[ceph-users] Re: 17.2.6 dashboard: unable to get RGW dashboard working

Hi, Still interested by some feedback... FYI, today I changed the configuration of the RGW to https (for reasons unrelated to this problem) and it seems the problem preventing the use of a RGW https with the dashboard is fixed now. The problem described in my previous email remains the same (same errors) whether http or https is enabled and I really have no clue about the possible reason... I have not identified also if there was a way to tell the dashboard to ignore the realm causing the problem to see if it was working with the other realm... Best regards, Michel Le 20/04/2023 à 12:55, Michel Jouvin a écrit : > Hi, > > I just upgraded in 17.2.6 but in fact I had the same problem in > 16.2.10. I'm trying to configure the Ceph dashboard to monitor the > RGWs (object gateways used as S3 gw). Our cluster has 2 RGW realms > (eros, fink) with 1 zonegroup per realm (p2io-eros and p2io-fink > respectively) and 1 zone per zonegroup (eros-z1 and fink-z1 > respectively). RGW have been configured without SSL due to the bug > encountered in 16.2.10 (not sure if it still applies, use of IP > addresses that don't match the certificate). There is a dashboard user > in each realm and its access/secret keys are matching what is in > mgr/dashboard/RGW_API_ACCESS_KEY and mgr/dashboard/RGW_API_SECRET_KEY > (a dict with one entry per realm). > > Every attempt to access the RGW daemons section of the dashboard > results in : > > ----- > > The Object Gateway Service is not configured > Error connecting to Object Gateway: RGW REST API failed request with > status code 403 > (b'{"Code":"InvalidAccessKeyId","RequestId":"tx00000b4c2212597168bf0-00644116e3' > b'-edf7c3-eros-z1","HostId":"edf7c3-eros-z1-ijclab"}') > > ---- > > In the mgr logs, I have not been able to find more than this error. In > the RGW logs, for every dashboard attempt, I find: > > ------ > > Apr 20 12:41:39 valvd-rgw1.lal.in2p3.fr radosgw[1969455]: ====== > starting new request req=0x7f2dcdb0b710 ===== > Apr 20 12:41:39 valvd-rgw1.lal.in2p3.fr radosgw[1969455]: req > 13025009517641239536 0.000000000s op->ERRORHANDLER: err_no=-2028 > new_err_no=-2028 > Apr 20 12:41:39 valvd-rgw1.lal.in2p3.fr radosgw[1969455]: ====== req > done req=0x7f2dcdb0b710 op status=0 http_status=403 > latency=0.000000000s ====== > Apr 20 12:41:39 valvd-rgw1.lal.in2p3.fr radosgw[1969455]: beast: > 0x7f2dcdb0b710: 134.158.194.10 - - [20/Apr/2023:10:41:39.843 +0000] > "GET /admin/metadata/user?myself HTTP/1.1" 403 126 - > "python-requests/2.20.0" - latency=0.000000000s > ------ > > In the logs above, I find a little bit strange the "HostID" value > ending with "eros-z1-ijclab". I'd expected it to be the zone name > "eros-z1". The zone has been renamed a couple of times and it may be > an old name, despite the zone information in radosgw-admin shows > nothing with this name (in particular the API name has been renamed to > match the zone name). Anway the RGW works perfectly and the dashboard > request seems to reach the RGW so I don't have the feeling it is > important... > > Any suggestion on how to troubleshoot what happens would be > appreciated. Thanks in advance. > > Best regards, > > Michel >