I see : acct_user=foo, acct_name=foo,
Are you using radosgw with tenants?
If not it could be the problem
Orit
On Sat, Apr 1, 2017 at 7:43 AM, Ben Hines <bhines@xxxxxxxxx> wrote:
I'm also trying to use lifecycles (via boto3) but i'm getting permission denied trying to create the lifecycle. I'm bucket owner with full_control and WRITE_ACP for good measure. Any ideas?This is debug ms=20 debug radosgw=202017-03-31 21:28:18.382217 7f50d0010700 2 req 8:0.000693:s3:PUT /bentest:put_lifecycle:verifying op permissions 2017-03-31 21:28:18.382222 7f50d0010700 5 Searching permissions for identity=RGWThirdPartyAccountAuthApplier() -> RGWLocalAuthApplier(acct_user= foo, acct_name=foo, subuser=, perm_mask=15, is_admin=) mask=56 2017-03-31 21:28:18.382232 7f50d0010700 5 Searching permissions for uid=foo2017-03-31 21:28:18.382235 7f50d0010700 5 Found permission: 152017-03-31 21:28:18.382237 7f50d0010700 5 Searching permissions for group=1 mask=562017-03-31 21:28:18.382297 7f50d0010700 5 Found permission: 32017-03-31 21:28:18.382307 7f50d0010700 5 Searching permissions for group=2 mask=562017-03-31 21:28:18.382313 7f50d0010700 5 Permissions for group not found2017-03-31 21:28:18.382318 7f50d0010700 5 Getting permissions identity=RGWThirdPartyAccountAuthApplier() -> RGWLocalAuthApplier(acct_user= foo, acct_name=foo, subuser=, perm_mask=15, is_admin=) owner=foo perm=8 2017-03-31 21:28:18.382325 7f50d0010700 10 identity=RGWThirdPartyAccountAuthApplier() -> RGWLocalAuthApplier(acct_user= foo, acct_name=foo, subuser=, perm_mask=15, is_admin=) requested perm (type)=8, policy perm=8, user_perm_mask=8, acl perm=8 2017-03-31 21:28:18.382330 7f50d0010700 2 req 8:0.000808:s3:PUT /bentest:put_lifecycle:verifying op params 2017-03-31 21:28:18.382334 7f50d0010700 2 req 8:0.000813:s3:PUT /bentest:put_lifecycle:pre-executing 2017-03-31 21:28:18.382339 7f50d0010700 2 req 8:0.000817:s3:PUT /bentest:put_lifecycle:executing 2017-03-31 21:28:18.382361 7f50d0010700 15 read len=183 data="" xmlns="http://s3.amazonaws.com/doc/2006-03-01/ "><Rule><Status>Enabled</Status><Expiration> <Days>1</Days></Expiration>< ID>0</ID></Rule></LifecycleCon figuration> 2017-03-31 21:28:18.382439 7f50d0010700 2 req 8:0.000917:s3:PUT /bentest:put_lifecycle:completing 2017-03-31 21:28:18.382594 7f50d0010700 2 req 8:0.001072:s3:PUT /bentest:put_lifecycle:op status=-132017-03-31 21:28:18.382620 7f50d0010700 2 req 8:0.001098:s3:PUT /bentest:put_lifecycle:http status=4032017-03-31 21:28:18.382665 7f50d0010700 1 ====== req done req=0x7f50d000a340 op status=-13 http_status=403 ======-BenOn Tue, Mar 28, 2017 at 6:42 AM, Daniel Gryniewicz <dang@xxxxxxxxxx> wrote:It is intended to work like AWS S3, yes. Not every feature of AWS lifecycle is supported, (for example no moving between storage tiers), but deletion works, and is tested in teuthology runs.On 03/27/2017 04:28 PM, ceph.novice@xxxxxxxxxxxxxxxx wrote:
Hi Cephers.
Couldn't find any special documentation about the "S3 object expiration"
so I assume it should work "AWS S3 like" (?!?) ... BUT ...
we have a test cluster based on 11.2.0 - Kraken and I set some object
expiration dates via CyberDuck and DragonDisk, but the objects are still
there, days after the applied date/time. Do I miss something?
Thanks & regards
Did you somehow turn it off? The config option rgw_enable_lc_threads controls it, but it defaults to "on". Also make sure rgw_lc_debug_interval is not set, and that rgw_lifecycle_work_time isn't set to some interval too small scan your objects...
Daniel
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph. com
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
