Chapter 12. Accessing the RADOS Object Gateway S3 endpoint
Users can access the RADOS Object Gateway (RGW) endpoint directly.
Prerequisites
- A running OpenShift Data Foundation Platform
Procedure
Run
oc get servicecommand to get the RGW service name.$ oc get service -n openshift-storage NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE (...) rook-ceph-rgw-ocs-storagecluster-cephobjectstore ClusterIP 172.30.145.254 <none> 80/TCP,443/TCP 5d7h (...)
Run
oc exposecommand to expose the RGW service.$ oc expose svc/<RGW service name> --hostname=<route name>
-
Replace
<RGW-service name>with the RGW service name from the previous step. Replace
<route name>with a route you want to create for the RGW service.For example:
$ oc expose svc/rook-ceph-rgw-ocs-storagecluster-cephobjectstore --hostname=rook-ceph-rgw-ocs.ocp.host.example.com
-
Replace
Run
oc get routecommand to confirmoc exposeis successful and there is an RGW route.$ oc get route -n openshift-storage
Example output:
NAME HOST/PORT PATH rook-ceph-rgw-ocs-storagecluster-cephobjectstore rook-ceph-rgw-ocs.ocp.host.example.com SERVICES PORT TERMINATION WILDCARD rook-ceph-rgw-ocs-storagecluster-cephobjectstore http <none>
Verification
To verify the
ENDPOINT, run the following command:aws s3 --no-verify-ssl --endpoint <ENDPOINT> ls
Replace
<ENDPOINT>with the route that you get from the command in step 3.For example:
$ aws s3 --no-verify-ssl --endpoint http://rook-ceph-rgw-ocs.ocp.host.example.com ls
To get the access key and secret of the default user ocs-storagecluster-cephobjectstoreuser, run the following commands:
Access key:
$ oc get secret rook-ceph-object-user-ocs-storagecluster-cephobjectstore-ocs-storagecluster-cephobjectstoreuser -n openshift-storage -o yaml | grep -w "AccessKey:" | head -n1 | awk '{print $2}' | base64 --decodeSecret key:
$ oc get secret rook-ceph-object-user-ocs-storagecluster-cephobjectstore-ocs-storagecluster-cephobjectstoreuser -n openshift-storage -o yaml | grep -w "SecretKey:" | head -n1 | awk '{print $2}' | base64 --decode
