Accessing external RGW server

This section describes the two ways of accessing external RGW server

The S3 credentials such as AccessKey or Secret Key is stored in the secret generated by the Object Bucket Claim (OBC) creation and you can fetch the same by using the following commands:

Accessing External RGW server using Object Bucket Claims

oc get secret <object bucket claim name> -o jsonpath='{.data.AWS_SECRET_ACCESS_KEY}' | base64 --decode
oc get secret <object bucket claim name> -o jsonpath='{.data.AWS_ACCESS_KEY_ID}' | base64 --decode

Similarly, you can fetch the endpoint details from the configmap of OBC:

oc get cm <object bucket claim name> -o jsonpath='{.data.BUCKET_HOST}'
oc get cm <object bucket claim name> -o jsonpath='{.data.BUCKET_PORT}'
oc get cm <object bucket claim name> -o jsonpath='{.data.BUCKET_NAME}'

Accessing External RGW server using the Ceph Object Store User CR

You can fetch the S3 Credentials and endpoint details from the secret generated as part of the Ceph Object Store User CR:

oc get secret rook-ceph-object-user-<object-store-cr-name>-<object-user-cr-name> -o jsonpath='{.data.AccessKey}' | base64 --decode
oc get secret rook-ceph-object-user-<object-store-cr-name>-<object-user-cr-name> -o jsonpath='{.data.SecretKey}' | base64 --decode
oc get secret rook-ceph-object-user-<object-store-cr-name>-<object-user-cr-name> -o jsonpath='{.data.Endpoint}' | base64 --decode

Important:

For both the access mechanisms, you can either request for new certificates from the administrator or reuse the certificates from the Kubernetes secret, ceph-rgw-tls-cert.