Hi, I'm just deployed the ceph object gateway as an object storage in OpenStack. I've followed this doc to achieve the integration with Keystone:
http://docs.ceph.com/docs/master/radosgw/keystone/ "It is possible to integrate the Ceph Object Gateway with Keystone, the OpenStack identity service. This sets up the gateway to accept Keystone as the users authority. A user that Keystone authorizes to access the gateway will also be automatically created on the Ceph Object Gateway (if didn’t exist beforehand). A token that Keystone validates will be considered as valid by the gateway." According to it, I was expecting that the keystone user was created in radosgw when it was authorized by a keystone token, but instead, what is created is the tenant id of the project that the user uses to manage his objects. # radosgw-admin user stats --uid=db4d25b13eaa4645a180f564b3817e1c { "stats": { "total_entries": 1, "total_bytes": 24546, "total_bytes_rounded": 24576}, "last_stats_sync": "2015-09-25 12:09:12.795775Z", "last_stats_update": "2015-09-28 11:58:43.422859Z"} Being that "db4d25b13eaa4645a180f564b3817e1c" is the project id I'm using. Is this the expected behavior and the doc pointed me in the wrong direction or I misconfigured something? Really, I prefer this behavior, because in this way I can set quotas on a project basis without worrying about the users, but I would like to know if the integration is Ok. My rados setup: [client.radosgw.gateway] host = hostname keyring = /etc/ceph/ceph.client.radosgw.keyring rgw socket path = "" log file = /var/log/radosgw/client.radosgw.gateway.log rgw frontends = fastcgi socket_port=9000 socket_host=0.0.0.0 rgw print continue = false rgw keystone url = http://keystone_host:5000 rgw keystone admin token = _____________________ rgw keystone accepted roles = _member_, Member, admin rgw s3 auth use keystone = true nss db path = /var/ceph/nss Ceph FireFly 0.80.10 OpenStack Juno SO: Ubuntu 14.04 Best regards, Xabier
_______________________________________________ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
