2.3. 创建管理用户
重要
要从 Ceph 对象网关节点运行 radosgw-admin 命令,请确保节点具有 admin 密钥。admin 密钥可以从任何 Ceph 监控节点复制。
先决条件
- Ceph 对象网关节点的根级别访问权限.
流程
创建对象网关用户:
语法
radosgw-admin user create --uid="USER_NAME" --display-name="DISPLAY_NAME"
示例
[user@client ~]$ radosgw-admin user create --uid="admin-api-user" --display-name="Admin API User"
radosgw-admin命令行界面将返回用户。输出示例
{ "user_id": "admin-api-user", "display_name": "Admin API User", "email": "", "suspended": 0, "max_buckets": 1000, "auid": 0, "subusers": [], "keys": [ { "user": "admin-api-user", "access_key": "NRWGT19TWMYOB1YDBV1Y", "secret_key": "gr1VEGIV7rxcP3xvXDFCo4UDwwl2YoNrmtRlIAty" } ], "swift_keys": [], "caps": [], "op_mask": "read, write, delete", "default_placement": "", "placement_tags": [], "bucket_quota": { "enabled": false, "max_size_kb": -1, "max_objects": -1 }, "user_quota": { "enabled": false, "max_size_kb": -1, "max_objects": -1 }, "temp_url_keys": [] }为您创建的用户分配管理功能:
语法
radosgw-admin caps add --uid="USER_NAME" --caps="users=*"示例
[user@client ~]$ radosgw-admin caps add --uid=admin-api-user --caps="users=*"
radosgw-admin命令行界面将返回用户。"caps":将具有您分配给用户的能力:输出示例
{ "user_id": "admin-api-user", "display_name": "Admin API User", "email": "", "suspended": 0, "max_buckets": 1000, "auid": 0, "subusers": [], "keys": [ { "user": "admin-api-user", "access_key": "NRWGT19TWMYOB1YDBV1Y", "secret_key": "gr1VEGIV7rxcP3xvXDFCo4UDwwl2YoNrmtRlIAty" } ], "swift_keys": [], "caps": [ { "type": "users", "perm": "*" } ], "op_mask": "read, write, delete", "default_placement": "", "placement_tags": [], "bucket_quota": { "enabled": false, "max_size_kb": -1, "max_objects": -1 }, "user_quota": { "enabled": false, "max_size_kb": -1, "max_objects": -1 }, "temp_url_keys": [] }现在您有具有管理特权的用户。
