Re: [I] Ceph RADOS-GW object storage plugin issue [cloudstack]

Thu, 09 Oct 2025 08:57:09 -0700 


levindecaro commented on issue #9641:
URL: https://github.com/apache/cloudstack/issues/9641#issuecomment-3386449318

   @wido 
   
   I managed to workaround it with haproxy, here is the configuration which 
will allow ACS object storage browser UI operate with Ceph RGW.
   
   
   ```
   global
     log 127.0.0.1 local2
     lua-load /etc/haproxy/cors.lua ## from 
https://github.com/haproxytech/haproxy-lua-cors
     chroot /var/lib/haproxy
     pidfile /var/run/haproxy.pid
     maxconn 4000
     user haproxy
     group haproxy
     daemon
     stats socket /var/lib/haproxy/stats
     ssl-default-bind-ciphers PROFILE=SYSTEM
     ssl-default-server-ciphers PROFILE=SYSTEM
     tune.bufsize 32768
     tune.maxrewrite 2048
   
   defaults
     mode http
     log global
     option httplog
     option dontlognull
     option http-server-close
     option forwardfor except 127.0.0.0/8
     option redispatch
     retries 3
     timeout http-request 10s
     timeout queue 1m
     timeout connect 10s
     timeout client 1m
     timeout server 1m
     timeout http-keep-alive 10s
     timeout check 10s
     maxconn 30000
   
   frontend https-in
     mode http
     bind 0.0.0.0:443 ssl crt /etc/haproxy/server.pem
     default_backend rgw-server-9443
     capture request header Origin len 128
     acl acs_origin req.hdr(Origin) -m str https://portal.acs.example.com
     http-request lua.cors "*" ".example.com" "*"  if acs_origin
     use_backend rgw-server-9443-origin if acs_origin
   
   backend rgw-server-9443
     balance roundrobin
     mode http
     server apac-1a-sds-node-0 apac-1a-sds-node-0:9443 check ssl verify none
     server apac-1a-sds-node-1 apac-1a-sds-node-1:9443 check ssl verify none
     server apac-1a-sds-node-2 apac-1a-sds-node-2:9443 check ssl verify none
     server apac-1a-sds-node-3 apac-1a-sds-node-3:9443 check ssl verify none
   
   backend rgw-server-9443-origin
     balance roundrobin
     mode http
     http-response lua.cors
     server apac-1a-sds-node-0 apac-1a-sds-node-0:9443 check ssl verify none
     server apac-1a-sds-node-1 apac-1a-sds-node-1:9443 check ssl verify none
     server apac-1a-sds-node-2 apac-1a-sds-node-2:9443 check ssl verify none
     server apac-1a-sds-node-3 apac-1a-sds-node-3:9443 check ssl verify none
   ``` 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to