Chapter 2. Configuring OpenStack’s Keystone for the Ceph Object Gateway

As a storage administrator, you can use OpenStack’s Keystone authentication service to authenticate users through the Ceph Object Gateway. Before you can configure the Ceph Object Gateway, you must configure Keystone which will enable the Swift service and point to the Ceph Object Gateway.

2.1. Prerequisites

A running Red Hat OpenStack Platform 13, 15, or 16 environment.
A running Red Hat Ceph Storage environment.
A running Ceph Object Gateway environment.

2.2. Creating the Swift service

Before configuring the Ceph Object Gateway, configure Keystone so that the Swift service is enabled and pointing to the Ceph Object Gateway.

Prerequisites

A running Red Hat Ceph Storage cluster.
Access to the Ceph software repository.
Root-level access to OpenStack controller node.

Procedure

Create the Swift service:

[root@swift~]# openstack service create --name=swift --description="Swift Service" object-store

Creating the service will echo the service settings.

Table 2.1. Example
Field	Value
description	Swift Service
enabled	True
id	37c4c0e79571404cb4644201a4a6e5ee
name	swift
type	object-store

2.3. Setting the Ceph Object Gateway endpoints

After creating the Swift service, point the service to a Ceph Object Gateway.

Prerequisites

A running Red Hat Ceph Storage cluster.
Access to the Ceph software repository.
A running Swift service on a Red Hat OpenStack Platform 13, 15, or 16 environment.

Procedure

Create the OpenStack endpoints pointing to the Ceph Object Gateway:

Syntax

openstack endpoint create --region REGION_NAME swift admin "URL"
openstack endpoint create --region REGION_NAME swift public "URL"
openstack endpoint create --region REGION_NAME swift internal "URL"

Replace REGION_NAME with the name of the gateway’s zone group name or region name. Replace URL with URLs appropriate for the Ceph Object Gateway.

Example

[root@osp ~]# openstack endpoint create --region us-west swift admin "http://radosgw.example.com:8080/swift/v1"
[root@osp ~]# openstack endpoint create --region us-west swift public "http://radosgw.example.com:8080/swift/v1"
[root@osp ~]# openstack endpoint create --region us-west swift internal "http://radosgw.example.com:8080/swift/v1"

Field	Value
adminurl	`http://radosgw.example.com:8080/swift/v1`
id	`e4249d2b60e44743a67b5e5b38c18dd3`
internalurl	`http://radosgw.example.com:8080/swift/v1`
publicurl	`http://radosgw.example.com:8080/swift/v1`
region	`us-west`
service_id	`37c4c0e79571404cb4644201a4a6e5ee`
service_name	`swift`
service_type	`object-store`

Setting the endpoints will output the service endpoint settings.

2.4. Verifying Openstack is using the Ceph Object Gateway endpoints

After creating the Swift service and setting the endpoints, show the endpoints to ensure that all settings are correct.

Prerequisites

A running Red Hat Ceph Storage cluster.
Access to the Ceph software repository.

Procedure

Verify settings in the configuration file:

[root@swift~]# openstack endpoint show object-store

Showing the endpoints will echo the endpoints settings, and the service settings.

Table 2.2. Example
Field	Value
adminurl	http://radosgw.example.com:8080/swift/v1
enabled	True
id	e4249d2b60e44743a67b5e5b38c18dd3
internalurl	http://radosgw.example.com:8080/swift/v1
publicurl	http://radosgw.example.com:8080/swift/v1
region	us-west
service_id	37c4c0e79571404cb4644201a4a6e5ee
service_name	swift
service_type	object-store

Chapter 2. Configuring OpenStack’s Keystone for the Ceph Object Gateway

2.1. Prerequisites

2.2. Creating the Swift service

2.3. Setting the Ceph Object Gateway endpoints

2.4. Verifying Openstack is using the Ceph Object Gateway endpoints

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

Making open source more inclusive

About Red Hat

Red Hat legal and privacy links

Red Hat legal and privacy links