YETI client user guide

The YETI client is a Python script named yeti.py which provides both a GUI and a CLI for interacting with the OpenStack Swift object storage system installed on the EURECOM’s YETI server. It allows you to manipulate containers and objects, including editing of metadata, access control lists and quotas.

Prerequisites

  • Python 3.11 or better.
  • requests library: Install using pip install requests.
  • openstacksdk library: Install using pip install openstacksdk.
  • PySimpleGUI library: Install using pip install PySimpleGUI (optional if GUI is not used).

It was developed on Linux but should also work on macOS and Windows.

Installation

Copy the yeti-client directory somewhere on the machine where you want to use the YETI client.

Configuration

Before running the script, make sure to have a yeti.json file with the appropriate connection information. The configuration file should contain at least the following fields:

  • username : user name.
  • password : user password.
  • project_id: ID of the project to log into.

Access will only be granted if both the user authentication is correct and he actually has rights to access the provided project.

Please note that you have to provide the project id, not the project name.

If you have to deal with several projects, then you can create a yeti.json file with another name (for instance yeti-myproject.json) and use the argument --configuration-file yeti-myproject.json to use it instead of the default yeti.json file (see Usage section for more details about arguments).

Advanced users may also set the following optional fields:

  • url : URL of the YETI server (defaults to “http://yeti.ds.eurecom.fr”).
  • auth_port: Authentication port (defaults to “35357”).
  • data_port: Data port (defaults to “8080”).
  • domain_id: Swift domain ID (defaults to “default”).

Usage

  1. Double check that the json configuration file is properly set.
  2. Run the YETI client using Python: python3 yeti.py or directly ./yeti.py.

By default the YETI client is using the yeti.json configuration file located in the same directory. Use use the argument --configuration-file to manually specify a different configuration file.

Also, by default, the GUI is used. Use the argument --help for more information about usage from CLI.

Please note that if the GUI gives you a full control over containers and objects and let you manager their metadata and access control list, the server and project info, as well as project metadata and access control list can only be manipulated from CLI.

Access control lists

If you are member of a project, you can grant access to some of your containers and objects to users which are not part of the project. It is done using an access control list (acl) which is attached either to containers or to objects. ACL can be manipulated from both the GUI and the CLI (using command container-set-access-control-list and --object-set-access-control-list and their related arguments)

ACL can be relative to user names, to groups or to roles. It is advised to use roles since it is the most versatile way to configure acl. You will find all information about it here: https://docs.openstack.org/swift/latest/overview_acl.html

When an acl is configured for a container, then the allowed roles will have access to the objects it contains. Access can be granted for writing, for reading or both. Please note that a user having access to a container will not be able to access the list of the container to the related project; he is not part of the project itself. Then, he shall know the name of the container to actually access it. He will be able to access the list of the object within this container.

When an acl is configured for an object, only this object will be made accessible according to the granted rights. Please note that a user having access to an object will not be able to access the list of the objects or the container to the related project; he is not part of the project itself. Then, he shall know both the name of the container and the object to actually access it.

Quotas

If you are member of a project, you can set some quotas to restrict contents of containers.

It exists two types of quotas:

  • count quotas: to limit the number of objects in a container.
  • bytes quotas: to limit the size of all the objects in container.

Count and bytes quotas can be used separately or mixed together. Once defined, those quota limits apply to all users of the container. Quotas can be manipulated from both the GUI and the CLI (using command container-set-quota and its related arguments)

Examples

Containers

  • ./yeti.py container-list
  • ./yeti.py container-create --destination-container-name TestContainer

Objects

  • ./yeti.py object-list --source-container-name TestContainer
  • ./yeti.py object-store --destination-container-name TestContainer --destination-object-name TestObject --source-local-file-name /path/to/source_file
  • ./yeti.py object-retrieve --source-container-name TestContainer --source-object-name TestObject --destination-local-file-name /path/to/destination_file

Written By

Philippe Rimauro