I've copied Dan who may have some thoughts on this and has been
involved with this code.
On Tue, Mar 28, 2017 at 3:58 PM, Mika c <mika.leaf666@xxxxxxxxx> wrote:
> Hi Brad,
> Thanks for your help. I found that's my problem. Forget attach file name
> with words ''keyring".
>
> And sorry to bother you again. Is it possible to create a minimum privilege
> client for the api to run?
>
>
>
> Best wishes,
> Mika
>
>
> 2017-03-24 19:32 GMT+08:00 Brad Hubbard <bhubbard@xxxxxxxxxx>:
>>
>> On Fri, Mar 24, 2017 at 8:20 PM, Mika c <mika.leaf666@xxxxxxxxx> wrote:
>> > Hi Brad,
>> > Thanks for your reply. The environment already created keyring file
>> > and
>> > put it in /etc/ceph but not working.
>>
>> What was it called?
>>
>> > I have to write config into ceph.conf like below.
>> >
>> > -------ceph.conf start-------
>> > [client.symphony]
>> > log_file = /
>> > var/log/ceph/rest-api.log
>> >
>> > keyring = /etc/ceph/ceph.client.symphony
>> > public addr =
>> > 0.0.0.0
>> > :5
>> > 000
>> >
>> > restapi base url = /api/v0.1
>> > -------ceph.conf
>> > end
>> > -------
>> >
>> >
>> > Another question, have I must setting capabilities for this client like
>> > admin ?
>> > But I just want to take some information like health or df.
>> >
>> > If this client setting
>> > for a particular
>> > capabilities
>> > like..
>> > -----------------------
>> > -----------------------
>> >
>> > client.symphony
>> > key: AQBP8NRYGehDKRAAzyChAvAivydLqRBsHeTPjg==
>> > caps: [mon] allow r
>> > caps: [osd] allow r
>> > x
>> > -----------------------
>> > -----------------------
>> > Error list:
>> > Traceback (most recent call last):
>> > File "/usr/bin/ceph-rest-api", line 59, in <module>
>> > rest,
>> > File "/usr/lib/python2.7/dist-packages/ceph_rest_api.py", line 495, in
>> > generate_a
>> > pp
>> > addr, port = api_setup(app, conf, cluster, clientname, clientid,
>> > args)
>> > File "/usr/lib/python2.7/dist-packages/ceph_rest_api.py", line 146, in
>> > api_setup
>> > target=('osd', int(osdid)))
>> > File "/usr/lib/python2.7/dist-packages/ceph_rest_api.py", line 84, in
>> > get_command
>> > _descriptions
>> > raise EnvironmentError(ret, err)
>> > EnvironmentError: [Errno -1] Can't get command descriptions:
>> >
>> >
>> >
>> >
>> > Best wishes,
>> > Mika
>> >
>> >
>> > 2017-03-24 16:21 GMT+08:00 Brad Hubbard <bhubbard@xxxxxxxxxx>:
>> >>
>> >> On Fri, Mar 24, 2017 at 4:06 PM, Mika c <mika.leaf666@xxxxxxxxx> wrote:
>> >> > Hi all,
>> >> > Same question with CEPH 10.2.3 and 11.2.0.
>> >> > Is this command only for client.admin ?
>> >> >
>> >> > client.symphony
>> >> > key: AQD0tdRYjhABEhAAaG49VhVXBTw0MxltAiuvgg==
>> >> > caps: [mon] allow *
>> >> > caps: [osd] allow *
>> >> >
>> >> > Traceback (most recent call last):
>> >> > File "/usr/bin/ceph-rest-api", line 43, in <module>
>> >> > rest,
>> >> > File "/usr/lib/python2.7/dist-packages/ceph_rest_api.py", line 504,
>> >> > in
>> >> > generate_a
>> >> > pp
>> >> > addr, port = api_setup(app, conf, cluster, clientname, clientid,
>> >> > args)
>> >> > File "/usr/lib/python2.7/dist-packages/ceph_rest_api.py", line 106,
>> >> > in
>> >> > api_setup
>> >> > app.ceph_cluster.connect()
>> >> > File "rados.pyx", line 811, in rados.Rados.connect
>> >> > (/tmp/buildd/ceph-11.2.0/obj-x
>> >> > 86_64-linux-gnu/src/pybind/rados/pyrex/rados.c:10178)
>> >> > rados.ObjectNotFound: error connecting to the cluster
>> >>
>> >> # strace -eopen /bin/ceph-rest-api |& grep keyring
>> >> open("/etc/ceph/ceph.client.restapi.keyring", O_RDONLY) = -1 ENOENT
>> >> (No such file or directory)
>> >> open("/etc/ceph/ceph.keyring", O_RDONLY) = -1 ENOENT (No such file or
>> >> directory)
>> >> open("/etc/ceph/keyring", O_RDONLY) = -1 ENOENT (No such file or
>> >> directory)
>> >> open("/etc/ceph/keyring.bin", O_RDONLY) = -1 ENOENT (No such file or
>> >> directory)
>> >>
>> >> # ceph auth get-or-create client.restapi mon 'allow *' mds 'allow *'
>> >> osd 'allow *' >/etc/ceph/ceph.client.restapi.keyring
>> >>
>> >> # /bin/ceph-rest-api
>> >> * Running on http://0.0.0.0:5000/
>> >>
>> >> >
>> >> >
>> >> >
>> >> > Best wishes,
>> >> > Mika
>> >> >
>> >> >
>> >> > 2016-03-03 12:25 GMT+08:00 Shinobu Kinjo <shinobu.kj@xxxxxxxxx>:
>> >> >>
>> >> >> Yes.
>> >> >>
>> >> >> On Wed, Jan 27, 2016 at 1:10 PM, Dan Mick <dmick@xxxxxxxxxx> wrote:
>> >> >> > Is the client.test-admin key in the keyring read by ceph-rest-api?
>> >> >> >
>> >> >> > On 01/22/2016 04:05 PM, Shinobu Kinjo wrote:
>> >> >> >> Does anyone have any idea about that?
>> >> >> >>
>> >> >> >> Rgds,
>> >> >> >> Shinobu
>> >> >> >>
>> >> >> >> ----- Original Message -----
>> >> >> >> From: "Shinobu Kinjo" <skinjo@xxxxxxxxxx>
>> >> >> >> To: "ceph-users" <ceph-users@xxxxxxxxxxxxxx>
>> >> >> >> Sent: Friday, January 22, 2016 7:15:36 AM
>> >> >> >> Subject: ceph-rest-api's behavior
>> >> >> >>
>> >> >> >> Hello,
>> >> >> >>
>> >> >> >> "ceph-rest-api" works greatly with client.admin.
>> >> >> >> But with client.test-admin which I created just after building
>> >> >> >> the
>> >> >> >> Ceph
>> >> >> >> cluster , it does not work.
>> >> >> >>
>> >> >> >> ~$ ceph auth get-or-create client.test-admin mon 'allow *' mds
>> >> >> >> 'allow
>> >> >> >> *' osd 'allow *'
>> >> >> >>
>> >> >> >> ~$ sudo ceph auth list
>> >> >> >> installed auth entries:
>> >> >> >> ...
>> >> >> >> client.test-admin
>> >> >> >> key: AQCOVaFWTYr2ORAAKwruANTLXqdHOchkVvRApg==
>> >> >> >> caps: [mds] allow *
>> >> >> >> caps: [mon] allow *
>> >> >> >> caps: [osd] allow *
>> >> >> >>
>> >> >> >> ~$ ceph-rest-api -n client.test-admin
>> >> >> >> Traceback (most recent call last):
>> >> >> >> File "/bin/ceph-rest-api", line 59, in <module>
>> >> >> >> rest,
>> >> >> >> File "/usr/lib/python2.7/site-packages/ceph_rest_api.py", line
>> >> >> >> 504,
>> >> >> >> in generate_app
>> >> >> >> addr, port = api_setup(app, conf, cluster, clientname,
>> >> >> >> clientid,
>> >> >> >> args)
>> >> >> >> File "/usr/lib/python2.7/site-packages/ceph_rest_api.py", line
>> >> >> >> 106,
>> >> >> >> in api_setup
>> >> >> >> app.ceph_cluster.connect()
>> >> >> >> File "/usr/lib/python2.7/site-packages/rados.py", line 485, in
>> >> >> >> connect
>> >> >> >> raise make_ex(ret, "error connecting to the cluster")
>> >> >> >> rados.ObjectNotFound: error connecting to the cluster
>> >> >> >>
>> >> >> >> # ceph version 9.2.0 (bb2ecea240f3a1d525bcb35670cb07bd1f0ca299)
>> >> >> >>
>> >> >> >> Is that expected behavior?
>> >> >> >> Or if I've missed anything, please point it out to me.
>> >> >> >>
>> >> >> >> Rgds,
>> >> >> >> Shinobu
>> >> >> >> _______________________________________________
>> >> >> >> ceph-users mailing list
>> >> >> >> ceph-users@xxxxxxxxxxxxxx
>> >> >> >> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>> >> >> >>
>> >> >> >
>> >> >> >
>> >> >> > --
>> >> >> > Dan Mick
>> >> >> > Red Hat, Inc.
>> >> >> > Ceph docs: http://ceph.com/docs
>> >> >> > _______________________________________________
>> >> >> > ceph-users mailing list
>> >> >> > ceph-users@xxxxxxxxxxxxxx
>> >> >> > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>> >> >>
>> >> >>
>> >> >>
>> >> >> --
>> >> >> Email:
>> >> >> shinobu@xxxxxxxxx
>> >> >> GitHub:
>> >> >> shinobu-x
>> >> >> Blog:
>> >> >> Life with Distributed Computational System based on OpenSource
>> >> >> _______________________________________________
>> >> >> ceph-users mailing list
>> >> >> ceph-users@xxxxxxxxxxxxxx
>> >> >> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>> >> >
>> >> >
>> >> >
>> >> > _______________________________________________
>> >> > ceph-users mailing list
>> >> > ceph-users@xxxxxxxxxxxxxx
>> >> > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>> >> >
>> >>
>> >>
>> >>
>> >> --
>> >> Cheers,
>> >> Brad
>> >
>> >
>>
>>
>>
>> --
>> Cheers,
>> Brad
>
>
--
Cheers,
Brad
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
