Project

General

Profile

Feature #11039

ceph-deploy rgw {create,destroy} HOST [...]

Added by Sage Weil over 4 years ago. Updated over 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Target version:
Start date:
03/05/2015
Due date:
% Done:

0%

Source:
Development
Tags:
Backport:
Reviewed:
Affected Versions:

Description

create or destroy an rgw daemon instance. work just like mon or mds where we assume there is 1 per host and name it after the hostname. in this case, it can be client.rgw.$hostname and live in /var/lib/ceph/rgw/$cluster-$id (rgw.$hostname).

make a bootstrap key for creating the user, just like we do for osd and mds.

options:

--port <port>  [default: 7280]

History

#1 Updated by Sage Weil over 4 years ago

  • Tracker changed from Bug to Feature
  • Description updated (diff)

#2 Updated by Sage Weil over 4 years ago

ceph-deploy install --dev=wip-bootstrap-rgw ...

to get a build that includes a bootstrap-rgw key. they auth key creation should look something like this

        command_check_call(
            [
                'ceph',
                '--cluster', cluster,
                '--name', 'client.bootstrap-rgw',
                '--keyring', keyring,
                'auth', 'get-or-create', 'client.rgw.{id}'.format(id=hostname),
                'mon', 'allow r',
                'osd', 'allow rwx',
                ],
            )

#3 Updated by Travis Rhoden over 4 years ago

  • Target version set to 1.5.23

One question on this.

I do not currently see a wip-bootstrap-rgw branch. Is there any pending work that this needs to wait for?

#4 Updated by Travis Rhoden over 4 years ago

Second question --

Is there an rgw profile that can be used for the auth key, rather than "mon allow r"?

For MDS, we set mon caps to "allow profile mds". wondering if the same thing exists for rgw.

#5 Updated by Travis Rhoden over 4 years ago

On the topic of rgw key caps, should we account for the guidance in the docs that you should choose whether or not to get the RGW key write access on the MON?

http://ceph.com/docs/master/radosgw/config/#create-a-user-and-keyring

#6 Updated by Sage Weil over 4 years ago

hmm, good question. it would be better not to have mon w access, but then we need an explicit zone creation step. yehuda, is there a simple radosgw-admin command that can do this? like

radosgw-admin zone create foo
ceph-deploy rgw create myhost --zone foo

? it would be pretty great if we created the key so that it is restricted to the correct pools.

or maybe we punt on that for now and just use a permissive key...

#7 Updated by Sage Weil over 4 years ago

i got the branch name wrong.. it's wip-rgw-bootstrap

#8 Updated by Travis Rhoden over 4 years ago

  • Status changed from New to Resolved

This is merged in with https://github.com/ceph/ceph-deploy/pull/268

Will be in release 1.5.23.

Will make new tickets to cover changing --port at create time.

Also available in: Atom PDF