Hi,
--
I am having problems accessing rados gateway using swift interface.
I am using ceph firefly version and have configured a "us" region as explained in the docs.
There are two zones "us-east" and "us-west".
us-east gateway is running on host ceph-node-1 and us-west gateway is running on host ceph-node-2.
Here is the output when i try to connect with swift interface.
user1@ceph-node-4:~$ swift -A http://ceph-node-1/auth -U "useast:swift" -K "FmQYYbzly4RH+PmNlrWA3ynN+eJrayYXzeISGDSw" --debug stat
INFO:urllib3.connectionpool:Starting new HTTP connection (1): ceph-node-1
DEBUG:urllib3.connectionpool:Setting read timeout to <object object at 0x7f45834a7090>
DEBUG:urllib3.connectionpool:"GET /auth HTTP/1.1" 403 23
INFO:swiftclient:REQ: curl -i http://ceph-node-1/auth -X GET
INFO:swiftclient:RESP STATUS: 403 Forbidden
INFO:swiftclient:RESP HEADERS: [('date', 'Tue, 11 Nov 2014 12:30:58 GMT'), ('accept-ranges', 'bytes'), ('content-type', 'application/json'), ('content-length', '23'), ('server', 'Apache/2.2.22 (Ubuntu)')]
INFO:swiftclient:RESP BODY: {"Code":"AccessDenied"}
ERROR:swiftclient:Auth GET failed: http://ceph-node-1/auth 403 Forbidden
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/swiftclient/client.py", line 1181, in _retry
self.url, self.token = self.get_auth()
File "/usr/lib/python2.7/dist-packages/swiftclient/client.py", line 1155, in get_auth
insecure=self.insecure)
File "/usr/lib/python2.7/dist-packages/swiftclient/client.py", line 318, in get_auth
insecure=insecure)
File "/usr/lib/python2.7/dist-packages/swiftclient/client.py", line 241, in get_auth_1_0
http_reason=resp.reason)
ClientException: Auth GET failed: http://ceph-node-1/auth 403 Forbidden
Auth GET failed: http://ceph-node-1/auth 403 Forbidden
The region map is as follows.
vinod@ceph-node-1:~$ radosgw-admin region get --name=client.radosgw.us-east-1
{ "name": "us",
"api_name": "us",
"is_master": "true",
"endpoints": [],
"master_zone": "us-east",
"zones": [
{ "name": "us-east",
"endpoints": [
"http:\/\/ceph-node-1:80\/"],
"log_meta": "true",
"log_data": "true"},
{ "name": "us-west",
"endpoints": [
"http:\/\/ceph-node-2:80\/"],
"log_meta": "true",
"log_data": "true"}],
"placement_targets": [
{ "name": "default-placement",
"tags": []}],
"default_placement": "default-placement"}
The user info is follows.
vinod@ceph-node-1:~$ radosgw-admin user info --uid=useast --name=client.radosgw.us-east-1
{ "user_id": "useast",
"display_name": "Region-US Zone-East",
"email": "",
"suspended": 0,
"max_buckets": 1000,
"auid": 0,
"subusers": [
{ "id": "useast:swift",
"permissions": "full-control"}],
"keys": [
{ "user": "useast",
"access_key": "45BEF1XQ3Z94B0LIBTLX",
"secret_key": "123"},
{ "user": "useast:swift",
"access_key": "WF2QYTY0LDN66CHJ8JSE",
"secret_key": ""}],
"swift_keys": [
{ "user": "useast:swift",
"secret_key": "FmQYYbzly4RH+PmNlrWA3ynN+eJrayYXzeISGDSw"}],
"caps": [],
"op_mask": "read, write, delete",
"system": "true",
"default_placement": "",
"placement_tags": [],
"bucket_quota": { "enabled": false,
"max_size_kb": -1,
"max_objects": -1},
"user_quota": { "enabled": false,
"max_size_kb": -1,
"max_objects": -1},
"temp_url_keys": []}
Contents of rgw-us-east.conf file is as follows.
vinod@ceph-node-1:~$ cat /etc/apache2/sites-enabled/rgw-us-east.conf
FastCgiExternalServer /var/www/s3gw.fcgi -socket /var/run/ceph/client.radosgw.us-east-1.sock
<VirtualHost *:80>
ServerName ceph-node-1
ServerAdmin vinvinod@xxxxxxxxx
DocumentRoot /var/www
RewriteEngine On
RewriteRule ^/(.*) /s3gw.fcgi?%{QUERY_STRING} [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
<IfModule mod_fastcgi.c>
<Directory /var/www>
Options +ExecCGI
AllowOverride All
SetHandler fastcgi-script
Order allow,deny
Allow from all
AuthBasicAuthoritative Off
</Directory>
</IfModule>
AllowEncodedSlashes On
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
ServerSignature Off
</VirtualHost>
Can someone point out to me where am i doing wrong?
Vinod
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
