Re: Migrating RGW from FastCGI to Civetweb

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



SOLVED! S3-style subdomains work now!

In summary, to cutover from apache to civetweb without breaking other sites on the same domain, here are the changes that worked for me:

/etc/ceph/ceph.conf:
# FASTCGI SETTINGS
#rgw socket path = ""
#rgw print continue = false
#rgw frontends = fastcgi socket_port=9000 socket_host=0.0.0.0
# CIVETWEB SETTINGS
rgw frontends = civetweb port=7480

httpd.conf/ssl.conf:
# FASTCGI SETTINGS
#ProxyPass / fcgi://localhost:9000/
# CIVETWEB SETTINGS
ProxyPass / http://localhost:7480/
ProxyPassReverse / http://localhost:7480/
ProxyPreserveHost On

Then restart ceph-radosgw and httpd. 

If you run CentOS 7 like I do, you may have SELinux interference to deal with. After the above, I would get this error accessing the gateway: "503 Service Unavailable" and in /var/log/messages a corresponding error, "SELinux is preventing /usr/sbin/httpd from name_connect access on the tcp_socket port 7480."

I temporarily fixed the SELinux error with: setenforce 0

I permanently fixed the SELinux error with: semanage port -a -t http_port_t -p tcp 7480

Thanks to Richard Hesketh for steering me in the right direction!


On Wed, Jul 12, 2017 at 3:52 AM Richard Hesketh <richard.hesketh@xxxxxxxxxxxx> wrote:
Oh, correcting myself. When HTTP proxying Apache translates the host header to whatever was specified in the ProxyPass line, so your civetweb server is receiving requests with host headers for localhost! Presumably for fcgi protocol it works differently. Nonetheless ProxyPreserveHost should solve your problem.

Rich

On 12/07/17 10:40, Richard Hesketh wrote:
> Best guess, apache is munging together everything it picks up using the aliases and translating the host to the ServerName before passing on the request. Try setting ProxyPreserveHost on as per https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxypreservehost ?
>
> Rich
>
> On 11/07/17 21:47, Roger Brown wrote:
>> Thank you Richard, that mostly worked for me.
>>
>> But I notice that when I switch it from FastCGI to Civitweb that the S3-style subdomains (e.g., bucket-name.domain-name.com <http://bucket-name.domain-name.com>) stops working and I haven't been able to figure out why on my own.
>>
>> - ceph.conf excerpt:
>>     [client.radosgw.gateway]
>>     host = nuc1
>>     keyring = /etc/ceph/ceph.client.radosgw.keyring
>>     log file = /var/log/ceph/client.radosgw.gateway.log
>>     rgw dns name = s3.e-prepared.com <http://s3.e-prepared.com>
>>     # FASTCGI SETTINGS
>>     rgw socket path = ""
>>     rgw print continue = false
>>     rgw frontends = fastcgi socket_port=9000 socket_host=0.0.0.0
>>     # CIVETWEB SETTINGS
>>     #rgw frontends = civetweb port=7480
>>
>> - httpd.conf excerpt
>>     <VirtualHost *:80>
>>         ServerName s3.e-prepared.com <http://s3.e-prepared.com>
>>         ServerAlias *.s3.e-prepared.com <http://s3.e-prepared.com>
>>         ServerAlias s3.amazonaws.com <http://s3.amazonaws.com>
>>         ServerAlias *.amazonaws.com <http://amazonaws.com>
>>         DocumentRoot /srv/www/html/e-prepared_com/s3
>>         ErrorLog /var/log/httpd/rgw_error.log
>>         CustomLog /var/log/httpd/rgw_access.log combined
>>         # LogLevel debug
>>         RewriteEngine On
>>         RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
>>         SetEnv proxy-nokeepalive 1
>>         # FASTCGI SETTINGS
>>         ProxyPass / fcgi://localhost:9000/
>>         # CIVETWEB SETTINGS
>>         #ProxyPass / http://localhost:7480/
>>         #ProxyPassReverse / http://localhost:7480/
>>     </VirtualHost>
>>
>> With the above FastCGI settings, S3-style subdomains work. Eg.
>> [root@nuc1 ~]# curl http://roger-public.s3.e-prepared.com/index.html
>> <!DOCTYPE html>
>> <html>
>>   <body>
>>     <p>Hello, World!</p>
>>   </body>
>> </html>
>>
>> But when I comment out the fastcgi settings, uncomment the civetweb settings, and restart ceph-radosgw and http (and disable selinux), I get output like this:
>> [root@nuc1 ~]# curl http://roger-public.s3.e-prepared.com/index.html
>> <?xml version="1.0" encoding="UTF-8"?><Error><Code>NoSuchBucket</Code><BucketName>index.html</BucketName><RequestId>tx000000000000000000003-00596536b0-1465f8-default</RequestId><HostId>1465f8-default-default</HostId></Error>
>>
>> However I can still access the bucket the old-fashioned way (e.g., domain-name.com/bucket-name <http://domain-name.com/bucket-name>) even with Civetweb running:
>> [root@nuc1 ~]# curl http://s3.e-prepared.com/roger-public/index.html
>> <!DOCTYPE html>
>> <html>
>>   <body>
>>     <p>Hello, World!</p>
>>   </body>
>> </html>
>>
>> Thoughts, anyone?
>>
>> Roger
>
>
>
> _______________________________________________
> ceph-users mailing list
> ceph-users@xxxxxxxxxxxxxx
> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>


--
---
Richard Hesketh
Linux Systems Administrator, Research Platforms
BBC Research & Development

_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com

[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]


  Powered by Linux