Re: RGW AWS4 issue.

Khang Nguyễn Nhật <nguyennhatkhang2704@xxxxxxxxx> · Mon, 30 May 2016 08:48:45 +0700

Thank Yehuda !
I tried to make:
s3.create_bucket (// Bucket = 'image', CreateBucketConfiguration = { 'LocationConstraint': ''} //),
s3.create_bucket (// Bucket = 'image', CreateBucketConfiguration = { 'LocationConstraint': '""'} //),
s3.create_bucket (// Bucket = 'image', //) # no LocationConstraint
But they all returned HTTP/1.1 400 Bad Request, here are the results I have when using ngrep in RGW:
CLI: ngrep -lq -t port 8888  -W byline -d eth0
--------------------
Request:
T 2016/05/30 08:37:06.572958 x.x.x.x:55668 -> x.x.x.x:8888 [AP]
PUT /image HTTP/1.1.
Host: x.x.x.x:8888.
Accept-Encoding: identity.
X-Amz-Content-SHA256: 80520b2b573177f05f6db633afa0d5bbb6900d10807b2cc0786ce75a85577acf.
Content-Length: 125.
x-amz-acl: public-read-write.
x-amz-grant-full-control: image.
User-Agent: Boto3/1.3.1 Python/2.7.5 Linux/3.10.0-327.10.1.el7.x86_64 Botocore/1.4.24.
X-Amz-Date: 20160530T013706Z.
Authorization: AWS4-HMAC-SHA256 Credential=AEVU2WGDL03NI76H893F/20160530/default/s3/aws4_request, SignedHeaders=host;x-amz-acl;x-amz-content-sha256;x-amz-date;x-amz-grant-full-control, Signature=cc83e058786f8e021502e892da91ed9a4d2c10a42b353fd357f6596e1bd6a778.
.
<CreateBucketConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><LocationConstraint />...</CreateBucketConfiguration>

Respone:
T 2016/05/30 08:37:06.574290 x.x.x.x:8888 -> x.x.x.x:55668 [AP]
HTTP/1.1 400 Bad Request.
x-amz-request-id: tx00000000000000000001d-00574b9942-6304-default.
Content-Length: 217.
Accept-Ranges: bytes.
Content-Type: application/xml.
Date: Mon, 30 May 2016 01:37:06 GMT.
.

T 2016/05/30 08:37:06.614104 x.x.x.x:8888 -> x.x.x.x:55668 [AP]
<?xml version="1.0" encoding="UTF-8"?><Error><Code>InvalidRequest</Code><BucketName>image</BucketName><RequestId>tx00000000000000000001d-00574b9942-6304-default</RequestId><HostId>6304-default-default</HostId></Error>

2016-05-30 8:46 GMT+07:00 Khang Nguyễn Nhật <nguyennhatkhang2704@xxxxxxxxx>:
Thank Yehuda !
I tried to make:
s3.create_bucket (// Bucket = 'image', CreateBucketConfiguration = { 'LocationConstraint': ''} //),
s3.create_bucket (// Bucket = 'image', CreateBucketConfiguration = { 'LocationConstraint': '""'} //),
s3.create_bucket (// Bucket = 'image', //) # no LocationConstraint
But they all returned HTTP/1.1 400 Bad Request, here are the results I have when using ngrep in RGW:
CLI: ngrep -lq -t port 8888  -W byline -d eth0
--------------------
Request:
T 2016/05/30 08:37:06.572958 x.x.x.x:55668 -> x.x.x.x:8888 [AP]
PUT /image HTTP/1.1.
Host: x.x.x.x:8888.
Accept-Encoding: identity.
X-Amz-Content-SHA256: 80520b2b573177f05f6db633afa0d5bbb6900d10807b2cc0786ce75a85577acf.
Content-Length: 125.
x-amz-acl: public-read-write.
x-amz-grant-full-control: image.
User-Agent: Boto3/1.3.1 Python/2.7.5 Linux/3.10.0-327.10.1.el7.x86_64 Botocore/1.4.24.
X-Amz-Date: 20160530T013706Z.
Authorization: AWS4-HMAC-SHA256 Credential=AEVU2WGDL03NI76H893F/20160530/default/s3/aws4_request, SignedHeaders=host;x-amz-acl;x-amz-content-sha256;x-amz-date;x-amz-grant-full-control, Signature=cc83e058786f8e021502e892da91ed9a4d2c10a42b353fd357f6596e1bd6a778.
.
<CreateBucketConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><LocationConstraint />...</CreateBucketConfiguration>

Respone:
T 2016/05/30 08:37:06.574290 x.x.x.x:8888 -> x.x.x.x:55668 [AP]
HTTP/1.1 400 Bad Request.
x-amz-request-id: tx00000000000000000001d-00574b9942-6304-default.
Content-Length: 217.
Accept-Ranges: bytes.
Content-Type: application/xml.
Date: Mon, 30 May 2016 01:37:06 GMT.
.

T 2016/05/30 08:37:06.614104 x.x.x.x:8888 -> x.x.x.x:55668 [AP]
<?xml version="1.0" encoding="UTF-8"?><Error><Code>InvalidRequest</Code><BucketName>image</BucketName><RequestId>tx00000000000000000001d-00574b9942-6304-default</RequestId><HostId>6304-default-default</HostId></Error>

2016-05-30 1:30 GMT+07:00 Yehuda Sadeh-Weinraub <yehuda@xxxxxxxxxx>:
On Sun, May 29, 2016 at 11:13 AM, Khang Nguyễn Nhật

<nguyennhatkhang2704@xxxxxxxxx> wrote:

> Hi,

> I'm having problems with AWS4 in the CEPH Jewel when interact with the

> bucket, object.

> First I will talk briefly about my cluster. My cluster is used CEPH Jewel

> v10.2.1, including: 3 OSD, 2 monitors and 1 RGW.

> - Information in zonegroup:

> CLI: radosgw-admin zone list. (CLI is comand line)

> read_default_id : 0

> {

>     "default_info": "03cde122-441d-46c5-a02d-19d28f3fd882",

>     "zonegroups": [

>         "default"

>     ]

> }

>

> CLI: radosgw-admin zonegroup get

> {

>     "id": "03cde122-441d-46c5-a02d-19d28f3fd882",

>     "name": "default",

>     "api_name": "",

^^^ api name

>     "is_master": "true",

>     "endpoints": [],

>     "hostnames": [],

>     "hostnames_s3website": [],

>     "master_zone": "cb991931-88b1-4415-9d7f-a22cdce55ce7",

>     "zones": [

>         {

>             "id": "cb991931-88b1-4415-9d7f-a22cdce55ce7",

>             "name": "default",

>             "endpoints": [],

>             "log_meta": "false",

>             "log_data": "false",

>             "bucket_index_max_shards": 0,

>             "read_only": "false"

>         }

>     ],

>     "placement_targets": [

>         {

>             "name": "default-placement",

>             "tags": []

>         }

>     ],

>     "default_placement": "default-placement",

>     "realm_id": "a62bf866-f52b-4732-80b0-50a7287703f1"

> }

> - Zone:

> CLI: radosgw-admin zone list

> {

>     "default_info": "cb991931-88b1-4415-9d7f-a22cdce55ce7",

>     "zones": [

>         "default"

>     ]

> }

>

> CLI: radosgw-admin zone get

> {

>     "id": "cb991931-88b1-4415-9d7f-a22cdce55ce7",

>     "name": "default",

>     "domain_root": "default.rgw.data.root",

>     "control_pool": "default.rgw.control",

>     "gc_pool": "default.rgw.gc",

>     "log_pool": "default.rgw.log",

>     "intent_log_pool": "default.rgw.intent-log",

>     "usage_log_pool": "default.rgw.usage",

>     "user_keys_pool": "default.rgw.users.keys",

>     "user_email_pool": "default.rgw.users.email",

>     "user_swift_pool": "default.rgw.users.swift",

>     "user_uid_pool": "default.rgw.users.uid",

>     "system_key": {

>         "access_key": "",

>         "secret_key": ""

>     },

>     "placement_pools": [

>         {

>             "key": "default-placement",

>             "val": {

>                 "index_pool": "default.rgw.buckets.index",

>                 "data_pool": "default.rgw.buckets.data",

>                 "data_extra_pool": "default.rgw.buckets.non-ec",

>                 "index_type": 0

>             }

>         }

>     ],

>     "metadata_heap": "default.rgw.meta",

>     "realm_id": ""

> }

> - User infor:

> {

>     "user_id": "1",

>     "display_name": "User1",

>     "email": "user1@xxxxxxxx",

>     "suspended": 0,

>     "max_buckets": 1000,

>     "auid": 0,

>     "subusers": [],

>     "keys": [

>         {

>             "user": "1",

>             "access_key": "<//>",

>             "secret_key": "<//>"

>         }

>     ],

>     "swift_keys": [],

>     "caps": [],

>     "op_mask": "read, write, delete",

>     "default_placement": "",

>     "placement_tags": [],

>     "bucket_quota": {

>         "enabled": false,

>         "max_size_kb": -1,

>         "max_objects": -1

>     },

>     "user_quota": {

>         "enabled": false,

>         "max_size_kb": -1,

>         "max_objects": -1

>     },

>     "temp_url_keys": []

> }

>

> -RGW config:

> [global]

> //

> rgw zonegroup root pool = .rgw.root

> [client.rgw.radosgw1]

> rgw_frontends = "civetweb port=8888

> error_log_file=/var/log/ceph/civetweb.error.log

> access_log_file=/var/log/ceph/civetweb.access.log debug-civetweb=10"

> rgw_zone      = default

> rgw region    = default

> rgw enable ops log = true

> rgw log nonexistent bucket = true

> rgw enable usage log = true

> rgw log object name utc  = true

> rgw intent log object name = %Y-%m-%d-%i-%n

> rgw intent log object name utc = true

>

> User1 not own any bucket, any object. I used a python boto3 to interact with

> the S3, here is my code:

> s3 = boto3.client(service_name='s3',

> region_name='default',

> aws_access_key_id='<//>',aws_secret_access_key='<//>',

> use_ssl=False, endpoint_url='http://192.168.1.1:8888',

> config=Config(signature_version='s3v4'))

> print s3.list_buckets()

> And this is result:

> {u'Owner': {u'DisplayName': 'User1', u'ID': '1'}, u'Buckets': [],

> 'ResponseMetadata': {'HTTPStatusCode': 200, 'HostId': '', 'RequestId':

> 'tx000000000000000000001-00574b2e2f-6304-default'}}

> print s3.create_bucket(ACL='public-read-write', Bucket='image',

>                        CreateBucketConfiguration={'LocationConstraint':

> 'default'},

the location constraint needs to match the zonegroup's api name. Your

zonegroup does not have an api name, so this should be empty.

Yehuda

>                        GrantFullControl='image')

> And i recive:

> HTTP/1.1 400 Bad Request.

> botocore.exceptions.ClientError: An error occurred (InvalidRequest) when

> calling the CreateBucket operation: Unknown

>

> I did wrong something? Can somebody please help me out ?

> Thank !

>

>

>

>

>

> _______________________________________________

> ceph-users mailing list

> ceph-users@xxxxxxxxxxxxxx

> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com

>

_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com