=?gb18030?b?u9i4tKO6ICBhYm91dCByZ3cgcmVnaW9uIHN5bmM=?=

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



 my access_key and secret keys are generated by the tool radosgw-admin with -gen-secret and --gen-access-key options before. I wrote down the keys and assigned it in step 5
------------------ 原始邮件 ------------------
发件人: "Karan Singh";<karan.singh@xxxxxx>;
发送时间: 2015年5月4日(星期一) 凌晨1:50
收件人: "TERRY"<316828252@xxxxxx>;
主题: Re: [ceph-users] about rgw region sync

Hello , a small question

In step 5 , how did you generate access_key and secret keys ?? Did you use any tool to generate it or any command ?

- Karan -

On 30 Apr 2015, at 08:27, TERRY <316828252@xxxxxx> wrote:

hi:
I am using the following script  to setup my cluster.
I upgrade  my radosgw-agent  from version 1.2.0 to 1.2.2-1. (1.2.0 will results a error!)
 
cat repeat.sh
#!/bin/bash
set -e
set -x
#1 create pools
sudo ./create_pools.sh
#2 create a keyring
sudo ceph-authtool --create-keyring /etc/ceph/ceph.client.radosgw.keyring
sudo chmod +r /etc/ceph/ceph.client.radosgw.keyring
sudo ceph-authtool /etc/ceph/ceph.client.radosgw.keyring -n client.radosgw.us-east-1 --gen-key
sudo ceph-authtool /etc/ceph/ceph.client.radosgw.keyring -n client.radosgw.us-west-1 --gen-key
sudo ceph-authtool -n client.radosgw.us-east-1 --cap osd 'allow rwx' --cap mon 'allow rwx' /etc/ceph/ceph.client.radosgw.keyring
sudo ceph-authtool -n client.radosgw.us-west-1 --cap osd 'allow rwx' --cap mon 'allow rwx' /etc/ceph/ceph.client.radosgw.keyring
sudo ceph -k /etc/ceph/ceph.client.admin.keyring auth del client.radosgw.us-east-1
sudo ceph -k /etc/ceph/ceph.client.admin.keyring auth del client.radosgw.us-west-1
sudo ceph -k /etc/ceph/ceph.client.admin.keyring auth add client.radosgw.us-east-1 -i /etc/ceph/ceph.client.radosgw.keyring
sudo ceph -k /etc/ceph/ceph.client.admin.keyring auth add client.radosgw.us-west-1 -i /etc/ceph/ceph.client.radosgw.keyring
# 3 create a region
sudo radosgw-admin region set --infile us.json --name client.radosgw.us-east-1
set +e
sudo rados -p .us.rgw.root rm region_info.default
set -e
sudo radosgw-admin region default --rgw-region=us --name client.radosgw.us-east-1
sudo radosgw-admin regionmap update --name client.radosgw.us-east-1
# try don't do it
sudo radosgw-admin region set --infile us.json --name client.radosgw.us-west-1
set +e
sudo rados -p .us.rgw.root rm region_info.default
set -e
sudo radosgw-admin region default --rgw-region=us --name client.radosgw.us-west-1
sudo radosgw-admin regionmap update --name client.radosgw.us-west-1
# 4 create zones
# try chanege us-east-no-secert.json file contents
sudo radosgw-admin zone set --rgw-zone=us-east --infile us-east-no-secert.json --name client.radosgw.us-east-1
sudo radosgw-admin zone set --rgw-zone=us-east --infile us-east-no-secert.json --name client.radosgw.us-west-1
sudo radosgw-admin zone set --rgw-zone=us-west --infile us-west-no-secert.json --name client.radosgw.us-east-1
sudo radosgw-admin zone set --rgw-zone=us-west --infile us-west-no-secert.json --name client.radosgw.us-west-1
set +e
sudo rados -p .rgw.root rm zone_info.default
set -e
sudo radosgw-admin regionmap update --name client.radosgw.us-east-1
# try don't do it
sudo radosgw-admin regionmap update --name client.radosgw.us-west-1
#5 Create Zone Users system user
sudo radosgw-admin user create --uid="us-east" --display-name="Region-US Zone-East" --name client.radosgw.us-east-1 --access_key="XNK0ST8WXTMWZGN29NF9" --secret="7VJm8uAp71xKQZkjoPZmHu4sACA1SY8jTjay9dP5" --system
sudo radosgw-admin user create --uid="us-west" --display-name="Region-US Zone-West" --name client.radosgw.us-west-1 --access_key="AAK0ST8WXTMWZGN29NF9" --secret="AAJm8uAp71xKQZkjoPZmHu4sACA1SY8jTjay9dP5" --system
sudo radosgw-admin user create --uid="us-east" --display-name="Region-US Zone-East" --name client.radosgw.us-west-1 --access_key="XNK0ST8WXTMWZGN29NF9" --secret="7VJm8uAp71xKQZkjoPZmHu4sACA1SY8jTjay9dP5" --system
sudo radosgw-admin user create --uid="us-west" --display-name="Region-US Zone-West" --name client.radosgw.us-east-1 --access_key="AAK0ST8WXTMWZGN29NF9" --secret="AAJm8uAp71xKQZkjoPZmHu4sACA1SY8jTjay9dP5" --system
#6 subuser create
#may create a user without --system?
sudo radosgw-admin subuser create --uid="us-east"  --subuser="us-east:swift" --access=full --name client.radosgw.us-east-1 --key-type swift --secret="7VJm8uAp71xKQZkjoPZmHu4sACA1SY8jTjay9dP5"
sudo radosgw-admin subuser create --uid="us-west"  --subuser="us-west:swift" --access=full --name client.radosgw.us-west-1 --key-type swift --secret="BBJm8uAp71xKQZkjoPZmHu4sACA1SY8jTjay9dP5"
sudo radosgw-admin subuser create --uid="us-east"  --subuser="us-east:swift" --access=full --name client.radosgw.us-west-1 --key-type swift --secret="7VJm8uAp71xKQZkjoPZmHu4sACA1SY8jTjay9dP5"
sudo radosgw-admin subuser create --uid="us-west"  --subuser="us-west:swift" --access=full --name client.radosgw.us-east-1 --key-type swift --secret="BBJm8uAp71xKQZkjoPZmHu4sACA1SY8jTjay9dP5"

#5.5 creat zone users not system user
sudo radosgw-admin user create --uid="us-test-east" --display-name="Region-US Zone-East-test" --name client.radosgw.us-east-1 --access_key="DDK0ST8WXTMWZGN29NF9" --secret="DDJm8uAp71xKQZkjoPZmHu4sACA1SY8jTjay9dP5"
sudo radosgw-admin user create --uid="us-test-west" --display-name="Region-US Zone-West-test" --name client.radosgw.us-west-1 --access_key="CCK0ST8WXTMWZGN29NF9" --secret="CCJm8uAp71xKQZkjoPZmHu4sACA1SY8jTjay9dP5"
sudo radosgw-admin user create --uid="us-test-east" --display-name="Region-US Zone-East-test" --name client.radosgw.us-west-1 --access_key="DDK0ST8WXTMWZGN29NF9" --secret="DDJm8uAp71xKQZkjoPZmHu4sACA1SY8jTjay9dP5"
sudo radosgw-admin user create --uid="us-test-west" --display-name="Region-US Zone-West-test" --name client.radosgw.us-east-1 --access_key="CCK0ST8WXTMWZGN29NF9" --secret="CCJm8uAp71xKQZkjoPZmHu4sACA1SY8jTjay9dP5"

#6 subuser create
#may create a user without --system?
sudo radosgw-admin subuser create --uid="us-test-east"  --subuser="us-test-east:swift" --access=full --name client.radosgw.us-east-1 --key-type swift --secret="ffJm8uAp71xKQZkjoPZmHu4sACA1SY8jTjay9dP5"
sudo radosgw-admin subuser create --uid="us-test-west"  --subuser="us-test-west:swift" --access=full --name client.radosgw.us-west-1 --key-type swift --secret="ggJm8uAp71xKQZkjoPZmHu4sACA1SY8jTjay9dP5"
sudo radosgw-admin subuser create --uid="us-test-east"  --subuser="us-test-east:swift" --access=full --name client.radosgw.us-west-1 --key-type swift --secret="ffJm8uAp71xKQZkjoPZmHu4sACA1SY8jTjay9dP5"
sudo radosgw-admin subuser create --uid="us-test-west"  --subuser="us-test-west:swift" --access=full --name client.radosgw.us-east-1 --key-type swift --secret="ggJm8uAp71xKQZkjoPZmHu4sACA1SY8jTjay9dP5"
 
====================
 
after all of those:
1)、I upload an object to an container on master zone  using the gateway instance us-east-1
command like this:
swift upload mycontaier testobj
2)、then I examin the objext by the gateway instacne us-east-1 using the command:
swift list
it could list the object
3)、I examin the object by the gateway instacne us-west-1 using the command:
 swift list
it could not list the object. there is no error!
4)、I sync the data use the command:
sudo radosgw-agent  -c ./ceph-data-sync.conf
5)、I examin the object by the gateway instacne us-west-1 again using the command:
swift list
there is an error!it said:
Auth GET failed: http://10.18.5.209/auth/1.0 403 Forbidden
 
 
my quesiton is:how cloud I access the object from the secondary zone?
 
 
 
 
 
 
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com

_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com

[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]


  Powered by Linux