Context manager that acquires a lock on a file. This will block until the lock can be acquired, or the timeout time has expired (whichever occurs first).
Parameters: |
|
---|
Context manager that acquires a lock on the parent directory of the given file path. This will block until the lock can be acquired, or the timeout time has expired (whichever occurs first).
Parameters: |
|
---|
Context manager that acquires a lock on a directory. This will block until the lock can be acquired, or the timeout time has expired (whichever occurs first).
For locking exclusively, file or directory has to be opened in Write mode. Python doesn’t allow directories to be opened in Write Mode. So we workaround by locking a hidden file in the directory.
Parameters: |
|
---|
Same as os.makedirs() except that this method returns the number of new directories that had to be created.
Also, this does not raise an error if target directory already exists. This behaviour is similar to Python 3.x’s os.makedirs() called with exist_ok=True. Also similar to swift.common.utils.mkdirs()
Takes an iterator that may or may not contain a multipart MIME document as well as content type and returns an iterator of body iterators.
Parameters: |
|
---|
Takes a file-like object containing a multipart MIME document and returns an iterator of (headers, body-file) tuples.
Parameters: |
|
---|
Ensures the path is a directory or makes it if not. Errors if the path exists but is a file or on permissions failure.
Parameters: | path – path to create |
---|
Modify priority by nice and ionice.
Takes a file-like object containing a multipart/byteranges MIME document (see RFC 7233, Appendix A) and returns an iterator of (first-byte, last-byte, length, document-headers, body-file) 5-tuples.
Parameters: |
|
---|
Format a timestamp (string or numeric) into a standardized xxxxxxxxxx (10) format.
Note that timestamps less than 0000000000 are raised to 0000000000 and values greater than November 20th, 2286 at 17:46:39 UTC will be capped at that date and time, resulting in no return value exceeding 9999999999.
This cap is because the expirer is already working through a sorted list of strings that were all a length of 10. Adding another digit would mess up the sort and cause the expirer to break from processing early. By 2286, this problem will need to be fixed, probably by creating an additional .expiring_objects account to work from with 11 (or more) digit container names.
Parameters: | timestamp – unix timestamp |
---|---|
Returns: | normalized timestamp as a string |
Format a timestamp (string or numeric) into a standardized xxxxxxxxxx.xxxxx (10.5) format.
Note that timestamps using values greater than or equal to November 20th, 2286 at 17:46 UTC will use 11 digits to represent the number of seconds.
Parameters: | timestamp – unix timestamp |
---|---|
Returns: | normalized timestamp as a string |
Returns True if O_TMPFILE flag is supported.
O_TMPFILE was introduced in Linux 3.11 but it also requires support from underlying filesystem being used. Some common filesystems and linux versions in which those filesystems added support for O_TMPFILE: xfs (3.15) ext4 (3.11) btrfs (3.16)
Takes a dict from a container listing and overrides the content_type, bytes fields if swift_bytes is set.
Returns an iterator of all pairs of elements from item_list.
Parameters: | items – items (no duplicates allowed) |
---|
Given the value of a header like: Content-Disposition: form-data; name=”somefile”; filename=”test.html”
Return data like (“form-data”, {“name”: “somefile”, “filename”: “test.html”})
Parameters: | header – Value of a header (the part after the ‘: ‘). |
---|---|
Returns: | (value name, dict) of the attribute data parsed (see above). |
Parse a content-range header into (first_byte, last_byte, total_size).
See RFC 7233 section 4.2 for details on the header format, but it’s basically “Content-Range: bytes ${start}-${end}/${total}”.
Parameters: | content_range – Content-Range header value to parse, e.g. “bytes 100-1249/49004” |
---|---|
Returns: | 3-tuple (start, end, total) |
Raises: | ValueError if malformed |
Parse a content-type and its parameters into values. RFC 2616 sec 14.17 and 3.7 are pertinent.
Examples:
'text/plain; charset=UTF-8' -> ('text/plain', [('charset, 'UTF-8')])
'text/plain; charset=UTF-8; level=1' ->
('text/plain', [('charset, 'UTF-8'), ('level', '1')])
Parameters: | content_type – content_type to parse |
---|---|
Returns: | a tuple containing (content type, list of k, v parameter tuples) |
Takes a file-like object containing a MIME document and returns a HeaderKeyDict containing the headers. The body of the message is not consumed: the position in doc_file is left at the beginning of the body.
This function was inspired by the Python standard library’s http.client.parse_headers.
Parameters: | doc_file – binary file-like object containing a MIME document |
---|---|
Returns: | a swift.common.swob.HeaderKeyDict containing the headers |
Parse standard swift server/daemon options with optparse.OptionParser.
Parameters: |
|
---|---|
Returns: | Tuple of (config, options); config is an absolute path to the config file, options is the parser options as a dictionary. |
Raises SystemExit: | |
First arg (CONFIG) is required, file must exist |
Given a string representing a socket, returns a tuple of (host, port). Valid strings are DNS names, IPv4 addresses, or IPv6 addresses, with an optional port. If an IPv6 address is specified it must be enclosed in [], like [::1] or [::1]:11211. This follows the accepted prescription for IPv6 host literals.
Examples:
server.org
server.org:1337
127.0.0.1:1337
[::1]:1337
[::1]
Decorator to declare which methods are publicly accessible as HTTP requests
Parameters: | func – function to make public |
---|
Function that will check if item is a dict, and if so put it under cache_entry[key]. We use nested recon cache entries when the object auditor runs in parallel or else in ‘once’ mode with a specified subset of devices.
quorum size as it applies to services that use ‘replication’ for data integrity (Account/Container services). Object quorum_size is defined on a storage policy basis.
Number of successful backend requests needed for the proxy to consider the client request successful.
Patched version of urllib.quote that encodes utf-8 strings before quoting
Will eventlet.sleep() for the appropriate time so that the max_rate is never exceeded. If max_rate is 0, will not ratelimit. The maximum recommended rate should not exceed (1000 * incr_by) a second as eventlet.sleep() does involve some overhead. Returns running_time that should be used for subsequent calls.
Parameters: |
|
---|
Read config file(s) and return config items as a dict
Parameters: |
|
---|---|
Returns: | dict of config items |
Registers information about the swift cluster to be retrieved with calls to get_swift_info.
Parameters: |
|
---|---|
Raises ValueError: | |
if name or any of the keys in kwargs has ”.” in it |
Consume the first item from an iterator, then re-chain it to the rest of the iterator. This is useful when you want to make sure the prologue to downstream generators have been executed before continuing.
Parameters: | iterable – an iterable object |
---|
Quiet wrapper for os.unlink, OSErrors are suppressed
Parameters: | path – first and only argument passed to os.unlink |
---|
Attempt to fix / hide race conditions like empty object directories being removed by backend processes during uploads, by retrying.
The containing directory of ‘new’ and of all newly created directories are fsync’d by default. This _will_ come at a performance penalty. In cases where these additional fsyncs are not necessary, it is expected that the caller of renamer() turn it off explicitly.
Parameters: |
|
---|
Decorator to declare which methods are accessible for different type of servers:
Parameters: | func – function to mark accessible for replication |
---|
Transform ip string to an rsync-compatible form
Will return ipv4 addresses unchanged, but will nest ipv6 addresses inside square brackets.
Parameters: | ip – an ip string (ipv4 or ipv6) |
---|---|
Returns: | a string ip address |
Interpolate devices variables inside a rsync module template
Parameters: |
|
---|---|
Returns: | a string with all variables replaced by device attributes |
Look in root, for any files/dirs matching glob, recursively traversing any found directories looking for files ending with ext
Parameters: |
|
---|---|
Returns: | list of full paths to matching files, sorted |
True for successful responses or error codes that are not Swift’s fault, False otherwise. For example, 500 is definitely the server’s fault, but 412 is an error code (4xx are all errors) that is due to a header the client sent.
If one is tracking error rates to monitor server health, one would be advised to use a function like this one, lest a client cause a flurry of 404s or 416s and make a spurious spike in your errors graph.
Validate and split the given HTTP request path.
Examples:
['a'] = split_path('/a')
['a', None] = split_path('/a', 1, 2)
['a', 'c'] = split_path('/a/c', 1, 2)
['a', 'c', 'o/r'] = split_path('/a/c/o/r', 1, 3, True)
Parameters: |
|
---|---|
Returns: | list of segments with a length of maxsegs (non-existent segments will return as None) |
Raises: | ValueError if given an invalid path |
Get the storage directory
Parameters: |
|
---|---|
Returns: | Storage directory |
Constant-time string comparison.
Params s1: | the first string |
---|---|
Params s2: | the second string |
Returns: | True if the strings are equal. |
This function takes two strings and compares them. It is intended to be used when doing a comparison for authentication purposes to help guard against timing attacks.
Returns a decorator that logs timing events or errors for public methods in swift’s wsgi server controllers, based on response code.
Hack to work around Eventlet’s tpool not catching and reraising Timeouts.
Remove any file in a given path that that was last modified before mtime.
Parameters: |
|
---|
Remove any files from the given list that that were last modified before mtime.
Parameters: |
|
---|
urlparse augmentation. This is necessary because urlparse can’t handle RFC 2732 URLs.
Parameters: | url – URL to parse. |
---|
Validate that a device and a partition are valid and won’t lead to directory traversal when used.
Parameters: |
|
---|---|
Raises: | ValueError if given an invalid device or partition |
Validates an X-Container-Sync-To header value, returning the validated endpoint, realm, and realm_key, or an error string.
Parameters: |
|
---|---|
Returns: | A tuple of (error_string, validated_endpoint, realm, realm_key). The error_string will None if the rest of the values have been validated. The validated_endpoint will be the validated endpoint to sync to. The realm and realm_key will be set if validation was done through realms_conf. |
Get “our” IP addresses (“us” being the set of services configured by one *.conf file). If our REST listens on a specific address, return it. Otherwise, if listen on ‘0.0.0.0’ or ‘::’ return all addresses, including the loopback.
Parameters: | bind_ip (str) – Optional bind_ip from a config file; may be IP address or hostname. |
---|---|
Returns: | list of Strings of ip addresses |
Write contents to file at path
Parameters: |
|
---|
Ensure that a pickle file gets written to disk. The file is first written to a tmp location, ensure it is synced to disk, then perform a move to its final location
Parameters: |
|
---|
WSGI tools for use with swift.
Bases: swift.common.wsgi.NamedConfigLoader
Read configuration from multiple files under the given path.
Bases: swift.common.wsgi.NamedConfigLoader
Wrap a raw config string up for paste.deploy.
If you give one of these to our loadcontext (e.g. give it to our appconfig) we’ll intercept it and get it routed to the right loader.
Bases: paste.deploy.loadwsgi.ConfigLoader
Patch paste.deploy’s ConfigLoader so each context object will know what config section it came from.
Bases: object
This class provides a number of utility methods for modifying the composition of a wsgi pipeline.
Creates a context for a filter that can subsequently be added to a pipeline context.
Parameters: | entry_point_name – entry point of the middleware (Swift only) |
---|---|
Returns: | a filter context |
Returns the first index of the given entry point name in the pipeline.
Raises ValueError if the given module is not in the pipeline.
Inserts a filter module into the pipeline context.
Parameters: |
|
---|
Tests if the pipeline starts with the given entry point name.
Parameters: | entry_point_name – entry point of middleware or app (Swift only) |
---|---|
Returns: | True if entry_point_name is first in pipeline, False otherwise |
Bases: object
A helper class for ServersPerPortStrategy to track listen sockets and PIDs for each port.
Parameters: |
|
---|
Yield all current listen sockets.
Idempotently forget a PID. It’s okay if the PID is no longer in our data structure (it could have been removed by the “orphan port” removal in new_worker_socks()).
Parameters: | pid (int) – The PID which exited. |
---|
Idempotently forget a port, closing the listen socket at most once.
Return True if the specified port is not being tracked.
Parameters: | port (int) – A port to check. |
---|
Parameters: | sock (socket) – A tracked bound listen socket |
---|---|
Returns: | The port the socket is bound to. |
Returns current (port, server index) pairs.
Returns: | A set of (port, server_idx) tuples for currently-tracked ports, sockets, and PIDs. |
---|
Parameters: | port (int) – The port whose socket is desired. |
---|---|
Returns: | The bound listen socket for the given port. |
Start tracking servers for the given port and listen socket.
Parameters: |
|
---|
Bases: eventlet.greenpool.GreenPool
Works the same as GreenPool, but if the size is specified as one, then the spawn_n() method will invoke waitall() before returning to prevent the caller from doing any other work (like calling accept()).
Bases: object
WSGI server management strategy object for an object-server with one listen port per unique local port in the storage policy rings. The servers_per_port integer config setting determines how many workers are run per port.
Used in run_wsgi().
Parameters: |
|
---|
Bind one listen socket per unique local storage policy ring port. Then do all the work of drop_privileges except the actual dropping of privileges (each forked-off worker will do that post-fork in post_fork_hook()).
Log a server’s exit.
Return timeout before checking for reloaded rings.
Returns: | The time to wait for a child to exit before checking for reloaded rings (new ports). |
---|
Yield a sequence of (socket, server_idx) tuples for each server which should be forked-off and started.
Any sockets for “orphaned” ports no longer in any ring will be closed (causing their associated workers to gracefully exit) after all new sockets have been yielded.
The server_idx item for each socket will passed into the log_sock_exit() and register_worker_start() methods.
This strategy does not support running in the foreground.
Called in each child process, prior to starting the actual wsgi server, to drop privileges.
Called when a worker has exited.
Parameters: | pid (int) – The PID of the worker that exited. |
---|
Called when a new worker is started.
Parameters: |
|
---|
Shutdown any listen sockets.
Bases: object
This class provides a means to provide context (scope) for a middleware filter to have access to the wsgi start_response results like the request status and headers.
Bases: object
WSGI server management strategy object for a single bind port and listen socket shared by a configured number of forked-off workers.
Used in run_wsgi().
Parameters: |
|
---|
Bind the one listen socket for this strategy and drop privileges (since the parent process will never need to bind again).
Log a server’s exit.
Parameters: |
|
---|
We want to keep from busy-waiting, but we also need a non-None value so the main loop gets a chance to tell whether it should keep running or not (e.g. SIGHUP received).
So we return 0.5.
Yield a sequence of (socket, opqaue_data) tuples for each server which should be forked-off and started.
The opaque_data item for each socket will passed into the log_sock_exit() and register_worker_start() methods where it will be ignored.
Return a server listen socket if the server should run in the foreground (no fork).
Perform any initialization in a forked-off child process prior to starting the wsgi server.
Called when a worker has exited.
Parameters: | pid (int) – The PID of the worker that exited. |
---|
Called when a new worker is started.
Parameters: |
|
---|
Shutdown any listen sockets.
Bind socket to bind ip:port in conf
Parameters: | conf – Configuration dict to read settings from |
---|---|
Returns: | a socket object as returned from socket.listen or ssl.wrap_socket if conf specifies cert_file |
Loads common settings from conf Sets the logger Loads the request processor
Parameters: |
|
---|---|
Returns: | the loaded application entry point |
Raises ConfigFileError: | |
Exception is raised for config file error |
Loads a context from a config file, and if the context is a pipeline then presents the app with the opportunity to modify the pipeline.
Returns a new fresh WSGI environment.
Parameters: |
|
---|---|
Returns: | Fresh WSGI environment. |
Same as make_env() but with preauthorization.
Same as make_subrequest() but with preauthorization.
Makes a new swob.Request based on the current env but with the parameters specified.
Parameters: |
|
---|---|
Returns: | Fresh swob.Request object. |
mimetools.Message defaults content-type to “text/plain” This changes it to default to None, so we can detect missing headers.
Create a property accessor for the given name. The property will dig through the bound instance on which it was accessed for an attribute “app” and check that object for an attribute of the given name. If the “app” object does not have such an attribute, it will look for an attribute “app” on THAT object and continue it’s search from there. If the named attribute cannot be found accessing the property will raise AttributeError.
If a default kwarg is provided you get that instead of the AttributeError. When found the attribute will be cached on instance with the property accessor using the same name as the attribute prefixed with a leading underscore.
Runs the server according to some strategy. The default strategy runs a specified number of workers in pre-fork model. The object-server (only) may use a servers-per-port strategy if its config has a servers_per_port setting with a value greater than zero.
Parameters: |
|
---|---|
Returns: | 0 if successful, nonzero otherwise |
Wrap a function whos first argument is a paste.deploy style config uri, such that you can pass it an un-adorned raw filesystem path (or config string) and the config directive (either config:, config_dir:, or config_str:) will be added automatically based on the type of entity (either a file or directory, or if no such entity on the file system - just a string) before passing it through to the paste.deploy function.
Bases: object
Represents a storage policy. Not meant to be instantiated directly; implement a derived subclasses (e.g. StoragePolicy, ECStoragePolicy, etc) or use reload_storage_policies() to load POLICIES from swift.conf.
The object_ring property is lazy loaded once the service’s swift_dir is known via get_object_ring(), but it may be over-ridden via object_ring kwarg at create time for testing or actively loaded with load_ring().
Adds an alias name to the storage policy. Shouldn’t be called directly from the storage policy but instead through the storage policy collection class, so lookups by name resolve correctly.
Parameters: | name – a new alias for the storage policy |
---|
Changes the primary/default name of the policy to a specified name.
Parameters: | name – a string name to replace the current primary name. |
---|
Return the info dict and conf file options for this policy.
Parameters: | config – boolean, if True all config options are returned |
---|
Load the ring for this policy immediately.
Parameters: | swift_dir – path to rings |
---|
Number of successful backend requests needed for the proxy to consider the client request successful.
Decorator for Storage Policy implementations to register their StoragePolicy class. This will also set the policy_type attribute on the registered implementation.
Removes an alias name from the storage policy. Shouldn’t be called directly from the storage policy but instead through the storage policy collection class, so lookups by name resolve correctly. If the name removed is the primary name then the next available alias will be adopted as the new primary name.
Parameters: | name – a name assigned to the storage policy |
---|
Bases: swift.common.storage_policy.BaseStoragePolicy
Represents a storage policy of type ‘erasure_coding’.
Not meant to be instantiated directly; use reload_storage_policies() to load POLICIES from swift.conf.
This short hand form of the important parts of the ec schema is stored in Object System Metadata on the EC Fragment Archives for debugging.
Maximum length of a fragment, including header.
NB: a fragment archive is a sequence of 0 or more max-length fragments followed by one possibly-shorter fragment.
Load the ring for this policy immediately.
Parameters: | swift_dir – path to rings |
---|
Number of successful backend requests needed for the proxy to consider the client request successful.
The quorum size for EC policies defines the minimum number of data + parity elements required to be able to guarantee the desired fault tolerance, which is the number of data elements supplemented by the minimum number of parity elements required by the chosen erasure coding scheme.
For example, for Reed-Solomon, the minimum number parity elements required is 1, and thus the quorum_size requirement is ec_ndata + 1.
Given the number of parity elements required is not the same for every erasure coding scheme, consult PyECLib for min_parity_fragments_needed()
Bases: swift.common.storage_policy.BaseStoragePolicy
Represents a storage policy of type ‘replication’. Default storage policy class unless otherwise overridden from swift.conf.
Not meant to be instantiated directly; use reload_storage_policies() to load POLICIES from swift.conf.
Bases: object
This class represents the collection of valid storage policies for the cluster and is instantiated as StoragePolicy objects are added to the collection when swift.conf is parsed by parse_storage_policies().
When a StoragePolicyCollection is created, the following validation is enforced:
Adds a new name or names to a policy
Parameters: |
|
---|
Changes the primary or default name of a policy. The new primary name can be an alias that already belongs to the policy or a completely new name.
Parameters: |
|
---|
Find a storage policy by its index.
An index of None will be treated as 0.
Parameters: | index – numeric index of the storage policy |
---|---|
Returns: | storage policy, or None if no such policy |
Find a storage policy by its name.
Parameters: | name – name of the policy |
---|---|
Returns: | storage policy, or None |
Get the ring object to use to handle a request based on its policy.
An index of None will be treated as 0.
Parameters: |
|
---|---|
Returns: | appropriate ring object |
Build info about policies for the /info endpoint
Returns: | list of dicts containing relevant policy information |
---|
Removes a name or names from a policy. If the name removed is the primary name then the next available alias will be adopted as the new primary name.
Parameters: | aliases – arbitrary number of existing policy names to remove. |
---|
Bases: object
An instance of this class is the primary interface to storage policies exposed as a module level global named POLICIES. This global reference wraps _POLICIES which is normally instantiated by parsing swift.conf and will result in an instance of StoragePolicyCollection.
You should never patch this instance directly, instead patch the module level _POLICIES instance so that swift code which imported POLICIES directly will reference the patched StoragePolicyCollection.
Helper function to construct a string from a base and the policy. Used to encode the policy index into either a file name or a directory name by various modules.
Parameters: |
|
---|---|
Returns: | base name with policy index added |
Raises: | PolicyError if no policy exists with the given policy_index |
Parse storage policies in swift.conf - note that validation is done when the StoragePolicyCollection is instantiated.
Parameters: | conf – ConfigParser parser object for swift.conf |
---|
Reload POLICIES from swift.conf.
Helper function to convert a string representing a base and a policy. Used to decode the policy from either a file name or a directory name by various modules.
Parameters: | policy_string – base name with policy index added |
---|---|
Raises: | PolicyError if given index does not map to a valid policy |
Returns: | a tuple, in the form (base, policy) where base is the base string and policy is the StoragePolicy instance for the index encoded in the policy_string. |