Le lun. 22 févr. 2021, à 14 h 50, Chris Palmer <chris.palmer@xxxxxxxxx> a écrit : > I'm not sure that the tenant solution is what the OP wants - my reading > is that running under a different tenant allows you have different > tenants use the same bucket and user names but still be distinct, which > wasn't what I thought was meant. > Our need is for the same user/tenant to use the Bucket using two different domains. We deployed Ceph's S3 internally with internal domains not accessible to the outside of our organization with plan to present S3 externally using a homemade api (we have our reasons). Of course, all good plans have a need for exceptions, hence my question. > > You can however get RGW to accept a list of host names regardless of > domain. Assuming you are using the default zone (adjust if otherwise): > > Extract the default zonegroup settings: > > radosgw-admin zonegroup get > zg-default > > Edit zg-default looking for "hostnames" and adjust to be a list of the > required ones (short and/or FQDN according to what the clients use). > Then install the updated settings: > > radosgw-admin zonegroup set --infile zg-default > > and restart all the RGW instances. > > We do this when fronting RGW with HAProxy, to include the individual > hostnames used by the HAProxy backend. > > Regards, Chris > Thank you very much, that worked out beautifully, we shall go with that solution. > > > On 22/02/2021 14:29, Freddy Andersen wrote: > > You need to enable users with tenants … > https://docs.ceph.com/en/latest/radosgw/multitenancy/ > > > > From: Simon Pierre DESROSIERS <simonpierre.desrosiers@xxxxxxxxxxx> > > Date: Monday, February 22, 2021 at 7:27 AM > > To: ceph-users@xxxxxxx <ceph-users@xxxxxxx> > > Subject: multiple-domain for S3 on rgws with same ceph > backend on one zone > > Hello, > > > > We have functional ceph swarm with a pair of S3 rgw in front that uses > > A.B.C.D domain to be accessed. > > > > Now a new client asks to have access using the domain : E.C.D, but to > > already existing buckets. This is not a scenario discussed in the docs. > > Apparently, looking at the code and by trying it, rgw does not support > > multiple domains for the variable rgw_dns_name. > > > > > > But reading through parts of the code, I am no dev, and my c++ is 25 > years > > rusty, I get the impression that maybe we could just add a second pair of > > rgw S3 servers that would give service to the same buckets, but using a > > different domain. > > > > Am I wrong ? Let's say this works, is this an unconscious behaviour that > > the ceph team would remove down the road ? > > > > Is there another solution that I might have missed ? We do not have > > multi-zone and there are no plans for it. And Cname (rgw_resolve_cname) > > seems to only be of use when using static sites (again, from my poor code > > reading abilities). > > > > Thank you > > > > -- > > **AVERTISSEMENT** : Ce courriel et les pièces qui y sont jointes sont > > destinés exclusivement au(x) destinataire(s) mentionné(s) ci-dessus et > > peuvent contenir de l’information privilégiée ou confidentielle. Si vous > > avez reçu ce courriel par erreur, ou s’il ne vous est pas destiné, > veuillez > > le mentionner immédiatement à l’expéditeur et effacer ce courriel ainsi > que > > les pièces jointes, le cas échéant. La copie ou la redistribution non > > autorisée de ce courriel peut être illégale. Le contenu de ce courriel ne > > peut être interprété qu’en conformité avec les lois et règlements qui > > régissent les pouvoirs des diverses instances décisionnelles compétentes > de > > la Ville de Montréal. > > _______________________________________________ > > ceph-users mailing list -- ceph-users@xxxxxxx > > To unsubscribe send an email to ceph-users-leave@xxxxxxx > > _______________________________________________ > > ceph-users mailing list -- ceph-users@xxxxxxx > > To unsubscribe send an email to ceph-users-leave@xxxxxxx > _______________________________________________ > ceph-users mailing list -- ceph-users@xxxxxxx > To unsubscribe send an email to ceph-users-leave@xxxxxxx > -- **AVERTISSEMENT** : Ce courriel et les pièces qui y sont jointes sont destinés exclusivement au(x) destinataire(s) mentionné(s) ci-dessus et peuvent contenir de l’information privilégiée ou confidentielle. Si vous avez reçu ce courriel par erreur, ou s’il ne vous est pas destiné, veuillez le mentionner immédiatement à l’expéditeur et effacer ce courriel ainsi que les pièces jointes, le cas échéant. La copie ou la redistribution non autorisée de ce courriel peut être illégale. Le contenu de ce courriel ne peut être interprété qu’en conformité avec les lois et règlements qui régissent les pouvoirs des diverses instances décisionnelles compétentes de la Ville de Montréal. _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |