Christian <syphdias+ceph@xxxxxxxxx> writes: > Hi, > > I found this (rgw s3 auth order = local, external) on the web: > https://opendev.org/openstack/charm-ceph-radosgw/commit/3e54b570b1124354704bd5c35c93dce6d260a479 > > Which is seemingly exactly what I need for circumventing higher > latency when switching on keystone authentication. In fact it even > improves performance slightly without enabling keystone authentication > which strikes me as odd. Which leads me to the conclusion that this is > disabling some mechanism that usually takes time. By default rgw tries external authentication engines first before attempting locally, in case rgw s3 auth use keystone is enabled, then keystone is attempted first, which would be the right behaviour if you don't want users created via rgw-admin to shadow the actual users in keystone. Changing the order first tries to find the user locally which reduces that roundtrip to keystone. In the case when you disabled keystone was rgw keystone url empty? > I could not find any official documentation for this option. > Does anyone have any experience with this? > > Regards, > Christian > > PS: Sorry for the resend, I used the wrong sending address. > _______________________________________________ > ceph-users mailing list > ceph-users@xxxxxxxxxxxxxx > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com > -- Abhishek Lekshmanan SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) _______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
 |