radosgw and keystone users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Hi,

I'm just deployed the ceph object gateway as an object storage in OpenStack. I've followed this doc to achieve the integration with Keystone:

http://docs.ceph.com/docs/master/radosgw/keystone/

"It is possible to integrate the Ceph Object Gateway with Keystone, the OpenStack identity service. This sets up the gateway to accept Keystone as the users authority. A user that Keystone authorizes to access the gateway will also be automatically created on the Ceph Object Gateway (if didn’t exist beforehand). A token that Keystone validates will be considered as valid by the gateway."

According to it, I was expecting that the keystone user was created in radosgw when it was authorized by a keystone token, but instead, what is created is the tenant id of the project that the user uses to manage his objects.

# radosgw-admin user stats --uid=db4d25b13eaa4645a180f564b3817e1c
{ "stats": { "total_entries": 1,
      "total_bytes": 24546,
      "total_bytes_rounded": 24576},
  "last_stats_sync": "2015-09-25 12:09:12.795775Z",
  "last_stats_update": "2015-09-28 11:58:43.422859Z"}

Being that "db4d25b13eaa4645a180f564b3817e1c" is the project id I'm using.

Is this the expected behavior and the doc pointed me in the wrong direction or I misconfigured something? Really, I prefer this behavior, because in this way I can set quotas on a project basis without worrying about the users, but I would like to know if the integration is Ok.

My rados setup:

[client.radosgw.gateway]
host = hostname
keyring = /etc/ceph/ceph.client.radosgw.keyring
rgw socket path = ""
log file = /var/log/radosgw/client.radosgw.gateway.log
rgw frontends = fastcgi socket_port=9000 socket_host=0.0.0.0
rgw print continue = false
rgw keystone url = "" href="http://clt-stackvip:5000">http://keystone_host:5000
rgw keystone admin token = _____________________
rgw keystone accepted roles = _member_, Member, admin
rgw s3 auth use keystone = true
nss db path = /var/ceph/nss


Ceph FireFly 0.80.10
OpenStack Juno
SO: Ubuntu 14.04

Best regards,
Xabier


_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]

  Powered by Linux