Re: [ceph-users] Creating a bucket failed

Cedric Lemarchand Mon, 28 Apr 2014 15:13:27 -0700

Hello,

Le 28/04/2014 23:29, Seowon Jung a écrit :
> Thank you so much for your quick reply.  I created a subuser for
> Swift, but it got the authorization error.  Is it related to the same
> problem?
In the way bucket access via subdomain is specific to S3 and you are now
using Swift, I don't think so.
> $ swift --verbose  -V 1.0 -A http://lab0.coe.hawaii.edu/auth -U
> admin:swift -K RnelTPTJGc4rt6LlRjF4AnxfJhrLvu4J6+PTUl+s post test
> Container PUT failed: http://lab0.coe.hawaii.edu:80/swift/v1/test 401
> Authorization Required   AccessDenied
I would first try to check if the subuser has rights to create a bucket.
("permissions" field)


Cheers

> Thank you!
>
> --
> Seowon Jung
> Systems Administrator
>
> College of Education
> University of Hawaii at Manoa
> (808) 956-7939
>
>
> On Mon, Apr 28, 2014 at 11:10 AM, Yehuda Sadeh <yeh...@inktank.com
> <mailto:yeh...@inktank.com>> wrote:
>
>     This could happen if your client is uses the bucket through
>     subdomain scheme, but the rgw is not resolving it correctly
>     (either rgw_dns_name is misconfigured, or you were accessing it
>     through different host name).
>
>     Yehuda
>
>
>     On Mon, Apr 28, 2014 at 2:02 PM, Seowon Jung <seo...@hawaii.edu
>     <mailto:seo...@hawaii.edu>> wrote:
>
>         Hello,
>
>         I've installed Ceph Emperor on my Ubuntu 12.04 server to test
>         many things.  Everything was pretty good so far, but now I got
>         a problem (403,  AccessDenied) when I try to create a bucket
>         through S3-compatible API.  Please read the following information.
>
>         *Client Information*
>         Computer: Ubuntu 12.04 64bit Desktop
>         S3 Client: Dragon Disk 1.05
>
>
>         *Server Information*
>         Server Hardware: 2 servers, 2 storage array (12 OSDs each,
>         total 24 OSDs)
>         OS: Ubuntu 12.04 64bit
>         Ceph: Emperor, Health OK, all OSDs UP
>
>
>         *Configurations:*
>
>         ceph.conf
>         [global]
>         fsid = 2606e43d-6ca3-4aeb-b760-507a97e06190
>         mon_initial_members = lab0, lab1
>         mon_host = 172.17.1.250,172.17.1.251
>         auth_cluster_required = cephx
>         auth_service_required = cephx
>         auth_client_required = cephx
>         filestore_xattr_use_omap = true
>         osd_max_attr_size = 655360
>         osd pool default size = 3
>         osd pool default min size = 1
>         osd pool default pg num = 800
>         osd pool default pgp num = 800
>
>         [client.radosgw.gateway]
>         host = lab0
>         keyring = /etc/ceph/keyring.radosgw.gateway
>         rgw socket path = /tmp/radosgw.sock
>         log file = /var/log/ceph/radosgw.log
>         rgw data = /var/lib/ceph/radosgw
>         rgw dns name = lab0.coe.hawaii.edu <http://lab0.coe.hawaii.edu>
>         rgw print continue = false
>
>
>         Apache
>         /etc/apache2/sites-enabled/rgw
>         <VirtualHost *:80>
>             FastCgiExternalServer /var/www/s3gw.fcgi -socket
>         /tmp/radosgw.sock
>             ServerName  lab0.coe.hawaii.edu <http://lab0.coe.hawaii.edu>
>             ServerAdmin webmaster@localhost
>             DocumentRoot /var/www
>
>             RewriteEngine On
>             RewriteRule ^/([a-zA-Z0-9-_.]*)([/]?.*)
>         /s3gw.fcgi?page=$1&params=$2&%{QUERY_STRING}
>         [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
>
>             <IfModule mod_fastcgi.c>
>                 <Directory /var/www/>
>                     Options +ExecCGI
>                     AllowOverride All
>                     SetHandler fastcgi-script
>                     Order allow,deny
>                     allow from all
>                     AuthBasicAuthoritative Off
>                 </Directory>
>             </IfModule>
>
>             AllowEncodedSlashes On
>             ErrorLog ${APACHE_LOG_DIR}/error.log
>             CustomLog ${APACHE_LOG_DIR}/access.log combined
>             ServerSignature Off
>         </VirtualHost>
>
>
>         User Info:
>         # radosgw-admin user info --uid=admin
>         { "user_id": "admin",
>           "display_name": "Admin",
>           "email": "",
>           "suspended": 0,
>           "max_buckets": 1000,
>           "auid": 0,
>           "subusers": [],
>           "keys": [
>                 { "user": "admin",
>                   "access_key": "A3R0CEF3140MLIZIXN4X",
>                   "secret_key":
>         "K8TRyfK8ArRjGRnSRvd4N5gY4TdeK1wK\/1iGCcGO"}],
>           "swift_keys": [],
>           "caps": [],
>           "op_mask": "read, write, delete",
>           "default_placement": "",
>           "placement_tags": [],
>           "bucket_quota": { "enabled": false,
>               "max_size_kb": -1,
>               "max_objects": -1}}
>
>
>         /var/log/ceph/radosgw.log:
>         2014-04-28 10:44:42.206681 7fc9b9feb700 15 calculated
>         digest=6JGkEimcy2pBN3Ty6mfYh6SudcA=
>         2014-04-28 10:44:42.206685 7fc9b9feb700 15
>         auth_sign=6JGkEimcy2pBN3Ty6mfYh6SudcA=
>         2014-04-28 10:44:42.206686 7fc9b9feb700 15 compare=0
>         2014-04-28 10:44:42.206691 7fc9b9feb700  2 req
>         20:0.000456:s3:PUT /:create_bucket:reading permissions
>         2014-04-28 10:44:42.206697 7fc9b9feb700  2 req
>         20:0.000463:s3:PUT /:create_bucket:init op
>         2014-04-28 10:44:42.206701 7fc9b9feb700  2 req
>         20:0.000467:s3:PUT /:create_bucket:verifying op mask
>         2014-04-28 10:44:42.206704 7fc9b9feb700 20 required_mask= 2
>         user.op_mask=7
>         2014-04-28 10:44:42.206706 7fc9b9feb700  2 req
>         20:0.000472:s3:PUT /:create_bucket:verifying op permissions
>         2014-04-28 10:44:42.209718 7fc9b9feb700  2 req
>         20:0.003483:s3:PUT /:create_bucket:verifying op params
>         2014-04-28 10:44:42.209742 7fc9b9feb700  2 req
>         20:0.003508:s3:PUT /:create_bucket:executing
>         2014-04-28 10:44:42.209776 7fc9b9feb700 20 get_obj_state:
>         rctx=0x7fc928009bd0 obj=.rgw:test state=0x7fc92800cfd8
>         s->prefetch_data=0
>         2014-04-28 10:44:42.209790 7fc9b9feb700 10 moving .rgw+test to
>         cache LRU end
>         2014-04-28 10:44:42.209793 7fc9b9feb700 10 cache get:
>         name=.rgw+test : type miss (requested=22, cached=0)
>         2014-04-28 10:44:42.211397 7fc9b9feb700 10 cache put:
>         name=.rgw+test
>         2014-04-28 10:44:42.211417 7fc9b9feb700 10 moving .rgw+test to
>         cache LRU end
>         2014-04-28 10:44:42.212563 7fc9b9feb700 20 rgw_create_bucket
>         returned ret=-1
>         bucket=test(@{i=.rgw.buckets.index}.rgw.buckets[default.5154.9])
>         2014-04-28 10:44:42.212629 7fc9b9feb700  2 req
>         20:0.006394:s3:PUT /:create_bucket:http status=403
>         2014-04-28 10:44:42.212749 7fc9b9feb700  1 ====== req done
>         req=0x1f20f30 http_status=403 ======
>
>
>         I tried to use the secret key
>         both K8TRyfK8ArRjGRnSRvd4N5gY4TdeK1wK\/1iGCcGO
>         and K8TRyfK8ArRjGRnSRvd4N5gY4TdeK1wK/1iGCcGO
>
>         Thank you for your help!
>         Seowon
>
>         --
>         Seowon Jung
>         Systems Administrator
>
>         College of Education
>         University of Hawaii at Manoa
>         (808) 956-7939 <tel:%28808%29%20956-7939>
>
>         _______________________________________________
>         ceph-users mailing list
>         ceph-users@lists.ceph.com <mailto:ceph-users@lists.ceph.com>
>         http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>
>
>
>
>
> _______________________________________________
> ceph-users mailing list
> ceph-users@lists.ceph.com
> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com

-- 
Cédric

_______________________________________________
ceph-users mailing list
ceph-users@lists.ceph.com
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com

Re: [ceph-users] Creating a bucket failed

Reply via email to