radosgw-admin realm pull from the secondary site fails "(13) Permission denied"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I have been trying to create two virtual test clusters to learn about the
RGW multisite setting.  So far, I have set up two small Nautilus
(v.14.2.16) clusters, designated one of them as the "master zone site" and
followed every step outlined in the doc (
https://docs.ceph.com/en/nautilus/radosgw/multisite/), including create a
system user, updating the period, and restarting the rgw daemon.  (For the
sake of simplicity, there is only one RGW daemon running on each site.)

Once I installed the RGW daemon on the secondary zone site, I tried pulling
the realm from the master zone cluster, but ended up with this:

```
$ radosgw-admin realm pull --url=http://<master zone gateway>:80
--access-key=<system_access_key>  --secret=<system_secret_key>
request failed: (13) Permission denied
If the realm has been changed on the master zone, the master zone's gateway
may need to be restarted to recognize this user.
```
I tried adding the --rgw-realm=<realm set up in the primary site>, but the
result was the same.   I restarted the rgw daemon on both sides -- that did
not help, either.

The output of all of the following on the master zone side, as far as I
could tell, seems correct -- the realm, zonegroup, zone I created are the
only ones and set to default.
```
radosgw-admin zone/zonegroup/realm list
radosgw-admin zone/zonegroup/realm get
```

On the "master zone" side, the rgw log shows
```
2021-01-22 13:34:48.404 7fb9ca89e700  1 ====== starting new request
req=0x7fb9ca897740 =====
2021-01-22 13:34:48.428 7fb9ca89e700  1 ====== req done req=0x7fb9ca897740
op status=0 http_status=403 latency=0.0240002s ======
2021-01-22 13:34:48.428 7fb9ca89e700  1 civetweb: 0x559d6509a000:
10.33.30.55 - - [22/Jan/2021:13:34:48 -0500] "GET /admin/realm HTTP/1.1"
403 318 - -
```

I am using Ubuntu 18.04, Ceph v.14.2.16, deployed using `ceph-deploy`.

*Mami Hayashida*
*Research Computing Associate*
Univ. of Kentucky ITS Research Computing Infrastructure
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx
[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]

  Powered by Linux