Red Hat Summit이 콘텐츠는 선택한 언어로 제공되지 않습니다.
Chapter 3. Using The Gateway
To use the REST interfaces, first create an initial Ceph Object Gateway user for the S3 interface. Then, create a subuser for the Swift interface. You then need to verify if the created users are able to access the gateway.
3.1. Create a radosgw user for S3 access
A radosgw user needs to be created and granted access. The command man radosgw-admin will provide information on additional command options.
To create the user, execute the following on the gateway host:
sudo radosgw-admin user create --uid="testuser" --display-name="First User"
sudo radosgw-admin user create --uid="testuser" --display-name="First User"The output of the command will be something like the following:
The values of keys->access_key and keys->secret_key are needed for access validation.
3.2. Create a Swift user
A Swift subuser needs to be created if this kind of access is needed. Creating a Swift user is a two step process. The first step is to create the user. The second is to create the secret key. Execute the following steps on the gateway host.
Create the Swift user:
sudo radosgw-admin subuser create --uid=testuser --subuser=testuser:swift --access=full
sudo radosgw-admin subuser create --uid=testuser --subuser=testuser:swift --access=fullCopy to Clipboard Copied! Toggle word wrap Toggle overflow The output will be something like the following:
Copy to Clipboard Copied! Toggle word wrap Toggle overflow Create the secret key:
sudo radosgw-admin key create --subuser=testuser:swift --key-type=swift --gen-secret
sudo radosgw-admin key create --subuser=testuser:swift --key-type=swift --gen-secretCopy to Clipboard Copied! Toggle word wrap Toggle overflow The output will be something like the following:
Copy to Clipboard Copied! Toggle word wrap Toggle overflow
3.3. Access Verification
3.3.1. Test S3 access
You need to write and run a Python test script for verifying S3 access. The S3 access test script will connect to the radosgw, create a new bucket and list all buckets. The values for aws_access_key_id and aws_secret_access_key are taken from the values of access_key and secret_key returned by the radosgw_admin command.
Execute the following steps:
You will need to install the
python-botopackage.sudo yum install python-boto
sudo yum install python-botoCopy to Clipboard Copied! Toggle word wrap Toggle overflow Create the Python script:
vi s3test.py
vi s3test.pyCopy to Clipboard Copied! Toggle word wrap Toggle overflow Add the following contents to the file:
Copy to Clipboard Copied! Toggle word wrap Toggle overflow Replace
{hostname}with the hostname of the host where you have configured the gateway service i.e, thegateway host.Run the script:
python s3test.py
python s3test.pyCopy to Clipboard Copied! Toggle word wrap Toggle overflow The output will be something like the following:
my-new-bucket 2015-02-16T17:09:10.000Z
my-new-bucket 2015-02-16T17:09:10.000ZCopy to Clipboard Copied! Toggle word wrap Toggle overflow
3.3.2. Test swift access
Swift access can be verified via the swift command line client. The command man swift will provide more information on available command line options.
To install swift client, execute the following:
sudo yum install python-setuptools sudo easy_install pip sudo pip install --upgrade setuptools sudo pip install --upgrade python-swiftclient
sudo yum install python-setuptools
sudo easy_install pip
sudo pip install --upgrade setuptools
sudo pip install --upgrade python-swiftclientTo test swift access, execute the following:
swift -A http://{IP ADDRESS}/auth/1.0 -U testuser:swift -K '{swift_secret_key}' list
swift -A http://{IP ADDRESS}/auth/1.0 -U testuser:swift -K '{swift_secret_key}' list
Replace {IP ADDRESS} with the public IP address of the gateway server and {swift_secret_key} with its value from the output of radosgw-admin key create command executed for the swift user.
For example:
swift -A http://10.19.143.116/auth/1.0 -U testuser:swift -K '244+fz2gSqoHwR3lYtSbIyomyPHf3i7rgSJrF/IA' list
swift -A http://10.19.143.116/auth/1.0 -U testuser:swift -K '244+fz2gSqoHwR3lYtSbIyomyPHf3i7rgSJrF/IA' listThe output should be:
my-new-bucket
my-new-bucket
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}