08-手动部署Ceph15.2.5(octopus)rgw的简单使用

基于RGW的Swift API使用

RGW的Swift API使用

1. 创建一个访问用户

bash> radosgw-admin user create --uid="ping" --subuser="ping:swift" --display-name="Dai Ping" --email=daiping_zy@139.com --access=full
bash> radosgw-admin user list               #查看有哪些用户
bash> radosgw-admin user info --uid=ping    #查看用户信息
---
{
    "user_id": "ping",
    "display_name": "Dai Ping",
    "email": "daiping_zy@139.com",
    "suspended": 0,
    "max_buckets": 1000,
    "subusers": [
        {
            "id": "ping:swift",
            "permissions": "full-control"
        }
    ],
    "keys": [
        {
            "user": "ping",
            "access_key": "O970LW7W6LF6AOPP9490",
            "secret_key": "RtlTkeLYS00AewlGVgCaUeRKeMpmBSW7RhkojShA"
        }
    ],
    "swift_keys": [
        {
            "user": "ping:swift",
            "secret_key": "1ryjKfCAykfCkgAY6Zp7FaPGonRNZ5ZgsK6QU4YY"
        }
    ],
    "caps": [],
    "op_mask": "read, write, delete",
    "default_placement": "",
    "default_storage_class": "",
    "placement_tags": [],
    "bucket_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "user_quota": {
        "enabled": false,
        "check_on_raw": false,
        "max_size": -1,
        "max_size_kb": 0,
        "max_objects": -1
    },
    "temp_url_keys": [],
    "type": "rgw",
    "mfa_ids": []
}

2. 部份Swift的常用的接口列表

使用流程.png

Swift用户认证

请求信息：
    GET http://192.168.10.42:3245/auth
    Reauest Headers(头部信息中需要添加以下字段)：
        X-Auth-User: ping:swift
        X-Auth-Key: 1ryjKfCAykfCkgAY6Zp7FaPGonRNZ5ZgsK6QU4YY
返回信息：
    Status Code: 204 No Content
    connection: Keep-Alive
    content-type: application/json; charset=utf-8
    date: Wed, 04 Nov 2020 02:57:18 GMT
    x-auth-token: AUTH_rgwtk0a00000070696e673a7377696674b7bd00b43a6987cd0e6aa35fb3bd9711e3a4d39b55f5300dccc227061bd7de6a7a1963d3
    x-openstack-request-id: tx000000000000000000114-005fa2188e-20bdb-default
    x-storage-token: AUTH_rgwtk0a00000070696e673a7377696674b7bd00b43a6987cd0e6aa35fb3bd9711e3a4d39b55f5300dccc227061bd7de6a7a1963d3
    x-storage-url: http://192.168.10.42:3245/swift/v1
    x-trans-id: tx000000000000000000114-005fa2188e-20bdb-default
说明：
    返回信息Headers中的 “x-auth-token”，用在于在其它接口中使用，需要保存下来。每次认证该token则会更新。

存储桶相关操作-↓

Amazon S3 API使用术语“存储桶”来描述数据容器。当您听到有人在Swift API中引用“存储桶”时，“存储桶”一词可能会被解释为与“容器”一词等效。

创建存储桶：

    PUT http://192.168.10.42:3245/swift/v1/{container} 
    Reauest Headers(头部信息中需要添加以下字段)：
        X-Auth-Token: {auth-token}
        X-Container-Read: {comma-separated-uids}    #Required No，允许其他人读
        X-Container-Write: {comma-separated-uids}   #Required No，允许其他人写
        X-Container-Meta-{key}: {value}             #Required No

获取存储桶下的对象列表：

    GET http://192.168.10.42:3245/swift/v1/{container}
    Reauest Headers(头部信息中需要添加以下字段)：
        X-Auth-Token: {auth-token}
    Parmameters:
    String    format              #json|xml
    String    prefix              #user def
    String    marker              #Returns a list of results greater than the marker value.
    Integer   limit               #Limits the number of results to the specified value.0 - 10,000
    String    delimiter           #The delimiter between the prefix and the rest of the object name.
    String    path                #The pseudo-hierarchical path of the objects.
    Boolean   allow_unordered     #允许无序返回结果，与delimiter排斥

存储桶访问列表修改(允许其他人访问自己的存储桶)：

    POST  http://192.168.10.42:3245/swift/v1/{container}
    Reauest Headers(头部信息中需要添加以下字段)：
        X-Auth-Token: {auth-token}
        X-Container-Read: *
        X-Container-Write: {uid1}, {uid2}, {uid3}

删除存储桶：

    DELETE  http://192.168.10.42:3245/swift/v1/{container}
    Reauest Headers(头部信息中需要添加以下字段)：
        X-Auth-Token: {auth-token}

对象相关操作

创建/更新一个对象(Object):

    PUT http://192.168.10.42:3245/swift/v1/{container}/{object} HTTP/1.1
    Reauest Headers(头部信息中需要添加以下字段)：
        X-Auth-Token: {auth-token}
        ETag            #An MD5 hash of the object’s contents. Recommended.
        Content-Type    #The type of content the object contains.
        Transfer-Encoding   #Indicates whether the object is part of a larger aggregate object. Valid Values: chunked
    BODY为对象内容

复制一个对象：

    PUT http://192.168.10.42:3245/swift/v1/{dest-container}/{dest-object}
    Reauest Headers(头部信息中需要添加以下字段)：
        X-Copy-From: {source-container}/{source-object}
        X-Auth-Token: {auth-token}
--或者：
    COPY http://192.168.10.42:3245/swift/v1/{source-container}/{source-object}
    Reauest Headers(头部信息中需要添加以下字段)：
        Destination: {dest-container}/{dest-object}
        X-Auth-Token: {auth-token}
----
    可选header信息：
        Copy-If-Match
        Copy-If-None-Match

删除一个对象:

    DELETE http://192.168.10.42:3245/swift/v1/{container}/{object} 
    Reauest Headers(头部信息中需要添加以下字段)：
        X-Auth-Token: {auth-token}

获取一个对象:

    GET http://192.168.10.42:3245/swift/v1/{container}/{object}
    Reauest Headers(头部信息中需要添加以下字段)：
        X-Auth-Token: {auth-token}
----
    可选header信息：
        range   #To retrieve a subset of an object’s contents, you may specify a byte range.
        If-Modified-Since   #Only copies if modified since the date/time of the source object’s last_modified attribute.
        If-Unmodified-Since #Only copies if not modified since the date/time of the source object’s last_modified attribute.
        Copy-If-Match       #Copies only if the ETag in the request matches the source object’s ETag.
        Copy-If-None-Match  #Copies only if the ETag in the request does not match the source object’s ETag.

Ceph 15.25 手动部署系列笔记