Re: [ceph-users] Luminous radosgw S3/Keystone integration issues

2018-12-17 Thread Burkhard Linke
Hi, On 12/17/18 11:42 AM, Dan van der Ster wrote: Hi all, Bringing up this old thread with a couple questions: 1. Did anyone ever follow up on the 2nd part of this thread? -- is there any way to cache keystone EC2 credentials? I don't think this is possible. The AWS signature algorithms

Re: [ceph-users] Luminous radosgw S3/Keystone integration issues

2018-12-17 Thread Dan van der Ster
Hi all, Bringing up this old thread with a couple questions: 1. Did anyone ever follow up on the 2nd part of this thread? -- is there any way to cache keystone EC2 credentials? 2. A question for Valery: could you please explain exactly how you added the EC2 credentials to the local backend

Re: [ceph-users] Luminous radosgw S3/Keystone integration issues

2018-05-07 Thread Dan van der Ster
Hi Matt, That's great! I sent the PR here: https://github.com/ceph/ceph/pull/21846 I don't have the necessary karma, but it would be really nice if this could be added the the luminous backport queue. Thanks! Dan On Fri, May 4, 2018 at 5:18 PM, Matt Benjamin wrote: > Hi

Re: [ceph-users] Luminous radosgw S3/Keystone integration issues

2018-05-04 Thread Matt Benjamin
Hi Dan, We agreed in upstream RGW to make this change. Do you intend to submit this as a PR? regards Matt On Fri, May 4, 2018 at 10:57 AM, Dan van der Ster wrote: > Hi Valery, > > Did you eventually find a workaround for this? I *think* we'd also > prefer rgw to fallback

Re: [ceph-users] Luminous radosgw S3/Keystone integration issues

2018-05-04 Thread Dan van der Ster
Hi Valery, Did you eventually find a workaround for this? I *think* we'd also prefer rgw to fallback to external plugins, rather than checking them before local. But I never understood the reasoning behind the change from jewel to luminous. I saw that there is work towards a cache for ldap [1]

[ceph-users] Luminous radosgw S3/Keystone integration issues

2018-02-01 Thread Valery Tschopp
Hi, We are operating a Luminous 12.2.2 radosgw, with the S3 Keystone authentication enabled. Some customers are uploading millions of objects per bucket at once, therefore the radosgw is doing millions of s3tokens POST requests to the Keystone. All those s3tokens requests to Keystone are