溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
要使用REST接口,我們首先要為S3接口創建一個初始的Ceph對象網關用戶,然后為Swift界面創建一個子用戶,最后,我們需要驗證創建的用戶是否能夠訪問網關。
執行如下命令創建用戶,記錄下access_key和secret_key,沒記住也沒關系,可以使用radosgw-admin user info --uid=s3查看
[root@ceph-node1 ~]# radosgw-admin user create --uid="s3" --display-name="s3 user"
{
"user_id": "s3",
"display_name": "s3 user",
"email": "",
"suspended": 0,
"max_buckets": 1000,
"auid": 0,
"subusers": [],
"keys": [
{
"user": "s3",
"access_key": "WNXRGPK6XGWO8XRLWRUA",
"secret_key": "Segqx8fZ8H5arM1Pvpygiewp4gl9Qjkrymi09aVP"
}
],
"swift_keys": [],
"caps": [],
"op_mask": "read, write, delete",
"default_placement": "",
"placement_tags": [],
"bucket_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
},
"user_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
},
"temp_url_keys": [],
"type": "rgw",
"mfa_ids": []
}
進行swift接口訪問,需要創建一個Swift子用戶,記錄下s3:swift的secret_key
[root@ceph-node1 ~]#radosgw-admin subuser create --uid=s3 --subuser=s3:swift --access=full
{
"user_id": "s3",
"display_name": "s3 user",
"email": "",
"suspended": 0,
"max_buckets": 1000,
"auid": 0,
"subusers": [
{
"id": "s3:swift",
"permissions": "full-control"
}
],
"keys": [
{
"user": "s3",
"access_key": "WNXRGPK6XGWO8XRLWRUA",
"secret_key": "Segqx8fZ8H5arM1Pvpygiewp4gl9Qjkrymi09aVP"
}
],
"swift_keys": [
{
"user": "s3:swift",
"secret_key": "czb1ExW6XRy7iE41gFLL0xQNlamLLc569DC9FG1r"
}
],
"caps": [],
"op_mask": "read, write, delete",
"default_placement": "",
"placement_tags": [],
"bucket_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
},
"user_quota": {
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
},
"temp_url_keys": [],
"type": "rgw",
"mfa_ids": []
}
我們需要編寫并運行Python測試腳本來驗證S3訪問, S3訪問測試腳本將連接到radosgw,創建一個新的存儲桶并列出所有存儲桶, access_key_id和secret_access_key的值取自radosgw-admin命令返回的s3用戶的access_key和secret_key的值,另外需要修改主機名(host)和端口(port)
[root@ceph-node1 ~]yum install python-boto -y
[root@ceph-node1 ~]vim s3test.py
import boto
import boto.s3.connection
access_key = 'WNXRGPK6XGWO8XRLWRUA'
secret_key = 'Segqx8fZ8H5arM1Pvpygiewp4gl9Qjkrymi09aVP'
conn = boto.connect_s3(
aws_access_key_id = access_key,
aws_secret_access_key = secret_key,
host = 'ceph-node1', port=7480,
is_secure=False,
calling_format = boto.s3.connection.OrdinaryCallingFormat(),
)
bucket = conn.create_bucket('my-first-s3-bucket')
for bucket in conn.get_all_buckets():
print "{name}\t{created}".format(
name = bucket.name,
created = bucket.creation_date,
)root@ceph-node1 ~]python s3test.py
my-first-s3-bucket 2019-12-13T02:58:44.604Z
也可以使用s3cmd這個命令行工具
root@ceph-node1 ~]yum install s3cmd -y
root@ceph-node1 ~]s3cmd --configure
配置里需要填寫s3用戶的secret_key和access_key,以及S3 Endpoint和target Amazon S3,這兩個填寫radosgw的主機的主機名和端口,如ceph-node1:7480
root@ceph-node1 ~]s3cmd ls #查看已有bucket
2019-12-13 02:58 s3://my-first-s3-bucket
root@ceph-node1 ~]s3cmd mb s3://my-second-s3-bucket #創建一個bucket
root@ceph-node1 ~]s3cmd put /etc/hosts s3://my-second-s3-bucket #給剛才創建的bucket中放入一個文件
[root@ceph-node1]# s3cmd ls s3://my-second-s3-bucket #查看桶中文件
2019-12-13 03:08 575 s3://my-second-s3-bucket/hosts
root@ceph-node1 ~]yum install python-pip -y
root@ceph-node1 ~]pip install --upgrade python-swiftclient
創建一個bucket
[root@liuning s3]# swift -A http://glusterfs-node1:7480/auth/1.0 -U s3:swift -K e58xcqROWx2bMMSo36KnNWUYpEUrdPbDruNWezqr post my-first-swift-bucket
用swift接口查看這個已有的bucket
[root@liuning s3]# swift -A http://glusterfs-node1:7480/auth/1.0 -U s3:swift -K e58xcqROWx2bMMSo36KnNWUYpEUrdPbDruNWezqr list
my-first-s3-bucket
my-first-swift-bucket
my-second-s3-bucket
注意可能會出現下面這個錯誤,等一會就好了,要是不行就把剛才的用戶刪除了重新創建一個,使用新的secret_key
Auth GET failed: http://ceph-node1:7480/auth/1.0 403 Forbidden [first 60 chars of response] {"Code":"AccessDenied","RequestId":"tx000000000000000000013-
Failed Transaction ID: tx000000000000000000013-005df3022d-e2a1-default
至此,s3和swift接口的搭建和測試已經完成,如需更多使用實例和api,可以查閱man或ceph官網
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
