AW: AW: RadosGW S3 Api

[Jäger , Philipp]

Hey,

i hope so. Thank you very much :)

-----Ursprüngliche Nachricht-----
Von: John Axel Eriksson [mailto:j...@insane.se] 
Gesendet: Freitag, 1. Februar 2013 23:26
An: Jäger, Philipp
Cc: Yehuda Sadeh; ceph-devel@vger.kernel.org
Betreff: Re: AW: RadosGW S3 Api

Unfortunately we're not using it that
way, so I don't know what possibilities there are. Hopefully someone else can 
help you out.

Good luck!

31 jan 2013 kl. 10:32 skrev Jäger, Philipp <philipp.jae...@cgm.com>:

> Hello,
> 
> thank you very very much, it works in general now ☺
> 
> Can you say something about how to limit the rights of the user I created 
> like in the manual?
> We want to create an account, which has no rights to create buckets. cannot 
> find a fitting manual for that.
> 
> Thank you very much
> 
> Regards
> Philipp
> 
> Von: John Axel Eriksson [mailto:j...@insane.se]
> Gesendet: Donnerstag, 31. Januar 2013 00:11
> An: Jäger, Philipp
> Cc: Yehuda Sadeh; ceph-devel@vger.kernel.org
> Betreff: Re: RadosGW S3 Api
> 
> This is the config we're using:
> 
> FastCgiExternalServer /tmp/radosgw.fcgi -socket /var/run/ceph/rgw.sock
> 
> LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %O \"%{Referer}i\" 
> \"%{User-Agent}i\"" proxy_combined LogFormat "%{X-Forwarded-For}i %h 
> %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" proxy_debug
> 
> <VirtualHost *:443>
>   ServerName <ourservername>
>   ServerAlias *
>   ServerAdmin admin@<ourservername>
>   DocumentRoot /var/www
> 
>   KeepAlive off
> 
>   SSLEngine on
>   SSLCertificateFile /etc/apache2/ssl.cert
>   SSLCertificateKeyFile /etc/apache2/ssl.key
>   SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> 
>   RewriteEngine On
>   RewriteRule             ^/(.*) /radosgw.fcgi?%{QUERY_STRING} 
> [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
> 
>   <IfModule mod_fastcgi.c>
>     <Directory /var/www/>
>       Options +ExecCGI
>       AllowOverride All
>       SetHandler fastcgi-script
>       Order allow,deny
>       Allow from all
>       AuthBasicAuthoritative Off
>     </Directory>
>   </IfModule>
> 
>   AllowEncodedSlashes On
> 
>   ErrorLog /var/log/apache2/error.log
>   CustomLog /var/log/apache2/rgw-access.log proxy_combined
>   ServerSignature Off
> </VirtualHost>
> 
> Hope it helps!
> 
> John
> 
> On Wed, Jan 30, 2013 at 10:13 AM, Jäger, Philipp <philipp.jae...@cgm.com> 
> wrote:
> Yeah, therefore i ask about an example apache config with ssl support, its 
> not described in the ceph manual, only you have to active the ssl module, but 
> not how the conf must look.
> I tested the freeware "s3 browser", but it makes also errors...
> 
> Do you somebody know who has knowledge about using radosgw with ssl?
> 
> 
> -----Ursprüngliche Nachricht-----
> Von: yehud...@gmail.com [mailto:yehud...@gmail.com] Im Auftrag von 
> Yehuda Sadeh
> Gesendet: Mittwoch, 30. Januar 2013 18:54
> An: Jäger, Philipp
> Cc: ceph-devel@vger.kernel.org
> Betreff: Re: RadosGW S3 Api
> 
> On Wed, Jan 30, 2013 at 9:34 AM, Jäger, Philipp <philipp.jae...@cgm.com> 
> wrote:
>> Hello, thanks for the answer.
>> I don't know, the programmer say the api (s3 api java) wants to connect per 
>> https. When you know a possibility to  (de)actiate ssl, I would be happy you 
>> can tell:) than im sure its not a ssl problem.
>> 
>> 
>> Do you know the error message "peer not authenticated"?
>> I think its not a rados error message, because when you google for it, you 
>> can see that it's common ssl error in java.
> 
> Then it's probably ssl error. Radosgw doesn't generate such an error.
> 
>> But it can be an inherited error because of rados misconfiguration I think.
>> 
>> 
>> How do I know if the gateway can be reached?
>> Nothing special in the logs..
>> 
>> Have you looked into the confs in the zip file I added to the mail?
> 
> Yeah. there's not much there.
> 
>> Im very unsure about the apache ssl configuration, when I set the fastcgi 
>> virtual host section also to 443, I get an error message, but I donk think 
>> its right to leave it on 80.
> 
> 
>> Don't you ever set up radosgw with ssl ?
> 
> that's really orthogonal to radosgw, more of the web server (apache) issue.
> 
> Try using some out of the box s3 client before using the api to help with 
> diagnosing the issue. It looks to me like some issues with your apache 
> configuration (ssl, fastcgi).
> 
> 
> Yehuda
> --
> To unsubscribe from this list: send the line "unsubscribe ceph-devel" 
> in the body of a message to majord...@vger.kernel.org More majordomo 
> info at  http://vger.kernel.org/majordomo-info.html
> 
N�����r��y����b�X��ǧv�^�)޺{.n�+���z�]z���{ay�ʇڙ�,j��f���h���z��w���
���j:+v���w�j�m��������zZ+�����ݢj"��!�i