I haven't really used the S3 stuff much, but the credentials should be in keystone already. If you're in horizon, you can download them under Access and Security->API Access. Using the CLI you can use the openstack client like "openstack credential <list | show | create | delete | set>" or with the keystone client like "keystone ec2-credentials-list", etc. Then you should be able to feed those credentials to the rgw like a normal S3 API call.
Cheers, Erik On Mon, Apr 13, 2015 at 10:16 AM, <[email protected]> wrote: > Hi all, > > Coming back to that issue. > > I successfully used keystone users for the rados gateway and the swift API > but I still don't understand how it can work with S3 API and i.e. S3 users > (AccessKey/SecretKey) > > I found a swift3 initiative but I think It's only compliant in a pure > OpenStack swift environment by setting up a specific plug-in. > https://github.com/stackforge/swift3 > > A rgw can be, at the same, time under keystone control and standard > radosgw-admin if > - for swift, you use the right authentication service (keystone or > internal) > - for S3, you use the internal authentication service > > So, my questions are still valid. > How can a rgw work for S3 users if there are stored in keystone? Which is > the accesskey and secretkey? > What is the purpose of "rgw s3 auth use keystone" parameter ? > > Best regards > > ---------------------- > De : ceph-users [mailto:[email protected]] De la part de > [email protected] > Envoyé : lundi 23 mars 2015 14:03 > À : ceph-users > Objet : [ceph-users] Rados Gateway and keystone > > Hi All, > > I just would to be sure about keystone configuration for Rados Gateway. > > I read the documentation http://ceph.com/docs/master/radosgw/keystone/ > and http://ceph.com/docs/master/radosgw/config-ref/?highlight=keystone > but I didn't catch if after having configured the rados gateway > (ceph.conf) in order to use keystone, it becomes mandatory to create all > the users in it. > > In other words, can a rgw be, at the same, time under keystone control > and standard radosgw-admin ? > How does it work for S3 users ? > What is the purpose of "rgw s3 auth use keystone" parameter ? > > Best regards > > - - - - - - - - - - - - - - - - - > Ghislain Chevalier > +33299124432 > +33788624370 > [email protected] > > _________________________________________________________________________________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations > confidentielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez > recu ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages > electroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou > falsifie. Merci. > > This message and its attachments may contain confidential or privileged > information that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and > delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been > modified, changed or falsified. > Thank you. > > > _________________________________________________________________________________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations > confidentielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez > recu ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages > electroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou > falsifie. Merci. > > This message and its attachments may contain confidential or privileged > information that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and > delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been > modified, changed or falsified. > Thank you. > > _______________________________________________ > ceph-users mailing list > [email protected] > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com >
_______________________________________________ ceph-users mailing list [email protected] http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
