Hi Mark, Good you got the solution. But since you have already done authenticating RadosGW with Keystone, I am having one issue that you can help with. For me I get an error "411 Length Required" with Keystone token authentication. To fix this I use "WSGIChunkedRequest On" in rgw.conf as mentioned in http://tracker.ceph.com/issues/7796.
Did you face the issue, if yes what was your solution. On Wed, Oct 8, 2014 at 12:22 PM, Mark Kirkwood < mark.kirkw...@catalyst.net.nz> wrote: > On 08/10/14 18:46, Mark Kirkwood wrote: > >> I have a recent ceph (0.85-1109-g73d7be0) configured to use keystone for >> authentication: >> >> $ cat ceph.conf >> ... >> [client.radosgw.gateway] >> host = ceph4 >> keyring = /etc/ceph/ceph.rados.gateway.keyring >> rgw_socket_path = /var/run/ceph/$name.sock >> log_file = /var/log/ceph/radosgw.log >> rgw_data = /var/lib/ceph/radosgw/$cluster-$id >> rgw_dns_name = ceph4 >> rgw print continue = false >> debug rgw = 20 >> rgw keystone url = http://stack1:35357 >> rgw keystone admin token = tokentoken >> rgw keystone accepted roles = admin Member _member_ >> rgw keystone token cache size = 500 >> rgw keystone revocation interval = 500 >> rgw s3 auth use keystone = true >> nss db path = /var/ceph/nss/ >> >> So ceph4 is the rgw and stack1 is a devstack setup with keystone >> endpoints for S3 and Swift pointing to the ceph4 host: >> >> $ keystone endpoint-list >> ... >> | b884053b2c6f4217ad643c25c001217b | RegionOne | >> http://ceph4 | http://ceph4 >> | http://ceph4 | >> be62ab8531d143a7bce5ae6020d13918 | >> | d7a8338dd5684f5d8dfde406b0780462 | RegionOne | >> http://ceph4/swift/v1/ | http://ceph4/swift/v1/ >> | http://ceph4/swift/v1/ | >> c2d4550d71e94a6a966af810c9ad0568 | >> >> When I create some buckets and keys using the S3 api (Boto) then I can >> list them and their contents (see attached) >> >> demo-bucket0 2014-10-08T05:02:03.000Z >> hello.txt 12 2014-10-08T05:02:06.000Z >> >> When I try a similar thing via swift: >> $ swift upload container0 file >> Object PUT failed: http://ceph4/swift/v1/container0/local.conf 404 Not >> Found NoSuchBucket >> >> Hmm - using swift to list containers shows: >> >> $ swift list >> /container0 >> demo-bucket0 >> >> So a new bucket has been created, but note a leading '/' has been added >> to the name. Now retrying my simple s3 list gets: >> >> /container0 2014-10-08T05:02:19.000Z >> Traceback (most recent call last): >> File "./s3-test-ls.py", line 24, in <module> >> for key in bucket.list(): >> File >> "/usr/lib/python2.7/dist-packages/boto/s3/bucketlistresultset.py", line >> 30, in bucket_lister >> delimiter=delimiter, headers=headers) >> File "/usr/lib/python2.7/dist-packages/boto/s3/bucket.py", line 392, >> in get_all_keys >> '', headers, **params) >> File "/usr/lib/python2.7/dist-packages/boto/s3/bucket.py", line 343, >> in _get_all >> response.status, response.reason, body) >> boto.exception.S3ResponseError: S3ResponseError: 404 Not Found >> <?xml version="1.0" >> encoding="UTF-8"?><Error><Code>NoSuchBucket</Code></Error> >> >> >> I'm guessing the leading '/' is the culprit. >> >> > > Well it certainly is. I wondered if the issue might be the apache2 fastcgi > modules, so replaced it with the ceph one from > http://gitbuilder.ceph.com/libapache-mod-fastcgi-deb- > trusty-x86_64-basic/ref/master/ . No difference. > > The light dawned. My swift endpoint urls all have trailing '/' on them, > viz: > > | d7a8338dd5684f5d8dfde406b0780462 | RegionOne | http://ceph4/swift/v1/ > | http://ceph4/swift/v1/ | > http://ceph4/swift/v1/ | c2d4550d71e94a6a966af810c9ad0568 | > > Changing to: > > | d7a8338dd5684f5d8dfde406b0780462 | RegionOne | http://ceph4/swift/v1 > | http://ceph4/swift/v1 | > http://ceph4/swift/v1 | c2d4550d71e94a6a966af810c9ad0568 | > > > ...and redoing a swift upload: > $ swift upload container1 stackrc > stackrc > $ swift list > /container0 > container1 > > Excellent, how about listing the container: > > $ swift list container1 > stackrc > > Ok, so looking good now. Checking the current docs > http://docs.ceph.com/docs/master/radosgw/keystone/ they do *not* have the > trailing '/'s, so unless I was looking at some older ones that *did* have > 'em ...I managed to typo the url's myself. Hmm. Unfortunate. > > Regards > > Mark > > > _______________________________________________ > ceph-users mailing list > ceph-users@lists.ceph.com > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com > -- .- <O> -. .-====-. ,-------. .-=<>=-. /_-\'''/-_\ / / '' \ \ |,-----.| /__----__\ |/ o) (o \| | | ')(' | | /,'-----'.\ |/ (')(') \| \ ._. / \ \ / / {_/(') (')\_} \ __ / ,>-_,,,_-<. >'=jf='< `. _ .' ,'--__--'. / . \ / \ /'-___-'\ / :| \ (_) . (_) / \ / \ (_) :| (_) \_-----'____--/ (_) (_) (_)_______(_) |___:|____| \___________/ |________| \_______/ |_________| Thanks and Regards Ashish Chandra Openstack Developer, Cloud Engineering Reliance Jio
_______________________________________________ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
