At the moment radosgw just doesn't support v3 (so it seems). I created issue #13303. If anyone wants to pick this up (or provide some information as to what it would require to support that) it would be great.
Thanks, Yehuda On Wed, Sep 30, 2015 at 3:32 AM, Robert Duncan <robert.dun...@ncirl.ie> wrote: > Yes, but it always results in 401 from horizon and cli > > swift --debug --os-auth-url http://172.25.60.2:5000/v3 --os-username ldapuser > --os-user-domain-name ldapdomain --os-project-name someproject > --os-project-domain-name ldapdomain --os-password password123 -V 3 post > containerV3 > DEBUG:keystoneclient.auth.identity.v3:Making authentication request to > http://172.25.60.2:5000/v3/auth/tokens > INFO:urllib3.connectionpool:Starting new HTTP connection (1): 172.25.60.2 > DEBUG:urllib3.connectionpool:Setting read timeout to None > DEBUG:urllib3.connectionpool:"POST /v3/auth/tokens HTTP/1.1" 201 8366 > DEBUG:iso8601.iso8601:Parsed 2015-09-30T11:20:46.053177Z into {'tz_sign': > None, 'second_fraction': u'053177', 'hour': u'11', 'daydash': u'30', > 'tz_hour': None, 'month': None, 'timezone': u'Z', 'second': u'46', > 'tz_minute': None, 'year': u'2015', 'separator': u'T', 'monthdash': u'09', > 'day': None, 'minute': u'20'} with default timezone <iso8601.iso8601.Utc > object at 0x1736f50> > DEBUG:iso8601.iso8601:Got u'2015' for 'year' with default None > DEBUG:iso8601.iso8601:Got u'09' for 'monthdash' with default None > DEBUG:iso8601.iso8601:Got 9 for 'month' with default 9 > DEBUG:iso8601.iso8601:Got u'30' for 'daydash' with default None > DEBUG:iso8601.iso8601:Got 30 for 'day' with default 30 > DEBUG:iso8601.iso8601:Got u'11' for 'hour' with default None > DEBUG:iso8601.iso8601:Got u'20' for 'minute' with default None > DEBUG:iso8601.iso8601:Got u'46' for 'second' with default None > INFO:urllib3.connectionpool:Starting new HTTP connection (1): 172.25.60.2 > DEBUG:urllib3.connectionpool:Setting read timeout to <object object at > 0x7f193dc590b0> > DEBUG:urllib3.connectionpool:"POST /swift/v1/containerV3 HTTP/1.1" 401 None > INFO:swiftclient:REQ: curl -i http://172.25.60.2:8080/swift/v1/containerV3 -X > POST -H "Content-Length: 0" -H "X-Auth-Token: > 30fd924774bf480d8814c61c7fdf128e" > INFO:swiftclient:RESP STATUS: 401 Unauthorized > INFO:swiftclient:RESP HEADERS: [('content-encoding', 'gzip'), > ('transfer-encoding', 'chunked'), ('accept-ranges', 'bytes'), ('vary', > 'Accept-Encoding'), ('server', 'Apache/2.2.15 (CentOS)'), ('date', 'Wed, 30 > Sep 2015 10:20:46 GMT'), ('content-type', 'text/plain; charset=utf-8')] > INFO:swiftclient:RESP BODY: AccessDenied > > DEBUG:keystoneclient.auth.identity.v3:Making authentication request to > http://172.25.60.2:5000/v3/auth/tokens > INFO:urllib3.connectionpool:Starting new HTTP connection (1): 172.25.60.2 > DEBUG:urllib3.connectionpool:Setting read timeout to None > DEBUG:urllib3.connectionpool:"POST /v3/auth/tokens HTTP/1.1" 201 8366 > DEBUG:iso8601.iso8601:Parsed 2015-09-30T11:20:47.839422Z into {'tz_sign': > None, 'second_fraction': u'839422', 'hour': u'11', 'daydash': u'30', > 'tz_hour': None, 'month': None, 'timezone': u'Z', 'second': u'47', > 'tz_minute': None, 'year': u'2015', 'separator': u'T', 'monthdash': u'09', > 'day': None, 'minute': u'20'} with default timezone <iso8601.iso8601.Utc > object at 0x1736f50> > DEBUG:iso8601.iso8601:Got u'2015' for 'year' with default None > DEBUG:iso8601.iso8601:Got u'09' for 'monthdash' with default None > DEBUG:iso8601.iso8601:Got 9 for 'month' with default 9 > DEBUG:iso8601.iso8601:Got u'30' for 'daydash' with default None > DEBUG:iso8601.iso8601:Got 30 for 'day' with default 30 > DEBUG:iso8601.iso8601:Got u'11' for 'hour' with default None > DEBUG:iso8601.iso8601:Got u'20' for 'minute' with default None > DEBUG:iso8601.iso8601:Got u'47' for 'second' with default None > INFO:urllib3.connectionpool:Starting new HTTP connection (1): 172.25.60.2 > DEBUG:urllib3.connectionpool:Setting read timeout to <object object at > 0x7f193dc590b0> > DEBUG:urllib3.connectionpool:"POST /swift/v1/containerV3 HTTP/1.1" 401 None > INFO:swiftclient:REQ: curl -i http://172.25.60.2:8080/swift/v1/containerV3 -X > POST -H "Content-Length: 0" -H "X-Auth-Token: > fc7bb4a07baf41058546d8a85b2cd2b8" > INFO:swiftclient:RESP STATUS: 401 Unauthorized > INFO:swiftclient:RESP HEADERS: [('content-encoding', 'gzip'), > ('transfer-encoding', 'chunked'), ('accept-ranges', 'bytes'), ('vary', > 'Accept-Encoding'), ('server', 'Apache/2.2.15 (CentOS)'), ('date', 'Wed, 30 > Sep 2015 10:20:47 GMT'), ('content-type', 'text/plain; charset=utf-8')] > INFO:swiftclient:RESP BODY: AccessDenied > > ERROR:swiftclient:Container POST failed: > http://172.25.60.2:8080/swift/v1/containerV3 401 Unauthorized AccessDenied > Traceback (most recent call last): > File "/usr/lib/python2.6/site-packages/swiftclient/client.py", line 1243, > in _retry > rv = func(self.url, self.token, *args, **kwargs) > File "/usr/lib/python2.6/site-packages/swiftclient/client.py", line 771, in > post_container > http_response_content=body) > ClientException: Container POST failed: > http://172.25.60.2:8080/swift/v1/containerV3 401 Unauthorized AccessDenied > > > Niothing in the keystone log except > 2015-09-30 10:30:15.598 28751 WARNING keystone.common.wsgi [-] Authorization > failed. Non-default domain is not supported > > Thanks, > Rob. > > -----Original Message----- > From: Shinobu Kinjo [mailto:ski...@redhat.com] > Sent: 30 September 2015 04:47 > To: Robert Duncan > Cc: ceph-users@lists.ceph.com > Subject: Re: [ceph-users] radosgw and keystone version 3 domains > > Hello, > > Thank!! > Anyhow have you ever tried to access to swift object using v3? > > Shinobu > > ----- Original Message ----- > From: "Robert Duncan" <robert.dun...@ncirl.ie> > To: "Shinobu Kinjo" <ski...@redhat.com>, ceph-users@lists.ceph.com > Sent: Tuesday, September 29, 2015 8:48:57 PM > Subject: Re: [ceph-users] radosgw and keystone version 3 domains > > Hi Shinobu, > > My keystone version is > 2014.2.2 > > Thanks again. > Rob. > ________________________________ > The information contained and transmitted in this e-mail is confidential > information, and is intended only for the named recipient to which it is > addressed. The content of this e-mail may not have been sent with the > authority of National College of Ireland. Any views or opinions presented are > solely those of the author and do not necessarily represent those of National > College of Ireland. If the reader of this message is not the named recipient > or a person responsible for delivering it to the named recipient, you are > notified that the review, dissemination, distribution, transmission, printing > or copying, forwarding, or any other use of this message or any part of it, > including any attachments, is strictly prohibited. If you have received this > communication in error, please delete the e-mail and destroy all record of > this communication. Thank you for your assistance. > ________________________________ > _______________________________________________ > ceph-users mailing list > ceph-users@lists.ceph.com > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com _______________________________________________ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
