On 02/09/2016 04:07 PM, Yehuda Sadeh-Weinraub wrote:
On Tue, Feb 9, 2016 at 5:15 AM, Jacek Jarosiewicz
<jjarosiewicz@xxxxxxxxxxxxx> wrote:
Hi list,
My setup is: ceph 0.94.5, ubuntu 14.04, tengine (patched nginx).
I'm trying to migrate from our old file storage (MogileFS) to the new ceph
radosgw. The problem is that the old storage had no access control - no
authorization, so the access to read and/or write was controlled by the web
server (ie per IP/network).
I want to keep the clients using old storage, but get rid of the MogileFS so
I don't have to maintain two different storage solutions.
Basically MogileFS http API is similar to S3, except for the authorization
part - so the methods are the same (PUT, GET, DELETE..).
I've created a bucket with public-read-write access and tried to connect
MogileFS client to it - the uploads work fine, and the files get acl
public-read so are readable, but they don't have an owner.
So after upload I can't manage them (ie modify acl) - I can only remove
objects.
Is there a way to force files that are uploaded anonymously to have an
owner? Is there a way maybe to have them inherit owner from the bucket?
Currently there's no way to change it. I'm not sure though that we're
doing the correct thing. Did you try it with Amazon S3 by any chance?
Hi,
No, I haven't. I've only been testing this with radosgw. But I think I
misspoke. I mean - the files upload OK, they have public-read-write
permissions, but no owner and I'm getting status=404 from the radosgw
when trying to access them. Nginx is set up to serve files either from
one backend (rados) or the other (mogile) - I think I didn't look
closely enough as to where the files were actually coming from, because
now I get only 404 from rados. The file permission xml looks like this:
root@cfgate01:~# radosgw-admin policy --bucket xxxx --object yyyyy
<AccessControlPolicy
xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><AccessControlList><Grant><Grantee
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="CanonicalUser"><ID></ID></Grantee><Permission>FULL_CONTROL</Permission></Grant><Grant><Grantee
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="Group"><URI>http://acs.amazonaws.com/groups/global/AllUsers</URI></Grantee><Permission>READ</Permission></Grant><Grant><Grantee
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="Group"><URI>http://acs.amazonaws.com/groups/global/AllUsers</URI></Grantee><Permission>WRITE</Permission></Grant></AccessControlList></AccessControlPolicy>
J
--
Jacek Jarosiewicz
Administrator Systemów Informatycznych
----------------------------------------------------------------------------------------
SUPERMEDIA Sp. z o.o. z siedzibą w Warszawie
ul. Senatorska 13/15, 00-075 Warszawa
Sąd Rejonowy dla m.st.Warszawy, XII Wydział Gospodarczy Krajowego
Rejestru Sądowego,
nr KRS 0000029537; kapitał zakładowy 42.756.000 zł
NIP: 957-05-49-503
Adres korespondencyjny: ul. Jubilerska 10, 04-190 Warszawa
----------------------------------------------------------------------------------------
SUPERMEDIA -> http://www.supermedia.pl
dostep do internetu - hosting - kolokacja - lacza - telefonia
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com