Can you paste your ceph.conf file, rgw.conf file, s3gw.fcgi file and
your log file?
I'm trying to work out a reliable procedure for the S3 subdomain, and
ran into a a few issues.
On Tue, May 28, 2013 at 4:45 PM, Daniel Curran <danielcurran90@xxxxxxxxx> wrote:
> Hmm....it looks like maybe my issue is bigger than just the swift secret_key
> not showing up. I started using the other key that's provided under "keys"
> in the user map just to see if it works but I get 500's back. In my apache
> error log I get
>
> [Tue May 28 15:19:59 2013] [notice] Apache/2.2.22 (Ubuntu)
> mod_fastcgi/mod_fastcgi-SNAP-0910052141 configured -- resuming normal
> operations
> [Tue May 28 15:24:04 2013] [error] [client 192.168.1.100] (2)No such file or
> directory: FastCGI: failed to connect to server "/var/www/s3gw.fcgi":
> connect() failed
> [Tue May 28 15:24:04 2013] [error] [client 192.168.1.100] FastCGI:
> incomplete headers (0 bytes) received from server "/var/www/s3gw.fcgi"
>
> The errors pop up when I try to hit that endpoint. It's strange because it's
> owned by www-data which apache is using and has r/x permissions for
> everyone. I'm thinking maybe there's something wrong in my rewrite rule or
> with the s3gw.fcgi itself.
>
> rewrite rules:
> RewriteEngine On
> RewriteRule ^/([a-zA-Z0-9-_.]*)([/]?.*)
> /s3gw.fcgi?page=$1¶ms=$2&%{QUERY_STRING}
> [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
>
> contents of /var/www/s3gw.fcgi:
> #!/bin/sh
> exec /usr/bin/radosgw -c /etc/ceph/ceph.conf -n client.radosgw.gateway
>
>
>
>
>
>
>
>
>
> On Tue, May 28, 2013 at 11:39 AM, Daniel Curran <danielcurran90@xxxxxxxxx>
> wrote:
>>
>> Hey,
>>
>> I'll check see if I can get it going right now. Thanks for taking the time
>> to help out
>>
>> Daniel
>>
>>
>> On Sat, May 25, 2013 at 7:01 PM, John Wilkins <john.wilkins@xxxxxxxxxxx>
>> wrote:
>>>
>>> Daniel,
>>>
>>> I finished up the procedure this morning and put it up on the web. It
>>> seems to be working fine for me.
>>>
>>> On Fri, May 24, 2013 at 3:35 PM, John Wilkins <john.wilkins@xxxxxxxxxxx>
>>> wrote:
>>> > Daniel,
>>> >
>>> > I'm working on it. It did need a bit of a rewrite for ceph-deploy,
>>> > even though the steps are conceptually the same. In the step here:
>>> >
>>> >
>>> > http://ceph.com/docs/master/start/quick-rgw/#modify-the-ceph-configuration-file
>>> >
>>> > 1. The rewrite--not published yet, as I'm working out a few more
>>> > kinks--is to use the ceph-deploy version of the ceph conf file on the
>>> > admin node. So you make the modification to the configuration file
>>> > there; then, use "ceph-deploy config push" to push it to the server
>>> > host.
>>> >
>>> > 2. Create a directory is on the server node, as before.
>>> >
>>> > 3. The rewrite rule there is outside of the <VirtualHost> tags, and
>>> > there are two instances of <VirtualHost>. Remove the first end, and
>>> > second beginning of the </VirtualHost><VirtualHost *:80>, but leave
>>> > the rewrite rule. That was a bug. Sorry.
>>> >
>>> > 4. Then, create the keyring here:
>>> > http://ceph.com/docs/master/start/quick-rgw/#generate-a-keyring-and-key
>>> > It wouldn't have worked before, because you didn't have the right
>>> > keyring in /etc/ceph. The third step in that procedure says
>>> > ceph.keyring. That's no longer correct. By convention with
>>> > ceph-deploy, the key ring is ceph.client.admin.keyring.
>>> >
>>> > 5. http://ceph.com/docs/master/start/quick-rgw/#enable-ssl Do this
>>> > before creating the users if you want to use SSL.
>>> >
>>> > 6. Restart ceph, apache, and radosgw as the root user. Then, proceed
>>> > to creating a user.
>>> >
>>> > I'll add some examples when I get all the quirks ironed out so you can
>>> > just cut and paste.
>>> >
>>> > Regards,
>>> >
>>> >
>>> > John
>>> >
>>> >
>>> > On Fri, May 24, 2013 at 2:22 PM, Daniel Curran
>>> > <danielcurran90@xxxxxxxxx> wrote:
>>> >>
>>> >>
>>> >> ---------- Forwarded message ----------
>>> >> From: Daniel Curran <danielcurran90@xxxxxxxxx>
>>> >> Date: Fri, May 24, 2013 at 4:21 PM
>>> >> Subject: Re: RADOS Gateway Configuration
>>> >> To: John Wilkins <john.wilkins@xxxxxxxxxxx>
>>> >>
>>> >>
>>> >> Hey,
>>> >>
>>> >> I just finished the 5-minute quick start for rados that was given
>>> >> earlier
>>> >> but I get the same issue.
>>> >>
>>> >>
>>> >> { "user_id": "johndoe",
>>> >> "display_name": "John Doe",
>>> >> "email": "john@xxxxxxxxxxx",
>>> >> "suspended": 0,
>>> >> "max_buckets": 1000,
>>> >> "auid": 0,
>>> >> "subusers": [
>>> >> { "id": "johndoe:swift",
>>> >> "permissions": "full-control"}],
>>> >> "keys": [
>>> >> { "user": "johndoe",
>>> >> "access_key": "ZM3S10OX6SPBDPGZC19J",
>>> >> "secret_key": "AhZlWa1cLkff\/v0NLnMb7HGIAcPu3lMgM8CTKxey"}],
>>> >>
>>> >> "swift_keys": [
>>> >> { "user": "johndoe:swift",
>>> >> "secret_key": ""}],
>>> >> "caps": []}
>>> >>
>>> >> with no secret_key under "swift_keys" for me to pass along.
>>> >> Regenerating the
>>> >> keys doesn't do anything different. I've also tried using the
>>> >> secret_key
>>> >> under "keys" but that doesn't work either. Any thoughts?
>>> >>
>>> >>
>>> >> Thanks your help,
>>> >> Daniel
>>> >>
>>> >>
>>> >>
>>> >>
>>> >> On Thu, May 23, 2013 at 1:28 PM, John Wilkins
>>> >> <john.wilkins@xxxxxxxxxxx>
>>> >> wrote:
>>> >>>
>>> >>> It puts it in the same directory where you executed ceph-deploy.
>>> >>>
>>> >>> On Thu, May 23, 2013 at 10:57 AM, Daniel Curran
>>> >>> <danielcurran90@xxxxxxxxx> wrote:
>>> >>> > Hey John,
>>> >>> >
>>> >>> > Thanks for the reply. I'll check out that other doc you have there.
>>> >>> > Just
>>> >>> > for
>>> >>> > future reference do you know where ceph-deploy puts the ceph
>>> >>> > keyring?
>>> >>> >
>>> >>> > Daniel
>>> >>> >
>>> >>> >
>>> >>> > On Wed, May 22, 2013 at 7:19 PM, John Wilkins
>>> >>> > <john.wilkins@xxxxxxxxxxx>
>>> >>> > wrote:
>>> >>> >>
>>> >>> >> Daniel,
>>> >>> >>
>>> >>> >> It looks like I need to update that portion of the docs too, as it
>>> >>> >> links back to the 5-minute quick start. Once you are up and
>>> >>> >> running
>>> >>> >> with "HEALTH OK" on either the 5-minute Quick Start or Quick Ceph
>>> >>> >> Deploy, your storage cluster is running fine. The remaining issues
>>> >>> >> would likely be with authentication, chmod on the files, or with
>>> >>> >> the
>>> >>> >> RGW setup. There's a quick start for RGW, which I had verified
>>> >>> >> here:
>>> >>> >> http://ceph.com/docs/master/start/quick-rgw/. Someone else had a
>>> >>> >> problem with the Rewrite rule on that example reported here:
>>> >>> >> http://tracker.ceph.com/issues/4608. It's likely I need to run
>>> >>> >> through
>>> >>> >> with specific Ceph and Apache versions. There are also a few
>>> >>> >> additional tips in the configuration section.
>>> >>> >> http://ceph.com/docs/master/radosgw/config/
>>> >>> >>
>>> >>> >> There is an issue in some cases where keys have forward or
>>> >>> >> backslash
>>> >>> >> characters, and you may need to regenerate the keys.
>>> >>> >>
>>> >>> >>
>>> >>> >>
>>> >>> >> On Wed, May 22, 2013 at 4:42 PM, Daniel Curran
>>> >>> >> <danielcurran90@xxxxxxxxx>
>>> >>> >> wrote:
>>> >>> >> >
>>> >>> >> > Hello,
>>> >>> >> >
>>> >>> >> > I just started using ceph recently and was trying to get the
>>> >>> >> > RADOS
>>> >>> >> > Gateway
>>> >>> >> > working in order to use the Swift compatible API. I followed the
>>> >>> >> > install
>>> >>> >> > instructions found here (http://ceph.com/docs/master
>>> >>> >> > /start/quick-ceph-deploy/) and got to a point where "ceph
>>> >>> >> > health"
>>> >>> >> > give
>>> >>> >> > me
>>> >>> >> > HEALTH_OK. This is all well and good but near the end of the
>>> >>> >> > rados gw
>>> >>> >> > setup
>>> >>> >> > (found here http://ceph.com/docs/master/radosgw/manual-install/)
>>> >>> >> > I
>>> >>> >> > need
>>> >>> >> > to
>>> >>> >> > execute the following line:
>>> >>> >> >
>>> >>> >> > sudo ceph -k /etc/ceph/ceph.keyring auth add
>>> >>> >> > client.radosgw.gateway
>>> >>> >> > -i
>>> >>> >> > /etc/ceph/keyring.radosgw.gateway
>>> >>> >> >
>>> >>> >> > Unfortunately, I don't believe ceph-deploy places the keyring at
>>> >>> >> > /etc/ceph/ceph.keyring. I tried to use the one from
>>> >>> >> > /var/lib/ceph/bootstrap-osd/ceph.keyring but it was unable to
>>> >>> >> > authenticate
>>> >>> >> > as client.admin. Is there another location that the keyring
>>> >>> >> > needs to
>>> >>> >> > be
>>> >>> >> > copied from or am I doing something totally wrong?
>>> >>> >> >
>>> >>> >> > I didn't want to be held back so I restarted and did the manual
>>> >>> >> > install
>>> >>> >> > from
>>> >>> >> > the 5-minute quick start where I was able to find the ring. I
>>> >>> >> > had
>>> >>> >> > more
>>> >>> >> > issues almost immediately. I have to execute the following steps
>>> >>> >> > to
>>> >>> >> > create
>>> >>> >> > some users for swift:
>>> >>> >> >
>>> >>> >> > radosgw-admin user create --uid=johndoe --display-name="John
>>> >>> >> > Doe"
>>> >>> >> > --email=john@xxxxxxxxxxx
>>> >>> >> > sudo radosgw-admin subuser create --uid=johndoe
>>> >>> >> > --subuser=johndoe:swift
>>> >>> >> > --access=full
>>> >>> >> >
>>> >>> >> > sudo radosgw-admin key create --subuser=johndoe:swift
>>> >>> >> > --key-type=swift
>>> >>> >> >
>>> >>> >> > The first two gave me output I was expecting but the very last
>>> >>> >> > line
>>> >>> >> > had
>>> >>> >> > some
>>> >>> >> > weirdness that essentially made swift unusable. The expected
>>> >>> >> > output
>>> >>> >> > is
>>> >>> >> > something along these lines:
>>> >>> >> >
>>> >>> >> > { "user_id": "johndoe",
>>> >>> >> > "rados_uid": 0,
>>> >>> >> > "display_name": "John Doe",
>>> >>> >> > "email": "john@xxxxxxxxxxx",
>>> >>> >> > "suspended": 0,
>>> >>> >> > "subusers": [
>>> >>> >> > { "id": "johndoe:swift",
>>> >>> >> > "permissions": "full-control"}],
>>> >>> >> > "keys": [
>>> >>> >> > { "user": "johndoe",
>>> >>> >> > "access_key": "QFAMEDSJP5DEKJO0DDXY",
>>> >>> >> > "secret_key":
>>> >>> >> > "iaSFLDVvDdQt6lkNzHyW4fPLZugBAI1g17LO0+87"}],
>>> >>> >> > "swift_keys": [
>>> >>> >> > { "user": "johndoe:swift",
>>> >>> >> > "secret_key":
>>> >>> >> > "E9T2rUZNu2gxUjcwUBO8n\/Ev4KX6\/GprEuH4qhu1"}]}
>>> >>> >> >
>>> >>> >> > Where that last secret key is what we hand the swift CLI as seen
>>> >>> >> > here:
>>> >>> >> >
>>> >>> >> > swift -V 1.0 -A http://radosgw.example.com/auth -U johndoe:swift
>>> >>> >> > -K
>>> >>> >> > E9T2rUZNu2gxUjcwUBO8n\/Ev4KX6\/GprEuH4qhu1 post test
>>> >>> >> >
>>> >>> >> > However, my output came out like this:
>>> >>> >> >
>>> >>> >> > { "user_id": "johndoe",
>>> >>> >> > "display_name": "John Doe",
>>> >>> >> > "email": "john@xxxxxxxxxxx",
>>> >>> >> > "suspended": 0,
>>> >>> >> > "max_buckets: 1000,
>>> >>> >> > "auid": 0,
>>> >>> >> > "subusers": [
>>> >>> >> > { "id": "johndoe:swift",
>>> >>> >> > "permissions": "full-control"}],
>>> >>> >> > "keys": [
>>> >>> >> > { "user": "johndoe",
>>> >>> >> > "access_key": "SUEXWVL3WB2Z64CRAG97",
>>> >>> >> > "secret_key":
>>> >>> >> > "C\/jHFJ3wdPv4iJ+aq4JeZ52LEC3OdnhsYEnVkhBP"}],
>>> >>> >> > "swift_keys": [
>>> >>> >> > { "user": "johndoe:swift",
>>> >>> >> > "secret_key": ""}],
>>> >>> >> > "caps": []}
>>> >>> >> >
>>> >>> >> >
>>> >>> >> > Giving me no swift key to use. I don't believe the key is
>>> >>> >> > supposed to
>>> >>> >> > be
>>> >>> >> > blank because I tried that and received auth errors (to the best
>>> >>> >> > of
>>> >>> >> > my
>>> >>> >> > ability). I can't tell if this is my fault since I'm new nor am
>>> >>> >> > I
>>> >>> >> > able
>>> >>> >> > to
>>> >>> >> > find a way around it. It looks like there are definitely changes
>>> >>> >> > between
>>> >>> >> > the
>>> >>> >> > version used in the doc and mine so maybe it's all working as it
>>> >>> >> > should
>>> >>> >> > but
>>> >>> >> > the secret_key for swift lives somewhere else. If anyone knows
>>> >>> >> > anything
>>> >>> >> > I'd
>>> >>> >> > appreciate it a lot.
>>> >>> >> >
>>> >>> >> > Thank you,
>>> >>> >> > Daniel
>>> >>> >> >
>>> >>> >> >
>>> >>> >> >
>>> >>> >> > _______________________________________________
>>> >>> >> > ceph-users mailing list
>>> >>> >> > ceph-users@xxxxxxxxxxxxxx
>>> >>> >> > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>>> >>> >> >
>>> >>> >>
>>> >>> >>
>>> >>> >>
>>> >>> >> --
>>> >>> >> John Wilkins
>>> >>> >> Senior Technical Writer
>>> >>> >> Intank
>>> >>> >> john.wilkins@xxxxxxxxxxx
>>> >>> >> (415) 425-9599
>>> >>> >> http://inktank.com
>>> >>> >
>>> >>> >
>>> >>>
>>> >>>
>>> >>>
>>> >>> --
>>> >>> John Wilkins
>>> >>> Senior Technical Writer
>>> >>> Intank
>>> >>> john.wilkins@xxxxxxxxxxx
>>> >>> (415) 425-9599
>>> >>> http://inktank.com
>>> >>
>>> >>
>>> >>
>>> >
>>> >
>>> >
>>> > --
>>> > John Wilkins
>>> > Senior Technical Writer
>>> > Intank
>>> > john.wilkins@xxxxxxxxxxx
>>> > (415) 425-9599
>>> > http://inktank.com
>>>
>>>
>>>
>>> --
>>> John Wilkins
>>> Senior Technical Writer
>>> Intank
>>> john.wilkins@xxxxxxxxxxx
>>> (415) 425-9599
>>> http://inktank.com
>>
>>
>
--
John Wilkins
Senior Technical Writer
Intank
john.wilkins@xxxxxxxxxxx
(415) 425-9599
http://inktank.com
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
