I have several questions on the radosgw - OpenStack integration.
I was more or less able to set it (using a Luminous ceph cluster
and an Ocata OpenStack cloud), but I don't know if it working as expected.
So, the questions:
1.
I miss the meaning of the attribute "rgw keystone implicit tenants"
If I set "rgw keystone implicit tenants = false", accounts are created using id:
<openstack-project-id> and the display name is the name of the OpenStack project
If I set "rgw keystone implicit tenants = true", accounts are created using id:
<openstack-project-id>$<<openstack-project-id>
and, again, the display name is the name of the OpenStack project
So one account per openstack project in both cases
I would have expected two radosgw accounts for 2 openstack users belonging to the same project, setting "rgw keystone implicit tenants = true"
2
Are OpenStack users supposed to access to their data only using swift, or also via S3 ?
In the latter case, how can the user find her S3 credentials ?
I am not able to find the S3 keys for such OpenStack users also using
radosgw-admin
# radosgw-admin user info --uid="a22db12575694c9e9f8650dde73ef565\$a22db12575694c9e9f8650dde73ef565" --rgw-realm=cloudtest
...
...
"keys": [],
...
...
3
How is the admin supposed to set default quota for each project/user ?
How can then the admin modify the quota for a user ?
How can the user see the assigned quota ?
I tried relying on the "rgw user default quota max size" attribute to
set the default quota. It works for users created using "radosgw-admin user create" while
I am not able to see it working for OpenStack users (see also the thread "rgw default user quota for OpenStack users")
If I explicitly set the quota for a OpenStack user using:
radosgw-admin quota set --quota-scope=user --max-size=2G --uid="a22db12575694c9e9f8650dde73ef565\$a22db12575694c9e9f8650dde73ef565" --rgw-realm=cloudtest
radosgw-admin quota enable --quota-scope=user --uid="a22db12575694c9e9f8650dde73ef565\$a22db12575694c9e9f8650dde73ef565" --rgw-realm=cloudtest
this works (i.e. quota is enforced) but such quota is not exposed to the user (at least it is not reported anywhere in the OpenStack dashboard nor in the "swift stat" output)
4
I tried creating (using the OpenStack dashboard) containers with public access.
It looks like this works only if "rgw keystone implicit tenants" is set to false
Is this expected ?
Many thanks, Massimo
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com