HowtoCeph: mettre à jour section RGW
This commit is contained in:
parent
96b8d81fb0
commit
9cbf04a912
56
HowtoCeph.md
56
HowtoCeph.md
|
@ -791,23 +791,49 @@ $ ceph-fuse -n $CEPH_USERNAME -m $MONITOR_IP_ADDRESS:6789 /mnt/mycephfs -r /dir0
|
|||
> Le mécanisme de restriction d'accès fonctionne aussi bien avec `ceph-fuse` qu'avec `mount.ceph`.
|
||||
|
||||
|
||||
# RGW
|
||||
# RadosGW
|
||||
|
||||
> Cette section est en cours d’écriture !
|
||||
## Installer un démon RadosGW
|
||||
|
||||
On souhaite installer un démon RadosGW (RGW) sur `<HOSTNAME>`. On suppose pour `<HOSTNAME>` est déjà un nœud du _cluster_ Ceph.
|
||||
|
||||
~~~
|
||||
# sudo -i -u cephuser
|
||||
$ cd ~/ceph
|
||||
$ ceph-deploy --overwrite-conf rgw create <hostname>
|
||||
$ exit
|
||||
# ss -lnpt | grep 7480 # un processus radosgw devrait écouter le port 7480
|
||||
# printf 'rgw_override_bucket_index_max_shards = 32\n' >> /etc/ceph/ceph.conf
|
||||
# apt install dnsmasq
|
||||
# vi /etc/dnsmasq.conf # address=/<hostname>/127.0.0.1
|
||||
# systemctl restart dnsmasq.service
|
||||
# printf 'nameserver 127.0.0.1\n' >> /etc/resolv.conf
|
||||
# ping quelquechose.<hostname> # devrait ping 127.0.0.1
|
||||
# radosgw-admin user create --uid="testuser" --display-name="First User"
|
||||
# apt install radosgw
|
||||
# mkdir /var/lib/ceph/radosgw/ceph-rgw."${HOSTNAME}"
|
||||
# ceph --cluster ceph --name client.bootstrap-rgw --keyring /var/lib/ceph/bootstrap-rgw/ceph.keyring auth get-or-create client.rgw."${HOSTNAME}" osd 'allow rwx' mon 'allow rw' -o /var/lib/ceph/radosgw/ceph-rgw."${HOSTNAME}"/keyring
|
||||
# systemctl enable ceph-radosgw@rgw."${HOSTNAME}"
|
||||
# systemctl start ceph-radosgw@rgw."${HOSTNAME}"
|
||||
# systemctl enable ceph.target
|
||||
~~~
|
||||
|
||||
Le démon RGW devrait être joignable sur le port 7480. Une simple requête GET sur http://127.0.0.1:7480/ devrait retourner :
|
||||
|
||||
~~~
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<ListAllMyBucketsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
|
||||
<Owner>
|
||||
<ID>anonymous</ID>
|
||||
<DisplayName></DisplayName>
|
||||
</Owner>
|
||||
<Buckets>
|
||||
</Buckets>
|
||||
</ListAllMyBucketsResult>
|
||||
~~~
|
||||
|
||||
## Utilisateurs
|
||||
|
||||
### Créer un utilisateur
|
||||
|
||||
~~~
|
||||
# radosgw-admin user create --uid="testuser" --display-name='Test User'
|
||||
~~~
|
||||
|
||||
### Définir un quota
|
||||
|
||||
Limiter `testuser` à 10 objets et 10 Gio au total :
|
||||
|
||||
~~~
|
||||
# radosgw-admin quota set --quota-scope=user --uid=testuser --max-objects=10 --max-size=10737418240B
|
||||
~~~
|
||||
|
||||
## Clients
|
||||
|
@ -1027,4 +1053,4 @@ Pour désactiver la fonctionnalité :
|
|||
ceph config set mon auth_allow_insecure_global_id_reclaim false
|
||||
```
|
||||
|
||||
Source : [Ceph Documention - Health checks](https://docs.ceph.com/en/latest/rados/operations/health-checks/#auth-insecure-global-id-reclaim-allowed)
|
||||
Source : [Ceph Documention - Health checks](https://docs.ceph.com/en/latest/rados/operations/health-checks/#auth-insecure-global-id-reclaim-allowed)
|
||||
|
|
Loading…
Reference in a new issue