Ceph Tentacle : Ceph Object Gateway2026/04/27 |
|
Enable Ceph Object Gateway (RADOSGW) to access to Ceph Cluster Storage via Amazon S3 or OpenStack Swift compatible API.
|
+--------------------+ | +----------------------+
| [dlp.srv.world] |10.0.0.30 | 10.0.0.31| [www.srv.world] |
| Ceph Client +-----------+-----------+ RADOSGW |
| | | | |
+--------------------+ | +----------------------+
+----------------------------+----------------------------+
| | |
|10.0.0.51 |10.0.0.52 |10.0.0.53
+-----------+-----------+ +-----------+-----------+ +-----------+-----------+
| [node01.srv.world] | | [node02.srv.world] | | [node03.srv.world] |
| Object Storage +----+ Object Storage +----+ Object Storage |
| Monitor Daemon | | | | |
| Manager Daemon | | | | |
+-----------------------+ +-----------------------+ +-----------------------+
|
| [1] | Transfer required files to RADOSGW Node and Configure it from Admin Node. |
|
# transfer public key root@node01:~# ssh-copy-id www # install required packages root@node01:~# ssh www "apt -y install radosgw"
root@node01:~#
vi /etc/ceph/ceph.conf # add to last line # client.rgw.(Node Name) [client.rgw.www] # IP address of the Node host = 10.0.0.31 # DNS name rgw dns name = www.srv.world keyring = /var/lib/ceph/radosgw/ceph-rgw.www/keyring log file = /var/log/ceph/radosgw.gateway.log # transfer files root@node01:~# scp /etc/ceph/ceph.conf www:/etc/ceph/ ceph.conf 100% 435 179.5KB/s 00:00root@node01:~# scp /etc/ceph/ceph.client.admin.keyring www:/etc/ceph/ ceph.client.admin.keyring 100% 151 84.2KB/s 00:00 # configure RADOSGW
root@node01:~# ssh www \
"mkdir -p /var/lib/ceph/radosgw/ceph-rgw.www; \
ceph auth get-or-create client.rgw.www osd 'allow rwx' mon 'allow rw' -o /var/lib/ceph/radosgw/ceph-rgw.www/keyring; \
chown ceph:ceph /etc/ceph/ceph.*; \
chown -R ceph:ceph /var/lib/ceph/radosgw; \
systemctl enable --now ceph-radosgw@rgw.www"
# if UFW is enabled, allow service port root@node01:~# ssh www "ufw allow 7480/tcp" # verify status # that's OK if following answers shown root@node01:~# curl www.srv.world:7480 <?xml version="1.0" encoding="UTF-8"?><ListAllMyBucketsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Owner><ID>anonymous</ID><DisplayName></DisplayName></Owner><Buckets></Buckets></ListAllMyBucketsResult> |
| [2] | On Object Gateway Node, Create a S3 compatible user who can authenticate to Object Gateway. |
|
# for example, create [serverworld] user root@www:~# radosgw-admin user create --uid=serverworld --display-name="Server World" --email=admin@srv.world
{
"user_id": "serverworld",
"display_name": "Server World",
"email": "admin@srv.world",
"suspended": 0,
"max_buckets": 1000,
"subusers": [],
"keys": [
{
"user": "serverworld",
"access_key": "HQVQDR6NWF2Y46EFFDN8",
"secret_key": "vO3QCsrRFZKK0O3n5JTGk7wuIMx5uS0nqYVtj6Mc",
"active": true,
"create_date": "2026-04-27T02:25:59.134391Z"
}
],
"swift_keys": [],
"caps": [],
"op_mask": "read, write, delete",
"default_placement": "",
"default_storage_class": "",
"placement_tags": [],
"bucket_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
},
"user_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
},
"temp_url_keys": [],
"type": "rgw",
"mfa_ids": [],
"account_id": "",
"path": "/",
"create_date": "2026-04-27T02:25:59.134168Z",
"tags": [],
"group_ids": []
}
# show user list root@www:~# radosgw-admin user list
[
"serverworld"
]
root@www:~# radosgw-admin user info --uid=serverworld
{
"user_id": "serverworld",
"display_name": "Server World",
"email": "admin@srv.world",
"suspended": 0,
"max_buckets": 1000,
"subusers": [],
"keys": [
{
"user": "serverworld",
"access_key": "HQVQDR6NWF2Y46EFFDN8",
"secret_key": "vO3QCsrRFZKK0O3n5JTGk7wuIMx5uS0nqYVtj6Mc",
"active": true,
"create_date": "2026-04-27T02:25:59.134391Z"
}
],
.....
.....
|
| [3] | Create a Python test script on any computer/user and verify that it is accessible via the S3 interface. |
|
ubuntu@dlp:~$
pip3 install boto3
ubuntu@dlp:~$
vi s3_test.py import sys import boto3 from botocore.config import Config # user's access-key and secret-key you added on [2] section session = boto3.session.Session( aws_access_key_id = 'HQVQDR6NWF2Y46EFFDN8', aws_secret_access_key = 'vO3QCsrRFZKK0O3n5JTGk7wuIMx5uS0nqYVtj6Mc' ) # Object Gateway URL s3client = session.client( 's3', endpoint_url = 'http://10.0.0.31:7480', config = Config() ) # create [my-new-bucket] bucket = s3client.create_bucket(Bucket = 'my-new-bucket') # list Buckets print(s3client.list_buckets()) # remove [my-new-bucket] s3client.delete_bucket(Bucket = 'my-new-bucket') python3 s3_test.py
{'ResponseMetadata': {'RequestId': 'tx00000ac40148215073173-0069eeca79-14244-default', 'HostId': '', 'HTTPStatusCode': 200, 'HTTPHeaders': {'transfer-encoding': 'chunked', 'x-amz-request-id': 'tx00000ac40148215073173-0069eeca79-14244-default', 'content-type': 'application/xml', 'server': 'Ceph Object Gateway (tentacle)', 'date': 'Mon, 27 Apr 2026 02:31:21 GMT', 'connection': 'Keep-Alive'}, 'RetryAttempts': 0}, 'Buckets': [{'Name': 'my-new-bucket', 'CreationDate': datetime.datetime(2026, 4, 27, 2, 31, 19, 222000, tzinfo=tzlocal())}], 'Owner': {'DisplayName': 'Server World', 'ID': 'serverworld'}}
|
| Sponsored Link |
|
|