Den tis 17 aug. 2021 kl 11:46 skrev Chris Palmer <chris.palmer@xxxxxxxxx>: > > Hi Christian > > I don't have much experience with multisite so I'll let someone else > answer that aspect. But each RGW will only accept requests where the > Host header matches one of the "hostnames" configured as below. > Otherwise the client will simply get an error response. So, as someone > else suggested, a proxy could inject/overwrite a suitable Host header > (haven't thought through whether that could affect signed URLs). We set > the hostnames as it allows some of our internal traffic to hit RGWs > without going through the proxy, whereas external traffic must come > through the proxy. In that case we didn't need the proxy to inject a > Host header. Don't forget that v4 auth bakes in the clients idea of what the hostname of the endpoint was, so its not only about changing headers. If you are not using v2 auth, you will not be able to rewrite the hostname on the fly. -- May the most significant bit of your life be positive. _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |