How To Configure AWS S3 CLI for Ceph Object Gateway Storage?

Ceph Object Gateway is an object storage interface built on top of librados to provide applications with a RESTful gateway to Ceph Storage Clusters. Ceph Object Storage supports two interfaces:

  1. S3-compatible: Enables object storage functionality with an interface that is compatible with a large subset of the Amazon S3 RESTful API.
  2. Swift-compatible: Enables object storage functionality with an interface that is compatible with a large subset of the OpenStack Swift API.

 

Ceph Object Storage uses the Ceph Object Gateway daemon (radosgw), which is an HTTP server for interacting with a Ceph Storage Cluster. Since it provides interfaces compatible with OpenStack Swift and Amazon S3, the Ceph Object Gateway has its own user management. Ceph Object Gateway can store data in the same Ceph Storage Cluster used to store data from Ceph File System clients or Ceph Block Device clients.

 

Procedure:

 

Step 1: Install AWS CLI

Need to install the AWS CLI on the server or machine where access to Ceph Object Gateway will be done.

 

Verify installation:

$ aws --version
 aws-cli/1.17.10 Python/2.7.5 Linux/3.10.0-1062.el7.x86_64 botocore/1.14.10

 

Step 2: Create Object Store User for S3 Access

A user should be created on Ceph Object Store backend. This will generate S3 API credentials that we’ll configure AWS S3 CLI to use.

 

Run the commands in one of your Ceph cluster nodes with access to cluster for administration.

sudo radosgw-admin user create --uid="rootadminz" --display-name="rootadminz s3clients" 

 

Where:

rootadminz is the name of the user to be created.

rootadminz s3clients is the user display names.

 

This is the sample output from the command.

 {
    "user_id": "rootadminz",
    "display_name": "rootadminz s3clients",
    "email": "",
    "suspended": 0,
    "max_buckets": 1000,
    "subusers": [],
    "keys": [
        {
            "user": "rootadminz",
            "access_key": "GY34VHGH67ERDFTY9HTGEUI",
            "secret_key": "HghYFTYUhuhytyhkliy577Ghjgh877Gffd"
        }
    ],
    "swift_keys": [],
    "caps": [],
    "op_mask": "read, write, delete",
    "default_placement": "",
    "default_storage_class": "",
    "placement_tags": [],
    "bucket_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "user_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "temp_url_keys": [],
    "type": "rgw",
    "mfa_ids": []
}   

 

Please make note of the access_key and the secret_key.

"user": "rootadminz"
"access_key": "GY34VHGH67ERDFTY9HTGEUI"
"secret_key": "HghYFTYUhuhytyhkliy577Ghjgh877Gffd"   

 

Step 3: Using AWS CLI for Accessing Ceph Object Storage

Need to configure it by running the aws configure command before you start using AWS CLI tool to interact with AWS services:

  $ aws configure --profile=ceph
AWS Access Key ID [None]: GY34VHGH67ERDFTY9HTGEUI
AWS Secret Access Key [None]: HghYFTYUhuhytyhkliy577Ghjgh877Gffd
Default region name [None]:
Default output format [None]: json  

 

Paste the access key and Secret key you noted in the previous step. The credentials to be written to file ~/.aws/credentials.

$ cat ~/.aws/credentials
[ceph]
aws_access_key_id = GY34VHGH67ERDFTY9HTGEUI
aws_secret_access_key = HghYFTYUhuhytyhkliy577Ghjgh877Gffd    

 

Configuration file is located in ~/.aws/config.

 $ cat ~/.aws/config
[profile ceph]
output = json   

 

You need to have the IP address of one of your Rados Gateway nodes or equivalent DNS name configured. Get a list of rgw servers using the command:

$ sudo ceph -s | grep rgw
    rgw: 3 daemons active (ceph-rgw-01, ceph-rgw-02, ceph-rgw-03)    

 

In my setup, I have three rgw servers. I’ll use one of them – ceph-rgw-01, whose URL is http://147.10.42.74

$ aws --profile=ceph --endpoint=http://147.10.42.74 s3 mb s3://test    

 

The command will create a bucket called test. The creation can be confirmed using the command radosgw-admin.

$ sudo radosgw-admin bucket list
[
    "jkmutai-bucket",
    "test"
]    

 

You can list the buckets created with the command:

$ aws --profile=ceph --endpoint=http://147.10.42.74 s3 ls
2020-02-13 15:17:13 test    

 

Copy a test file to the bucket:

  $ aws --profile=ceph --endpoint=http://147.10.42.74  s3 cp release.asc s3://test/
upload: ./release.asc to s3://test/release.asc  

 

Confirm if the file has been uploaded.

$ aws --profile=ceph --endpoint=http://147.10.42.74 s3 ls s3://test/
2020-02-13 16:04:17       1645 release.asc    

 

You can confirm the same from the Ceph Dashboard under Object Gateway > Buckets section.

 

Need assistance to get this done, please hire our dedicated experts who work around the clock.

 

Was this answer helpful? 0 Users Found This Useful (0 Votes)