From 4bf4d92a8b853701fe497dbbb4d4aa4e3139517f Mon Sep 17 00:00:00 2001 From: Sage Weil Date: Fri, 19 Jul 2013 10:04:40 -0700 Subject: [PATCH] doc: radosgw needs 'mon = allow rw' to create its own pools Fixes: #5674 Signed-off-by: Sage Weil Reviewed-by: Yehuda Sadeh --- PendingReleaseNotes | 5 +++++ doc/install/rpm.rst | 2 +- doc/man/8/radosgw.rst | 2 +- doc/rados/operations/authentication.rst | 2 +- doc/radosgw/config.rst | 2 +- 5 files changed, 9 insertions(+), 4 deletions(-) diff --git a/PendingReleaseNotes b/PendingReleaseNotes index a9880942b5a7e..33959991410a8 100644 --- a/PendingReleaseNotes +++ b/PendingReleaseNotes @@ -19,3 +19,8 @@ v0.67 commandline tool. ceph_rest_api.py can be used as a WSGI application for deployment in a more-capable web server. See ceph-rest-api.8 for more. + +* The radosgw caps were inconsistently documented to be either 'mon = + allow r' or 'mon = allow rw'. The 'mon = allow rw' is required for + radosgw to create its own pools. All documentation has been updated + accordingly. \ No newline at end of file diff --git a/doc/install/rpm.rst b/doc/install/rpm.rst index d5d6bf196c28c..172f3f809a3fd 100644 --- a/doc/install/rpm.rst +++ b/doc/install/rpm.rst @@ -198,7 +198,7 @@ Installing Ceph Object Storage #. Create a user key. :: ceph-authtool -C -n client.radosgw.gateway --gen-key /etc/ceph/keyring.radosgw.gateway - ceph-authtool -n client.radosgw.gateway --cap mon 'allow r' --cap osd 'allow rwx' /etc/ceph/keyring.radosgw.gateway + ceph-authtool -n client.radosgw.gateway --cap mon 'allow rw' --cap osd 'allow rwx' /etc/ceph/keyring.radosgw.gateway ceph auth add client.radosgw.gateway --in-file=/etc/ceph/keyring.radosgw.gateway diff --git a/doc/man/8/radosgw.rst b/doc/man/8/radosgw.rst index 46511f9afe63f..0fb114973f55d 100644 --- a/doc/man/8/radosgw.rst +++ b/doc/man/8/radosgw.rst @@ -86,7 +86,7 @@ You will also have to generate a key for the radosgw to use for authentication with the cluster:: ceph-authtool -C -n client.radosgw.gateway --gen-key /etc/ceph/keyring.radosgw.gateway - ceph-authtool -n client.radosgw.gateway --cap mon 'allow r' --cap osd 'allow rwx' /etc/ceph/keyring.radosgw.gateway + ceph-authtool -n client.radosgw.gateway --cap mon 'allow rw' --cap osd 'allow rwx' /etc/ceph/keyring.radosgw.gateway And add the key to the auth entries:: diff --git a/doc/rados/operations/authentication.rst b/doc/rados/operations/authentication.rst index d56f6ef584a95..0b71d08b0c49d 100644 --- a/doc/rados/operations/authentication.rst +++ b/doc/rados/operations/authentication.rst @@ -196,7 +196,7 @@ capabilities necessary for the daemon to function, are shown below. ``radosgw`` :Location: ``$rgw_data/keyring`` -:Capabilities: ``mon 'allow r' osd 'allow rwx'`` +:Capabilities: ``mon 'allow rw' osd 'allow rwx'`` Note that the monitor keyring contains a key but no capabilities, and diff --git a/doc/radosgw/config.rst b/doc/radosgw/config.rst index d7526fdd77637..39ee8fccdf9b9 100644 --- a/doc/radosgw/config.rst +++ b/doc/radosgw/config.rst @@ -164,7 +164,7 @@ Generate a key so that RADOS Gateway can identify a user name and authenticate the user with the cluster. Then, add capabilities to the key. For example:: sudo ceph-authtool /etc/ceph/keyring.radosgw.gateway -n client.radosgw.gateway --gen-key - sudo ceph-authtool -n client.radosgw.gateway --cap osd 'allow rwx' --cap mon 'allow r' /etc/ceph/keyring.radosgw.gateway + sudo ceph-authtool -n client.radosgw.gateway --cap osd 'allow rwx' --cap mon 'allow rw' /etc/ceph/keyring.radosgw.gateway Add to Ceph Keyring Entries