Ceph, Openstack

Cloud nodes – nf_conntrack_max recommendations

It’s recommended to set the nf_conntrack_max as below across all nodes in the cloud environment (for all computes, controller and storage nodes):

Set the nf_conntrack_max to 1048576 (default is 65536)

#sysctl -w net.netfilter.nf_conntrack_max=1048576

#echo 24576 > /sys/module/nf_conntrack/parameters/hashsize

And add the below line to /etc/modprob.conf

options io_conntrack_hashsize=24576

Note: hashsize can be nf_conntrack_max by 4 or 8.

NOTE:  Check the defaults as below:

cat /etc/sysctl.conf | grep nf_conntrack_max
cat  /proc/sys/net/netfilter/nf_conntrack_max 
cat /sys/module/nf_conntrack/parameters/hashsize
Advertisements
Openstack

OpenStack: What’s new in OpenStack Ocata

Please refer the OpenStack Ocata release notes along with the version and other details:

Release notes: https://releases.openstack.org/ocata/index.html
Documentation: https://docs.openstack.org/ocata/

Thanks a lot for all PTLs and developers,  who helped in this release.

Nova (OpenStack Compute Service) – Version – 15.0.0

  1. VM placement changes: The Nova filter scheduler will now use the Placement API to filter compute nodes based on CPU/RAM/Disk capacity.
  2. High availability: Nova now uses Cells v2 for all deployments; currently implemented as single cells, the next release, Pike, will support multi-cell clouds.
  3. Neutron is now the default networking option.
  4. Upgrade capabilities: Use the new ‘nova-status upgrade check’ CLI command to see what’s required to upgrade to Ocata.

Keystone (OpenStack Identity Service) -Version 11.0.0

  1. Per-user Multi-Factor-Auth rules (MFA rules): You can now specify multiple forms of authentication before Keystone will issue a token.  For example, some users might just need a password, while others might have to provide a time-based one time password and an additional form of authentication.
  2. Auto-provisioning for federated identity: When a user logs into a federated system, Keystone will dynamically create that user a role; previously, the user had to log into that system independently, which was confusing to users.
  3. Validate an expired token: Finally, no more failures due to long-running operations such as uploading a snapshot. Each project can specify whether it will accept expired tokens, and just HOW expired those tokens can be.

Swift (OpenStack Object Storage) – Version – 2.11.0

  1. Improved compatibility: Byteorder information is now included in Ring files to support machines with different endianness.
  2. More flexibility: You can now configure the base of the URL base for static web.  You can also set the “filename” parameter in TempURLs and validate those TempURLs against a common prefix.
  3. More data: If you’re dealing with large objects, you can now use multi-range GETs and HTTP 416 responses.

Cinder (OpenStack Block Storage) – Version – 10.0.0

  1. Active/Active HA: Cinder can now run in Active/Active clustered mode, preventing concurrent operation conflicts. Cinder will also handle mid-processing service failures better than in past releases.
  2. New attach/detach APIs: If you’ve been confused about how to attach and detach volumes to and from VMs, you’re not alone. The Ocata release saw the Cinder team refactor these APIs in preparation for adding the ability to attach a single volume to multiple VMs, expected in an upcoming release.

Glance (OpenStack Image Service) – Version – 14.0.0

  1. Image visibility:  Users can now create “community” images, making them available for everyone else to use. You can also specify an image as “shared” to specify that only certain users have access.

Neutron (OpenStack Networking Service) – Version -10.0.0

  1. Support for Routed Provider Networks in Neutron: You can now use the NOVA GRP (Generic Resource Pools) API to publish networks in IPv4 inventory.  Also, the Nova scheduler uses this inventory as a hint to place instances based on IPv4 address availability in routed network segments.
  2. Resource tag mechanism: You can now create tags for subnet, port, subnet pool and router resources, making it possible to do things like map different networks in different OpenStack clouds in one logical network or tag provider networks (i.e. High-speed, High-Bandwidth, Dial-Up).

Heat (OpenStack Orchestration Service) – Version -8.0.0

  1. Notification and application workflow: Use the new  OS::Zaqar::Notification to subscribe to Zaqar queues for notifications, or the OS::Zaqar::MistralTrigger for just Mistral notifications.

Horizon (OpenStack Dashboard) – Version – 11.0.0

  1. Easier profiling and debugging:  The new Profiler Panel uses the os-profiler library to provide profiling of requests through Horizon to the OpenStack APIs so you can see what’s going on inside your cloud.
  2. Easier Federation configuration: If Keystone is configured with Keystone to Keystone (K2K) federation and has service providers, you can now choose Keystone providers from a dropdown menu.

Telemetry (Ceilometer) – Version – 8.0.0

  1. Better instance discovery:  Ceilometer now uses libvirt directly by default, rather than nova-api.

Telemetry (Gnocchi)

  1. Dynamically resample measures through a new API.
  2. New collectd plugin: Store metrics generated by collectd.
  3. Store data on Amazon S3 with new storage driver.

Dragonflow (Distributed SDN Controller)

  1. Better support for modern networking: Dragonflow now supports IPv6 and distributed sNAT.
  2. Live migration: Dragonflow now supports live migration of VMs.

Kuryr (Container Networking)

  1. Neutron support: Neutron networking is now available to containers running inside a VM.  For example, you can now assign one Neutron port per container.
  2. More flexibility with driver-based support: Kuryr-libnetwork now allows you to choose between ipvlan, macvlan or Neutron vlan trunk ports or even create your own driver. Also, Kuryr-kubernetes has support for ovs hybrid, ovs native and Dragonflow.
  3. Container Networking Interface (CNI):  You can now use the Kubernetes CNI with Kuryr-kubernetes.
  4. More platforms: The controller now handles Pods on bare metal, handles Pods in VMs by providing them Neutron subports, and provides services with LBaaSv2.

Vitrage (Root Cause Analysis Service) – Version -1.5.0

  1. A new collectd datasource: Use this fast system statistics collection deamon, with plugins that collect different metrics. From Ifat Afek: “We tested the DPDK plugin, that can trigger alarms such as interface failure or noisy neighbors. Based on these alarms, Vitrage can deduce the existence of problems in the host, instances and applications, and provide the RCA (Root Cause Analysis) for these problems.”
  2. New “post event” API: Use This general-purpose API allows easy integration of new monitors into Vitrage.
  3. Multi Tenancy support: A user will only see alarms and resources which belong to that user’s tenant.

Ironic (Bare Metal Service) – Version – 7.0.0

  1. Easier, more powerful management: A revamp of how drivers are composed, “dynamic drivers” enable users to select a “hardware type” for a machine rather than working through a matrix of hardware types. Users can independently change the deploy method, console manager, RAID management, power control interface and so on. Ocata also brings the ability to do soft power off and soft reboot, and to send non-maskable interrupts through both ironic and nova’s API.

TripleO (Deployment Service) – Version – 3.1.0

  1. Easier per-service upgrades: Perform step-by-step tasks as batched/rolling upgrades or in parallel. All roles, including custom roles, can be upgraded this way.
  2. Composable High-Availability architecture: Services managed by Pacemaker such as galera, redis, VIPs, haproxy, cinder-volume, rabbitmq, cinder-backup, and manila-share can now be deployed in multiple clusters, making it possible to scale-out the number of nodes running these services.

OpenStackAnsible (Ansible Playbooks and Roles for Deployment)

  1. Additional support: OpenStack-Ansible now supports CentOS 7, as well as integration with Ceph.

Puppet OpenStack (Puppet Modules for Deployment)

  1. New modules and functionality: The Ocata release includes new modules for puppet-ec2api, puppet-octavia, puppet-panko and puppet-watcher. Also, existing modules support configuring the [DEFAULT]/transport_url configuration option. This changes makes it possible to support AMQP providers other than rabbitmq, such as zeromq.

Barbican (Key Manager Service) – Version- 4.0.0

  1. Testing:  Barbican now includes a new Tempest test framework.

Congress (Governance Service) – Version – 5.0.0

  1. Network address operations:  The policy language has been enhanced to enable users to specify network network policy use cases.
  2. Quick start:  Congress now includes a default policy library so that it’s useful out of the box.

Monasca (Monitoring) – Version – 1.4.0

  1. Completion of Logging-as-a-Service:  Kibana support and integration is now complete, enabling you to push/publish logs to the Monasca Log API, and the logs are authenticated and authorized using Keystone and stored scoped to a tenant/project, so users can only see information from their own logs.
  2. Container support:  Monasca now supports monitoring of Docker containers, and is adding support for the Prometheus monitoring solution. Upcoming releases will also see auto-discovery and monitoring of applications launched in a Kubernetes cluster.

Trove (Database as a Service) – Version – 7.0.0

  1. Multi-region deployments: Database clusters can now be deployed across multiple OpenStack regions.

Mistral (Taskflow as a Service) – Version – 4.0.0

  1. Multi-node mode: You can now deploy the Mistral engine in multi-node mode, providing the ability to scale out.

Rally (Benchmarking as a Service)

  1. Expanded verification options:  Whereas previous versions enabled you to use only Tempest to verify your cluster, the newest version of Rally enables you to use other forms of verification, which means that Rally can actually be used for the non-OpenStack portions of your application and infrastructure. (You can find the full release notes here.)

Zaqar (Message Service) – Version – 4.0.0

  1. Storage replication:  You can now use Swift as a storage option, providing built-in replication capabilities.

Octavia (Load Balancer Service) –  Version – 0.10.0

  1. More flexibility for Load Balancer as a Service:  You may now use neutron host-routes and custom MTU configurations when configuring LBaasS.

Solum (Platform as a Service) – Version – 5.1.0

  1. Responsive deployment:  You may now configure deployments based on Github triggers, which means that you can implement CI/CD by specifying that your application should redeploy when there are changes.

Tricircle (Networking Automation Across Neutron Service) – Version – 5.1.0

  1. DVR support in local Neutron:  The East-West and North-South bridging network have been combined into North-South a bridging network, making it possible to support DVR in local Neutron.

Kolla (Container Based Deployment) – Version – 4.0.0

  1. Dynamic volume provisioning: Kolla-Kubernetes by default uses Ceph for stateful storage, and with Kubernetes 1.5, support was added for Ceph and dynamic volume provisioning as requested by claims made against the API server.

Freezer (Backup, Restore, and Disaster Recovery Service) – Version – 4.0.0

  1. Block incremental backups:  Ocata now includes the Rsync engine, enabling these incremental backups.

Senlin (Clustering Service) – Version – 3.0.0

  1. Generic Event/Notification support: In addition to its usual capability of logging events to a database, Senlin now enables you to add the sending of events to a message queue and to a log file, enabling dynamic monitoring.

Watcher (Infrastructure Optimization Service) – Version -0.32.0

  1. Multiple-backend support: Watcher now supports metrics collection from multiple backends.

Cloudkitty (Rating Service) – Version 5.0.0

  1. Easier management:  CloudKitty now includes a Horizon wizard and hints on the CLI to determine the available metrics. Also, Cloudkitty is now part of the unified OpenStack client.

Manila (Shared File System Service) – Version 5.0.0

    1. Specific usages through the quota-sets:  API to show user and tenant specific usages through the quota-sets resource.
    2. purge sub command:  Added purge sub command to be able to purge soft-deleted rows.

Other useful links on Ocata release:

  1.  Webinar webinar talking about 157 new features.
  2.  53 new things to look for at OpenStack Ocata 53 new things to look for in OpenStack Ocata.
Ceph, Openstack, Rados GW, Telemetry

Ceph RGW usage with Openstack Telemetry

We assume that the  Ceph RGW (i.e Rados Gate Way) and Openstack Keystone are already integrated and working. If not you can use the Ceph documentation here.
You can make sure everything works properly with

# source openrc // with admin tenant
# swift -V 2.0 -A http://localhost:5000/v2.0  stat
             Account: v1
           Containers: 1
              Objects: 174
                 Bytes: 26824860
X-Account-Bytes-Used-Actual: 27140096
             X-Trans-Id: tx00000000000000000000d-0056b23cdc-19cf4-default
           Content-Type: text/plain; charset=utf-8
          Accept-Ranges: bytes

Make sure usage logs are enabled on the radosgw by setting rgw_enable_usage_log = true. You will also need a RadosGW admin user. I created the same  as follows:

# radosgw-admin user create --uid admin --display-name "admin user" --caps "usage=read,write;metadata=read,write;users=read,write;buckets=read,write"

In /etc/ceilometer/ceilometer.conf, uncomment and configure the following

radosgw = object-store
[rgw_admin_credentials]
access_key = <admin user access_key>
secret_key = <admin user secret>

The rgw ceilometer module depends on requests-aws to access the Admin ops API. Install it and restart the ceilometer service

# pip install requests-aws
# openstack-service restart ceilometer

After a while, the meters should show up

(keystone_admin)# ceilometer meter-list
+---------------------------------+-------+---------+---------------------------------------------+---------+----------------------------------+
| Name                            | Type  | Unit    | Resource ID                                 | User ID | Project ID                       |
+---------------------------------+-------+---------+---------------------------------------------+---------+----------------------------------+
| image                           | gauge | image   | d230f54e-6877-451e-bd6c-ca1c460b9041        | None    | ff4d8e6c7e244acb82476fb6acba1833 |
| image.size                      | gauge | B       | d230f54e-6877-451e-bd6c-ca1c460b9041        | None    | ff4d8e6c7e244acb82476fb6acba1833 |
| radosgw.api.request             | gauge | request | 4ddbab4fb6b445fb8195dd08b9cc05a9            | None    | 4ddbab4fb6b445fb8195dd08b9cc05a9 |
| radosgw.api.request             | gauge | request | 8ce73b1b38ab4945b294d691dfd86101            | None    | 8ce73b1b38ab4945b294d691dfd86101 |
| radosgw.api.request             | gauge | request | ff4d8e6c7e244acb82476fb6acba1833            | None    | ff4d8e6c7e244acb82476fb6acba1833 |
| radosgw.containers.objects      | gauge | object  | 4ddbab4fb6b445fb8195dd08b9cc05a9/container1 | None    | 4ddbab4fb6b445fb8195dd08b9cc05a9 |
| radosgw.containers.objects.size | gauge | B       | 4ddbab4fb6b445fb8195dd08b9cc05a9/container1 | None    | 4ddbab4fb6b445fb8195dd08b9cc05a9 |
| radosgw.objects                 | gauge | object  | 4ddbab4fb6b445fb8195dd08b9cc05a9            | None    | 4ddbab4fb6b445fb8195dd08b9cc05a9 |
| radosgw.objects                 | gauge | object  | 8ce73b1b38ab4945b294d691dfd86101            | None    | 8ce73b1b38ab4945b294d691dfd86101 |
| radosgw.objects                 | gauge | object  | ff4d8e6c7e244acb82476fb6acba1833            | None    | ff4d8e6c7e244acb82476fb6acba1833 |
| radosgw.objects.containers      | gauge | object  | 4ddbab4fb6b445fb8195dd08b9cc05a9            | None    | 4ddbab4fb6b445fb8195dd08b9cc05a9 |
| radosgw.objects.containers      | gauge | object  | 8ce73b1b38ab4945b294d691dfd86101            | None    | 8ce73b1b38ab4945b294d691dfd86101 |
| radosgw.objects.containers      | gauge | object  | ff4d8e6c7e244acb82476fb6acba1833            | None    | ff4d8e6c7e244acb82476fb6acba1833 |
| radosgw.objects.size            | gauge | B       | 4ddbab4fb6b445fb8195dd08b9cc05a9            | None    | 4ddbab4fb6b445fb8195dd08b9cc05a9 |
| radosgw.objects.size            | gauge | B       | 8ce73b1b38ab4945b294d691dfd86101            | None    | 8ce73b1b38ab4945b294d691dfd86101 |
| radosgw.objects.size            | gauge | B       | ff4d8e6c7e244acb82476fb6acba1833            | None    | ff4d8e6c7e244acb82476fb6acba1833 |
+---------------------------------+-------+---------+---------------------------------------------+---------+----------------------------------+

Get the samples for the radosgw.objects meters on tenant ID 4ddbab4fb6b445fb8195dd08b9cc05a9 (admin)

(keystone_admin)# ceilometer sample-list -q resource_id=4ddbab4fb6b445fb8195dd08b9cc05a9 -m radosgw.objects
+----------------------------------+-----------------+-------+--------+--------+----------------------------+
| Resource ID                      | Name            | Type  | Volume | Unit   | Timestamp                  |
+----------------------------------+-----------------+-------+--------+--------+----------------------------+
| 4ddbab4fb6b445fb8195dd08b9cc05a9 | radosgw.objects | gauge | 87.0   | object | 2016-02-03T17:21:50.201000 |
| 4ddbab4fb6b445fb8195dd08b9cc05a9 | radosgw.objects | gauge | 0.0    | object | 2016-02-03T16:39:15.050000 |
+----------------------------------+-----------------+-------+--------+--------+----------------------------+
Ceph, Openstack

Check IOPS on disks

I use the spew tool to perform the IOPS. The spew tool comes with standard  Unix/Linu.

spew  tool – which measures I/O performance and/or generates I/O load. An I/O performance measurement and load generation tool. Writes and/or reads generated data to or from a character device, block device, or regular file.

spew -i 20 -v -d –write  -r -b 4096 1g ./test-spew   -> which give IOPS

dd if=/dev/zero of/vol101/test bk=16K count=1600 oflag=direct // direct flat will disable the chache – will slow down the speed

swami@ubuntu:~$ spew -i 20 -v -d --write -r -b 4096 1m ./test-spew
....
Total iterations: 20
Total runtime: 00:00:11
Total write transfer time (WTT): 00:00:11
Total write transfer rate (WTR): 1776.76 KiB/s
Total write IOPS: 444.19 IOPS

 

swami@ubuntu:~$ dd if=/dev/zero of=.//test count=1600 oflag=direct
1600+0 records in
1600+0 records out
819200 bytes (819 kB) copied, 2.50733 s, 327 kB/s

NOTE: direct flag will disable the cache - will slow down the speed

 

Cinder, Openstack

Openstack micro version APIs usage with CURL

Openstack supports the micro version for its APIs. Here is quick tips to use the micro versioned API with CURL command.

First get a token from keystone:

swami@ubuntu:~/devstack$ openstack token issue
+------------+----------------------------------+
| Field      | Value                            |
+------------+----------------------------------+
| expires    | 2016-07-15T12:56:35Z             |
| id         | 49f5673ad7954f68a46702d52dede0df |
| project_id | 4e5f6ba3f2ba4e68bce144f1f9eb843a |
| user_id    | 68d155723d7342d3ad29047ca0ac378c |
+------------+----------------------------------+

Get the cinder CURL command from “cinder –debug list”

curl -g -i -X GET 
http://10.0.2.15:8776/v2/4e5f6ba3f2ba4e68bce144f1f9eb843a/volumes/detail  
-H "Accept: application/json" -H "X-Auth-Token:49f5673ad7954f68a46702d52dede0df"
HTTP/1.1 200 OK
X-Compute-Request-Id: req-ec992a49-b644-4b53-a9fa-5f3b36ea10c1
Content-Type: application/json
Content-Length: 15
X-Openstack-Request-Id: req-ec992a49-b644-4b53-a9fa-5f3b36ea10c1
Date: Fri, 15 Jul 2016 12:01:49 GMT
{"volumes": []}swami@ubuntu:~/devstack$

Now use the micro-versions using the hearders as below:

curl -g -i -X GET 
http://10.0.2.15:8776/v2/4e5f6ba3f2ba4e68bce144f1f9eb843a/volumes/detail  
-H "Accept: application/json" -H "X-Auth-Token:49f5673ad7954f68a46702d52dede0df"
-H "OpenStack-API-version: volume 3.0"
HTTP/1.1 200 OK
X-Compute-Request-Id: req-154b85db-35ed-4d2b-91eb-2751ba74d8d7
Content-Type: application/json
Content-Length: 1035
X-Openstack-Request-Id: req-154b85db-35ed-4d2b-91eb-2751ba74d8d7
Date: Fri, 15 Jul 2016 12:15:40 GMT
{"volumes": [{"migration_status": null, "attachments": [], "links": 
[{"href": "http://10.0.2.15:8776/v2/4e5f6ba3f2ba4e68bce144f1f9eb843a/
volumes/109a2cb0-2ad2-495f-8334-4593ab06a199", "rel": "self"}, {"href": "
http://10.0.2.15:8776/4e5f6ba3f2ba4e68bce144f1f9eb843a/volumes/109a2cb0-2ad2-495f-8334-4593ab06a199", "rel": "bookmark"}], "availability_zone": "nova", "os-vol-host-attr:host": "ubuntu@lvmdriver-1#lvmdriver-1", "encrypted": false, "updated_at": "2016-07-15T12:07:56.000000", "replication_status": "disabled", "snapshot_id": null, "id": "109a2cb0-2ad2-495f-8334-4593ab06a199", "size": 1, "user_id": "68d155723d7342d3ad29047ca0ac378c", "os-vol-tenant-attr:tenant_id": "4e5f6ba3f2ba4e68bce144f1f9eb843a", "os-vol-mig-status-attr:migstat": null, "metadata": {}, "status": "available", "description": null, "multiattach": false, "source_volid": null, "consistencygroup_id": null, "os-vol-mig-status-attr:name_id": null, "name": null, "bootable": "false", "created_at": "2016-07-15T12:07:51.000000", "volume_type": "lvmdriver-1"}]}swami
HTTP/1.1 200 OK
X-Compute-Request-Id: req-ec992a49-b644-4b53-a9fa-5f3b36ea10c1
Content-Type: application/json
Content-Length: 15
X-Openstack-Request-Id: req-ec992a49-b644-4b53-a9fa-5f3b36ea10c1
Date: Fri, 15 Jul 2016 12:01:49 GMT
{"volumes": []}swami@ubuntu:~/devstack$

If you use a micro version API, which is not supported, then cinder will give the min and max micro versions it supported as below . here I used version 3.7, which is not supported:

curl -g -i -X GET 
http://10.0.2.15:8776/v2/4e5f6ba3f2ba4e68bce144f1f9eb843a/volumes/detail  
-H "Accept: application/json" -H "X-Auth-Token:49f5673ad7954f68a46702d52dede0df"
-H "OpenStack-API-version: volume 3.7"
HTTP/1.1 406 Not Acceptable
Openstack-Api-Version: 3.7
Vary: OpenStack-API-Version
Content-Length: 121
Content-Type: application/json; charset=UTF-8
X-Compute-Request-Id: req-2f89acb7-f7d9-44c1-be06-8854e18332df
X-Openstack-Request-Id: req-2f89acb7-f7d9-44c1-be06-8854e18332df
Date: Fri, 15 Jul 2016 12:26:56 GMT

{"computeFault": {"message": "Version 3.7 is not supported by the API. 
Minimum is 3.0 and maximum is 3.6.", "code": 406}}

Here we can use other component’s API micro versioned APIs in the hearders as below:

curl -g -i -X GET 
http://10.0.2.15:8776/v2/4e5f6ba3f2ba4e68bce144f1f9eb843a/volumes/detail  
-H "Accept: application/json" -H "X-Auth-Token:49f5673ad7954f68a46702d52dede0df"
-H "OpenStack-API-version: volume 3.6, compute 2.21 identity 3.0"
HTTP/1.1 200 OK
X-Compute-Request-Id: req-17ad037c-3230-47be-bf54-8e9267ca24e3
Content-Type: application/json
Content-Length: 1035
Openstack-Api-Version: volume 3.6
Vary: OpenStack-API-Version
X-Openstack-Request-Id: req-17ad037c-3230-47be-bf54-8e9267ca24e3
Date: Fri, 15 Jul 2016 12:33:42 GMT

{"volumes": [{"migration_status": null, "attachments": [], "links": [{"href": 
"http://10.0.2.15:8776/v3/4e5f6ba3f2ba4e68bce144f1f9eb843a/volumes/
109a2cb0-2ad2-495f-8334-4593ab06a199", "rel": "self"}, {"href": 
"http://10.0.2.15:8776/4e5f6ba3f2ba4e68bce144f1f9eb843a/volumes/
109a2cb0-2ad2-495f-8334-4593ab06a199", "rel": "bookmark"}], "availability_zone":
"nova", "os-vol-host-attr:host": "ubuntu@lvmdriver-1#lvmdriver-1", "encrypted": 
false, "updated_at": "2016-07-15T12:07:56.000000", "replication_status":
 "disabled", "snapshot_id": null, "id": "109a2cb0-2ad2-495f-8334-4593ab06a199", 
"size": 1, "user_id": "68d155723d7342d3ad29047ca0ac378c", "os-vol-tenant-attr:
tenant_id": "4e5f6ba3f2ba4e68bce144f1f9eb843a", "os-vol-mig-status-attr:migstat":
 null, "metadata": {}, "status": "available", "description": null, "multiattach":
 false, "source_volid": null, "consistencygroup_id": null, "os-vol-mig-status-attr:
name_id": null, "name": null, "bootable": "false", "created_at": 
"2016-07-15T12:07:51.000000", "volume_type": "lvmdriver-1"}]}

 

Ceph, Openstack

RGW – Enable Keystone Auth for S3 APIs

Ceph rados-gateway (RGW) enables rados based automation internally. If user wants to use the ceph rgw with keystone authentication.

Add the below 2 lines in /etc/ceph/ceph.conf  in [client.radosgw.gateway] section:

rgw_keystone_url = locahost:35357
rgw_s3_auth_use_keystone=True

Note: Replace the port number  “rgw_keystone_url” from 5000 to 35357

Now, restart the radosgw services:

/etc/init.d/radosgw restart