CentOS 7
Sponsored Link

Ceph Nautilus : Ceph Object Gateway2019/06/12

 
Enable Ceph Object Gateway (RADOSGW) to access to Ceph Cluster Storage via Amazon S3 or OpenStack Swift compatible API.
This example is based on the environment like follows.
                                         |
        +--------------------+           |           +----------------------+
        |   [dlp.srv.world]  |10.0.0.30  |  10.0.0.31|    [www.srv.world]   |
        |     Ceph Client    +-----------+-----------+        RADOSGW       |
        |                    |           |           |                      |
        +--------------------+           |           +----------------------+
            +----------------------------+----------------------------+
            |                            |                            |
            |10.0.0.51                   |10.0.0.52                   |10.0.0.53 
+-----------+-----------+    +-----------+-----------+    +-----------+-----------+
|   [node01.srv.world]  |    |   [node02.srv.world]  |    |   [node03.srv.world]  |
|     Object Storage    +----+     Object Storage    +----+     Object Storage    |
|     Monitor Daemon    |    |                       |    |                       |
|     Manager Daemon    |    |                       |    |                       |
+-----------------------+    +-----------------------+    +-----------------------+

[1] Transfer required files to RADOSGW Node and Configure it from Admin Node.
# transfer public key

[root@node01 ~]#
ssh-copy-id www

# install required packages

[root@node01 ~]#
ssh www "yum -y install centos-release-ceph-nautilus"

[root@node01 ~]#
ssh www "yum -y install ceph-radosgw"
[root@node01 ~]#
vi /etc/ceph/ceph.conf
# add to the end

# client.rgw.(Node Name)
[client.rgw.www]
# IP address of the Node
host = 10.0.0.31
# set listening port
rgw frontends = "civetweb port=8080"
# DNS name
rgw dns name = www.srv.world

# transfer files

[root@node01 ~]#
scp /etc/ceph/ceph.conf www:/etc/ceph/

ceph.conf                                     100%  195    98.1KB/s   00:00
[root@node01 ~]#
scp /etc/ceph/ceph.client.admin.keyring www:/etc/ceph/

ceph.client.admin.keyring                     100%  151    71.5KB/s   00:00

# configure RADOSGW

[root@node01 ~]# ssh www \
"mkdir -p /var/lib/ceph/radosgw/ceph-rgw.www; \
ceph auth get-or-create client.rgw.www osd 'allow rwx' mon 'allow rw' -o /var/lib/ceph/radosgw/ceph-rgw.www/keyring; \
chown ceph. /etc/ceph/ceph.*; \
chown -R ceph. /var/lib/ceph/radosgw; \
systemctl enable --now ceph-radosgw@rgw.www; \
firewall-cmd --add-port=8080/tcp --permanent; firewall-cmd --reload"

# verify status

# that's OK if following answers shown

[root@node01 ~]#
curl www.srv.world:8080

<?xml version="1.0" encoding="UTF-8"?><ListAllMyBucketsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Owner><ID>anonymous</ID><DisplayName></DisplayName></Owner><Buckets></Buckets></ListAllMyBucketsResult>
[2] On Object Gateway Node, Create a S3 compatible user who can authenticate to Object Gateway.
# for example, create [serverworld] user

[root@www ~]#
radosgw-admin user create --uid=serverworld --display-name="Server World" --email=admin@srv.world

{
    "user_id": "serverworld",
    "display_name": "Server World",
    "email": "admin@srv.world",
    "suspended": 0,
    "max_buckets": 1000,
    "subusers": [],
    "keys": [
        {
            "user": "serverworld",
            "access_key": "Q4UN7WX9M7UQOBUKY9X6",
            "secret_key": "GJX26V3T1hxeG2HxOilrnsma4Yc3xcfROhVdzTtU"
        }
    ],
    "swift_keys": [],
    "caps": [],
    "op_mask": "read, write, delete",
    "default_placement": "",
    "default_storage_class": "",
    "placement_tags": [],
    "bucket_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "user_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "temp_url_keys": [],
    "type": "rgw",
    "mfa_ids": []
}

# show user list

[root@www ~]#
radosgw-admin user list

[
    "serverworld"
]

[root@www ~]#
radosgw-admin user info --uid=serverworld

{
    "user_id": "serverworld",
    "display_name": "Server World",
    "email": "admin@srv.world",
    "suspended": 0,
    "max_buckets": 1000,
    "subusers": [],
    "keys": [
        {
            "user": "serverworld",
            "access_key": "Q4UN7WX9M7UQOBUKY9X6",
            "secret_key": "GJX26V3T1hxeG2HxOilrnsma4Yc3xcfROhVdzTtU"
        }
    ],
.....
.....
[3] Verify accessing with S3 interface to create Python test script on a Computer.
[root@dlp ~]#
yum -y install python-boto3
[root@dlp ~]#
vi s3_test.py
import sys
import boto3
from botocore.config import Config

# user's access-key and secret-key you added on [2] section
session = boto3.session.Session(
    aws_access_key_id = 'Q4UN7WX9M7UQOBUKY9X6',
    aws_secret_access_key = 'GJX26V3T1hxeG2HxOilrnsma4Yc3xcfROhVdzTtU'
)

# Object Gateway URL
s3client = session.client(
    's3',
    endpoint_url = 'http://10.0.0.31:8080',
    config = Config()
)

# create [my-new-bucket]
bucket = s3client.create_bucket(Bucket = 'my-new-bucket')

# list Buckets
print(s3client.list_buckets())

# remove [my-new-bucket]
s3client.delete_bucket(Bucket = 'my-new-bucket')

[root@dlp ~]#
python s3_test.py

{u'Owner': {u'DisplayName': 'Server World', u'ID': 'serverworld'}, u'Buckets': [{u'CreationDate': datetime.datetime(2021, 5, 25, 7, 43, 58, 569000, tzinfo=tzutc()), u'Name': 'my-new-bucket'}], 'ResponseMetadata': {'HTTPStatusCode': 200, 'RetryAttempts': 0, 'HostId': '', 'RequestId': 'tx000000000000000000004-0060acaac2-5eb0-default', 'HTTPHeaders': {'transfer-encoding': 'chunked', 'date': 'Tue, 25 May 2021 07:44:02 GMT', 'x-amz-request-id': 'tx000000000000000000004-0060acaac2-5eb0-default', 'content-type': 'application/xml'}}}
Matched Content