It’s no secret that our object storage system, Orbit, runs Openstack Swift under the hood. The Openstack Swift storage API is widely supported so it’s easy to integrate Orbit into your systems and applications.
And as of today, we now support the Swift v3 keystone authentication API, which widens support further. Here’s a few examples:
swift’s own CLI tool obviously works nicely:
$ swift --os-auth-url https://orbit.brightbox.com --auth-version 3 --os-project-name acc-xxxxx --os-username jason.null@brightbox.com --os-password passwordhere listrestic is a tool which will manage encrypted deduplicated backups for you while handle things like retention periods etc.
$ OS_AUTH_URL=https://orbit.brightbox.com/v3 OS_USERNAME=jason.null@brightbox.com OS_PASSWORD=passwordhere OS_PROJECT_NAME=acc-xxxxx restic -r swift:mybackups:/ backup recipes
enter password for repository: ******************
repository 74e435a9 opened successfully, password is correct
no parent snapshot found, will read all files
Files: 27485 new, 0 changed, 0 unmodified
Dirs: 4291 new, 0 changed, 0 unmodified
Added to the repo: 423.645 MiB
processed 27485 files, 575.490 MiB in 2:48
snapshot 49e71f99 savedrclone is an amazing tool: it’s basically rsync but works
with remote storage APIs too, including Orbit. It still uses the tenant
terminology rather than the newer project but it works fine:
$ rclone --swift-auth https://orbit.brightbox.com/v3 --swift-tenant acc-xxxxx --swift-user jason.null@brightbox.com --swift-key passwordhere lsd :swift:cyberduck is graphical client with support for various storage backends, including Swift:
The activestorage-openstack gem brings Swift support to Ruby/Rails applications and uses v3 auth by default. You’ll want to use API client credentials here, not user credentials, and you’ll need to create a temp url key for the container too:
in config/storage.yml:
brightbox:
service: OpenStack
container: myfiles
credentials:
openstack_auth_url: https://orbit.brightbox.com
openstack_username: cli-xxxxx
openstack_api_key: keyhere
openstack_project_name: acc-xxxxx
openstack_region: gb1
openstack_temp_url_key: tempurlkeyThese examples use user authentication. If your user has two factor authentication enabled then you’ll need to use an access token in place of your password, which you can obtain using the brightbox command line tool:
$ brightbox token create
access_token: 286755fad04869ca523320acce0dc6a4
refresh_token: 10b222970537b97919db36ec757370d2
token_type: BearerUsers can belong to several accounts, so you specify which account you want to
work with using the project parameter (sometimes referred to as tenant).
You can also authenticate using API client
credentials which can also be
used to restrict access to specific containers, and control read/write
privileges - perfect for using with automated systems. API Clients only every
belong to one account, but you still need to specify the project parameter
when using them.
To try out Orbit, you can sign up in a minute and get £50 free credit. After that, you just pay per gigabyte.