Emperor
Mostly our evaluation is going pretty well, but things like this are
driving us crazy. Less crazy then when we were evaluating swift however :)
The part I am most worried about is we have no idea how to even start
finding out what is happening here. The admin interface has very little
documentation, and when it is obviously working (since we can get some
answers out of it) and it just decided it doesn't want us to be able to see
some stuff it is a bit of a problem.
On Wed, Jan 8, 2014 at 4:29 PM, Wido den Hollander <w...@42on.com> wrote:
> On 01/08/2014 04:25 AM, Blair Nilsson wrote:
>
>> nope, doesn't work...
>>
>> I have an admin user... with the right caps.
>>
>>
>>
>> { "user_id": "admin2",
>> "display_name": "Admin 2admin",
>> "email": "",
>> "suspended": 0,
>> "max_buckets": 1000,
>> "auid": 0,
>> "subusers": [],
>> "keys": [
>> { "user": "admin2",
>> "access_key": "1DNQ2FK80XQZJMB14W1C",
>> "secret_key": "BJDKNhMnCc4Cib+3QIdSGMR4yOE0YVJVS9HCuAmW"},
>> { "user": "admin2",
>> "access_key": "KXH0BM1IQ9CP24IB9IP9",
>> "secret_key": "wbtya+dX505X7zdfKKh926nbbRtBnLW8ghHAQo9j"}],
>> "swift_keys": [],
>> "caps": [
>> { "type": "buckets",
>> "perm": "*"},
>> { "type": "usage",
>> "perm": "*"},
>> { "type": "users",
>> "perm": "*"}],
>> "op_mask": "read, write, delete",
>> "default_placement": "",
>> "placement_tags": [],
>> "bucket_quota": { "enabled": false,
>> "max_size_kb": -1,
>> "max_objects": -1}}
>>
>> but....
>>
>> ./s3curl.pl <http://s3curl.pl/> --id=admin --
>>
>> http://162.243.33.180/admin/user
>>
>> gives me
>>
>> {"Code":"AccessDenied"}
>>
>> however... I CAN use
>>
>> ./s3curl.pl <http://s3curl.pl/> --id=admin --
>>
>> http://162.243.33.180/admin/bucket
>>
>> and it gives me.
>>
>> ["files.wyaeld.com <http://files.wyaeld.com/>","private.wyaeld.com
>> <http://private.wyaeld.com/>"]
>>
>>
>> which are the 2 buckets in the system.
>>
>> Any ideas on what is going on?
>>
>>
> So what Ceph version do you use? Since I've been running into the same
> problem.
>
> I could however query for a user, but a PUT request to create a user would
> always give me AccessDenied.
>
> I'm running 0.67.5 Dumpling.
>
> Wido
>
>
>> On Fri, Dec 20, 2013 at 7:47 PM, JuanJose Galvez
>> <juanjose.gal...@inktank.com <mailto:juanjose.gal...@inktank.com>> wrote:
>>
>> On 12/19/2013 2:02 PM, Blair Nilsson wrote:
>>
>>> How do find or create a user that can use the admin operations for
>>> the object gateway?
>>>
>>> The manual says "Some operations require that the user holds
>>> special administrative capabilities."
>>>
>>> But I can't find if there is a pre setup user with these, or how
>>> to create one myself.
>>>
>> You would need to create the user. As an example I just created the
>> following on my cluster:
>>
>> radosgw-admin user create --uid=admin --display-name="JuanJose
>> Galvez" --caps="usage=read, write; users=read, write; buckets=read,
>> write;"
>>
>> You'll notice in the output that it has the following capabilities
>> which normal users do not have:
>>
>> "caps": [
>> { "type": "buckets",
>> "perm": "*"},
>> { "type": "usage",
>> "perm": "*"},
>> { "type": "users",
>> "perm": "*"}],
>>
>> I hope that helps. If you need more information on the API and what
>> caps are needed for which functions that is found over here:
>> http://ceph.com/docs/master/radosgw/adminops/
>>
>>>
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> ceph-users mailing list
>>> ceph-users@lists.ceph.com <mailto:ceph-users@lists.ceph.com>
>>> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>>>
>>
>>
>> --
>> JuanJose "JJ" Galvez
>> Professional Services
>> Inktank Storage, Inc.
>> LinkedIn:http://www.linkedin.com/in/jjgalvez
>>
>>
>> _______________________________________________
>> ceph-users mailing list
>> ceph-users@lists.ceph.com <mailto:ceph-users@lists.ceph.com>
>> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>>
>>
>>
>>
>>
>> _______________________________________________
>> ceph-users mailing list
>> ceph-users@lists.ceph.com
>> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>>
>>
>
> --
> Wido den Hollander
> 42on B.V.
>
> Phone: +31 (0)20 700 9902
> Skype: contact42on
>
> _______________________________________________
> ceph-users mailing list
> ceph-users@lists.ceph.com
> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>
_______________________________________________
ceph-users mailing list
ceph-users@lists.ceph.com
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
