Am 28.10.19 um 15:48 schrieb Casey Bodley: > > On 10/24/19 8:38 PM, Oliver Freyermuth wrote: >> Dear Cephers, >> >> I have a question concerning static websites with RGW. >> To my understanding, it is best to run >=1 RGW client for "classic" S3 and in addition operate >=1 RGW client for website serving >> (potentially with HAProxy or its friends in front) to prevent messup of requests via the different protocols. >> >> I'd prefer to avoid "*.example.com" entries in DNS if possible. >> So my current setup has these settings for the "web" RGW client: >> rgw_enable_static_website = true >> rgw_enable_apis = s3website >> rgw_dns_s3website_name = some_value_unused_when_A_records_are_used_pointing_to_the_IP_but_it_needs_to_be_set >> and I create simple A records for each website pointing to the IP of this "web" RGW node. >> >> I can easily upload content for those websites to the other RGW instances which are serving S3, >> so S3 and s3website APIs are cleanly separated in separate instances. >> >> However, one issue remains: How do I run >> s3cmd ws-create >> on each website-bucket once? >> I can't do that against the "classic" S3-serving RGW nodes. This will give me a 405 (not allowed), >> since they do not have rgw_enable_static_website enabled. >> I also can not run it against the "web S3" nodes, since they do not have the S3 API enabled. >> Of course I could enable that, but then the RGW node can't cleanly disentangle S3 and website requests since I use A records. >> >> Does somebody have a good idea on how to solve this issue? >> Setting "rgw_enable_static_website = true" on the S3-serving RGW nodes would solve it, but does that have any bad side-effects on their S3 operation? > > Enabling static website on the gateway serving the S3 api does look like the right solution. As far as I can tell, it's only used to control whether the S3 ops for PutBucketWebsite, GetBucketWebsite, and DeleteBucketWebsite are exposed. Thanks, that's also how I would read the code at first glance - good to see it confirmed. Then this is what we'll use :-). Cheers, Oliver > >> >> Also, if there's an expert on this: Exposing a bucket under a tenant as static website is not possible since the colon (:) can't be encoded in DNS, right? >> >> >> In case somebody also wants to set something like this up, here are the best docs I could find: >> https://gist.github.com/robbat2/ec0a66eed28e5f0e1ef7018e9c77910c >> and of course: >> https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/2/html-single/object_gateway_guide_for_red_hat_enterprise_linux/index#configuring_gateways_for_static_web_hosting >> >> >> Cheers, >> Oliver >> >> >> _______________________________________________ >> ceph-users mailing list -- ceph-users@xxxxxxx >> To unsubscribe send an email to ceph-users-leave@xxxxxxx > _______________________________________________ > ceph-users mailing list -- ceph-users@xxxxxxx > To unsubscribe send an email to ceph-users-leave@xxxxxxx
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
