mirror of https://github.com/ceph/go-ceph
micro-osd.sh: Clarify the suspicion around S3 credentials
It's unusual to put any kind of credentials out in open. The set of credentials defined with `S3_ACCESS_KEY` and `S3_SECRET_KEY` variables in the script are questionable in its nature. But these are not real/valid credential values in any form for AWS rather used for testing the S3 compatible API from Ceph RGW. Therefore clarify the intention and replace with sample values from official AWS documentation. Signed-off-by: Anoop C S <anoopcs@cryptolab.net>
This commit is contained in:
parent
7a733111f2
commit
09d81f5bb3
11
micro-osd.sh
11
micro-osd.sh
|
@ -39,10 +39,15 @@ MON_NAME="a"
|
||||||
MGR_NAME="x"
|
MGR_NAME="x"
|
||||||
MIRROR_ID="m"
|
MIRROR_ID="m"
|
||||||
RGW_ID="r"
|
RGW_ID="r"
|
||||||
S3_ACCESS_KEY=2262XNX11FZRR44XWIRD
|
|
||||||
S3_SECRET_KEY=rmtuS1Uj1bIC08QFYGW18GfSHAbkPqdsuYynNudw
|
|
||||||
HOST_IP=$(getent ahostsv4 "${HOSTNAME}" | grep STREAM | head -n 1 | awk '{print $1}')
|
|
||||||
|
|
||||||
|
# Following are examples for S3 credentials taken from official AWS docs:
|
||||||
|
# https://docs.aws.amazon.com/IAM/latest/UserGuide/security-creds.html#access-keys-and-secret-access-keys
|
||||||
|
# These does not represent real/valid credentials for AWS in any form.
|
||||||
|
# They are exclusively used for testing S3 compatible API from Ceph RGW.
|
||||||
|
S3_ACCESS_KEY=AKIAIOSFODNN7EXAMPLE
|
||||||
|
S3_SECRET_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
|
||||||
|
|
||||||
|
HOST_IP=$(getent ahostsv4 "${HOSTNAME}" | grep STREAM | head -n 1 | awk '{print $1}')
|
||||||
FSID="$(uuidgen)"
|
FSID="$(uuidgen)"
|
||||||
export CEPH_CONF=${DIR}/ceph.conf
|
export CEPH_CONF=${DIR}/ceph.conf
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
You must create an admin user like so:
|
You must create an admin user like so:
|
||||||
|
|
||||||
```
|
```
|
||||||
radosgw-admin user create --uid admin --display-name "Admin User" --caps "buckets=*;users=*;usage=read;metadata=read;zone=read --access-key=2262XNX11FZRR44XWIRD --secret-key=rmtuS1Uj1bIC08QFYGW18GfSHAbkPqdsuYynNudw
|
radosgw-admin user create --uid admin --display-name "Admin User" --caps "buckets=*;users=*;usage=read;metadata=read;zone=read --access-key=AKIAIOSFODNN7EXAMPLE --secret-key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
|
||||||
```
|
```
|
||||||
|
|
||||||
Then use the `access_key` and `secret_key` for authentication.
|
Then use the `access_key` and `secret_key` for authentication.
|
||||||
|
@ -19,7 +19,7 @@ import (
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
// Generate a connection object
|
// Generate a connection object
|
||||||
co, err := admin.New("http://192.168.1.1", "2262XNX11FZRR44XWIRD", "rmtuS1Uj1bIC08QFYGW18GfSHAbkPqdsuYynNudw", nil)
|
co, err := admin.New("http://192.168.1.1", "AKIAIOSFODNN7EXAMPLE", "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY", nil)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -114,8 +114,8 @@ func (s *S3Agent) createBucket(name string) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (suite *RadosGWTestSuite) SetupConnection() {
|
func (suite *RadosGWTestSuite) SetupConnection() {
|
||||||
suite.accessKey = "2262XNX11FZRR44XWIRD"
|
suite.accessKey = "AKIAIOSFODNN7EXAMPLE"
|
||||||
suite.secretKey = "rmtuS1Uj1bIC08QFYGW18GfSHAbkPqdsuYynNudw"
|
suite.secretKey = "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
|
||||||
hostname := os.Getenv("HOSTNAME")
|
hostname := os.Getenv("HOSTNAME")
|
||||||
endpoint := hostname
|
endpoint := hostname
|
||||||
if hostname != "test_ceph_aio" {
|
if hostname != "test_ceph_aio" {
|
||||||
|
|
|
@ -45,8 +45,8 @@ var (
|
||||||
"keys": [
|
"keys": [
|
||||||
{
|
{
|
||||||
"user": "dashboard-admin",
|
"user": "dashboard-admin",
|
||||||
"access_key": "4WD1FGM5PXKLC97YC0SZ",
|
"access_key": "AKIAIOSFODNN7EXAMPLE",
|
||||||
"secret_key": "YSaT5bEcJTjBJCDG5yvr2NhGQ9xzoTIg8B1gQHa3"
|
"secret_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"swift_keys": [
|
"swift_keys": [
|
||||||
|
|
Loading…
Reference in New Issue