On Thu, 28 Feb 2019, Matthew H wrote: > This feature is in the Nautilus release. > > The first release (14.1.0) of Nautilus is available from > download.ceph.com as of last Friday. Please keep in mind this is a release candidate. The first official stable nautilus release will be 14.2.0 in a week or two. sage > > ________________________________ > From: ceph-users <ceph-users-bounces@xxxxxxxxxxxxxx> on behalf of admin <admin@xxxxxxxxxxx> > Sent: Thursday, February 28, 2019 4:22 AM > To: Pritha Srivastava; Sage Weil; ceph-users@xxxxxxxx > Subject: Re: [Ceph-community] How does ceph use the STS service? > > Hi, can you tell me the version that includes STS lite? > Thanks, > myxingkong > > > 发件人: Pritha Srivastava<mailto:prsrivas@xxxxxxxxxx> > 发送时间: 2019-02-27 23:53:58 > 收件人: Sage Weil<mailto:sage@xxxxxxxxxxxx> > 抄送: admin<mailto:admin@xxxxxxxxxxx>; ceph-users@xxxxxxxx<mailto:ceph-users@xxxxxxxx> > 主题: Re: [Ceph-community] How does ceph use the STS service? > Sorry I overlooked the ceph versions in the email. > > STS Lite is not a part of ceph version 12.2.11 or ceph version 13.2.2. > > Thanks, > Pritha > > On Wed, Feb 27, 2019 at 9:09 PM Pritha Srivastava <prsrivas@xxxxxxxxxx<mailto:prsrivas@xxxxxxxxxx>> wrote: > You need to attach a policy to be able to invoke GetSessionToken. Please read the documentation below at: > > https://github.com/ceph/ceph/pull/24818/commits/512b6d8bd951239d44685b25dccaf904f19872b2 > > Thanks, > Pritha > > On Wed, Feb 27, 2019 at 8:59 PM Sage Weil <sage@xxxxxxxxxxxx<mailto:sage@xxxxxxxxxxxx>> wrote: > Moving this to ceph-users. > > On Wed, 27 Feb 2019, admin wrote: > > > I want to use the STS service to generate temporary credentials for use by third-party clients. > > > > I configured STS lite based on the documentation. > > http://docs.ceph.com/docs/master/radosgw/STSLite/ > > > > This is my configuration file: > > > > [global] > > fsid = 42a7cae1-84d1-423e-93f4-04b0736c14aa > > mon_initial_members = admin, node1, node2, node3 > > mon_host = 192.168.199.81,192.168.199.82,192.168.199.83,192.168.199.84 > > auth_cluster_required = cephx > > auth_service_required = cephx > > auth_client_required = cephx > > > > osd pool default size = 2 > > > > [client.rgw.admin] > > rgw sts key = "1234567890" > > rgw s3 auth use sts = true > > > > When I execute the getSessionToken method, return a 405 error: > > > > <Error> > > <Code>MethodNotAllowed</Code> > > <RequestId>tx000000000000000000003-005c73aed8-5e48-default</RequestId> > > <HostId>5e48-default-default</HostId> > > </Error> > > > > This is my test code: > > > > import os > > import sys > > import traceback > > > > import boto3 > > from boto.s3.connection import S3Connection > > from boto.sts import STSConnection > > > > try: > > host = 'http://192.168.199.81:7480' > > access_key = '2324YFZ7QDEOSRL18QHR' > > secret_key = 'rL9FabxCOw5LDbrHtmykiGSCjzpKLmEs9WPiNjVJ' > > > > client = boto3.client('sts', > > aws_access_key_id = access_key, > > aws_secret_access_key = secret_key, > > endpoint_url = host) > > response = client.get_session_token(DurationSeconds=999) > > print response > > except: > > print traceback.format_exc() > > > > Who can tell me if my configuration is incorrect or if the version I tested does not provide STS service? > > > > This is the version I tested: > > > > ceph version 12.2.11 (26dc3775efc7bb286a1d6d66faee0ba30ea23eee) luminous (stable) > > > > ceph version 13.2.2 (02899bfda814146b021136e9d8e80eba494e1126) mimic (stable)_______________________________________________ > ceph-users mailing list > ceph-users@xxxxxxxxxxxxxx<mailto:ceph-users@xxxxxxxxxxxxxx> > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com >
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
