For #2, I think I found myself the answer. The admin can simply generate the S3 keys for the user, e.g.:
radosgw-admin key create --key-type=s3 --gen-access-key --gen-secret --uid="a22db12575694c9e9f8650dde73ef565\$a22db12575694c9e9f8650dde73ef565" --rgw-realm=cloudtest and then the user can access her data also using S3. besides swift Cheers, Massimo On Wed, May 23, 2018 at 12:49 PM, Massimo Sgaravatto < [email protected]> wrote: > For #1 I guess this is a known issue (http://tracker.ceph.com/issues/20570 > ) > > On Tue, May 22, 2018 at 1:03 PM, Massimo Sgaravatto < > [email protected]> wrote: > >> I have several questions on the radosgw - OpenStack integration. >> >> I was more or less able to set it (using a Luminous ceph cluster >> and an Ocata OpenStack cloud), but I don't know if it working as expected. >> >> >> So, the questions: >> >> >> 1. >> I miss the meaning of the attribute "rgw keystone implicit tenants" >> If I set "rgw keystone implicit tenants = false", accounts are created >> using id: >> >> <openstack-project-id> and the display name is the name of the OpenStack >> project >> >> >> If I set "rgw keystone implicit tenants = true", accounts are created >> using id: >> >> <openstack-project-id>$<<openstack-project-id> >> >> and, again, the display name is the name of the OpenStack project >> >> >> So one account per openstack project in both cases >> I would have expected two radosgw accounts for 2 openstack users >> belonging to the same project, setting "rgw keystone implicit tenants = >> true" >> >> >> 2 >> Are OpenStack users supposed to access to their data only using swift, or >> also via S3 ? >> In the latter case, how can the user find her S3 credentials ? >> I am not able to find the S3 keys for such OpenStack users also using >> radosgw-admin >> >> # radosgw-admin user info --uid="a22db12575694c9e9f8650d >> de73ef565\$a22db12575694c9e9f8650dde73ef565" --rgw-realm=cloudtest >> ... >> ... >> "keys": [], >> ... >> ... >> >> >> 3 >> How is the admin supposed to set default quota for each project/user ? >> How can then the admin modify the quota for a user ? >> How can the user see the assigned quota ? >> >> I tried relying on the "rgw user default quota max size" attribute to >> set the default quota. It works for users created using "radosgw-admin >> user create" while >> I am not able to see it working for OpenStack users (see also the thread >> "rgw default user quota for OpenStack users") >> >> If I explicitly set the quota for a OpenStack user using: >> >> radosgw-admin quota set --quota-scope=user --max-size=2G >> --uid="a22db12575694c9e9f8650dde73ef565\$a22db12575694c9e9f8650dde73ef565" >> --rgw-realm=cloudtest >> radosgw-admin quota enable --quota-scope=user >> --uid="a22db12575694c9e9f8650dde73ef565\$a22db12575694c9e9f8650dde73ef565" >> --rgw-realm=cloudtest >> >> >> this works (i.e. quota is enforced) but such quota is not exposed to the >> user (at least it is not reported anywhere in the OpenStack dashboard nor >> in the "swift stat" output) >> >> >> 4 >> I tried creating (using the OpenStack dashboard) containers with public >> access. >> It looks like this works only if "rgw keystone implicit tenants" is set >> to false >> Is this expected ? >> >> >> Many thanks, Massimo >> >> >
_______________________________________________ ceph-users mailing list [email protected] http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
