Re: [Ceph-community] How does ceph use the STS service?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This feature is in the Nautilus release.

The first release (14.1.0) of Nautilus is available from download.ceph.com as of last Friday.

From: ceph-users <ceph-users-bounces@xxxxxxxxxxxxxx> on behalf of admin <admin@xxxxxxxxxxx>
Sent: Thursday, February 28, 2019 4:22 AM
To: Pritha Srivastava; Sage Weil; ceph-users@xxxxxxxx
Subject: Re: [Ceph-community] How does ceph use the STS service?
 
Hi, can you tell me the version that includes STS lite?
Thanks,
myxingkong


发件人: Pritha Srivastava
发送时间: 2019-02-27 23:53:58
收件人:  Sage Weil
主题: Re: [Ceph-community] How does ceph use the STS service?
Sorry I overlooked the ceph versions in the email.

STS Lite is not a part of ceph version 12.2.11 or ceph version 13.2.2.

Thanks,
Pritha

On Wed, Feb 27, 2019 at 9:09 PM Pritha Srivastava <prsrivas@xxxxxxxxxx> wrote:
You need to attach a policy to be able to invoke GetSessionToken. Please read the documentation below at:

https://github.com/ceph/ceph/pull/24818/commits/512b6d8bd951239d44685b25dccaf904f19872b2

Thanks,
Pritha

On Wed, Feb 27, 2019 at 8:59 PM Sage Weil <sage@xxxxxxxxxxxx> wrote:
Moving this to ceph-users.

On Wed, 27 Feb 2019, admin wrote:

> I want to use the STS service to generate temporary credentials for use by third-party clients.
>
> I configured STS lite based on the documentation.
> http://docs.ceph.com/docs/master/radosgw/STSLite/
>
> This is my configuration file:
>
> [global]
> fsid = 42a7cae1-84d1-423e-93f4-04b0736c14aa
> mon_initial_members = admin, node1, node2, node3
> mon_host = 192.168.199.81,192.168.199.82,192.168.199.83,192.168.199.84
> auth_cluster_required = cephx
> auth_service_required = cephx
> auth_client_required = cephx
>
> osd pool default size = 2
>
> [client.rgw.admin]
> rgw sts key = "1234567890"
> rgw s3 auth use sts = true
>
> When I execute the getSessionToken method, return a 405 error:
>
> <Error>
>     <Code>MethodNotAllowed</Code>
>     <RequestId>tx000000000000000000003-005c73aed8-5e48-default</RequestId>
>     <HostId>5e48-default-default</HostId>
> </Error>
>
> This is my test code:
>
> import os
> import sys
> import traceback
>
> import boto3
> from boto.s3.connection import S3Connection
> from boto.sts import STSConnection
>
> try:
>     host = 'http://192.168.199.81:7480'
>     access_key = '2324YFZ7QDEOSRL18QHR'
>     secret_key = 'rL9FabxCOw5LDbrHtmykiGSCjzpKLmEs9WPiNjVJ'
>
>     client = boto3.client('sts',
>                           aws_access_key_id = access_key,
>                           aws_secret_access_key = secret_key,
>                           endpoint_url = host)
>     response = client.get_session_token(DurationSeconds=999)
>     print response
> except:
>     print traceback.format_exc()
>
> Who can tell me if my configuration is incorrect or if the version I tested does not provide STS service?
>
> This is the version I tested:
>
> ceph version 12.2.11 (26dc3775efc7bb286a1d6d66faee0ba30ea23eee) luminous (stable)
>
> ceph version 13.2.2 (02899bfda814146b021136e9d8e80eba494e1126) mimic (stable)_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]

  Powered by Linux