Accessing external RGW server
This section describes the two ways of accessing external RGW server
The S3 credentials such as AccessKey
or Secret Key
is stored in
the secret generated by the Object Bucket Claim (OBC) creation and you can fetch the same by using
the following commands:
Accessing External RGW server using Object Bucket
Claims
oc get secret <object bucket claim name> -o jsonpath='{.data.AWS_SECRET_ACCESS_KEY}' | base64 --decode
oc get secret <object bucket claim name> -o jsonpath='{.data.AWS_ACCESS_KEY_ID}' | base64 --decode
Similarly,
you can fetch the endpoint details from the configmap
of
OBC:
oc get cm <object bucket claim name> -o jsonpath='{.data.BUCKET_HOST}'
oc get cm <object bucket claim name> -o jsonpath='{.data.BUCKET_PORT}'
oc get cm <object bucket claim name> -o jsonpath='{.data.BUCKET_NAME}'
Accessing
External RGW server using the Ceph Object Store User
CR
You can fetch the
S3 Credentials and endpoint details from the secret generated as part of the Ceph Object
Store User
CR:
oc get secret rook-ceph-object-user-<object-store-cr-name>-<object-user-cr-name> -o jsonpath='{.data.AccessKey}' | base64 --decode
oc get secret rook-ceph-object-user-<object-store-cr-name>-<object-user-cr-name> -o jsonpath='{.data.SecretKey}' | base64 --decode
oc get secret rook-ceph-object-user-<object-store-cr-name>-<object-user-cr-name> -o jsonpath='{.data.Endpoint}' | base64 --decode
Important:
For both the access mechanisms, you can either request for new certificates from the
administrator or reuse the certificates from the Kubernetes secret,
ceph-rgw-tls-cert
.