I was trying to get the rgw module + ssl working with a spec file but never seemed to get it right. My current attempts have been to use the rgw module to set up the multisite then deploy a new set of rgws using ceph orch apply -i spec.yaml that is set up for ssl. Unfortunately whatever problem I'm currently running into with the radosgw-admin command and basic multisite setup is keeping me from making any other progress. Right now I can't as much as list users one the secondary cluster: # rg user list Unable to initialize site config.
Kevin On Mon, Sep 15, 2025 at 9:30 AM Redouane Kachach <[email protected]> wrote: > ohhh I see! Initial support was meant for http only deployment, so not > sure how it would behave in case of RGW + SSL > > The command "rgw realm bootstrap" also supports passing the spec by using > the "-i" flag so you might try passing an RGW > spec which has SSL enabled and see if that works... nothing that I have > tested but maybe it can help. > > On Mon, Sep 15, 2025 at 5:19 PM Kevin Hrpcek <[email protected]> wrote: > >> @Redouane Kachach >> I've been largely using the rgw module and it was originally working for a >> non ssl setup but now that is what is actually failing. A very simple >> multisite following the instructions fails to correctly initialize because >> the secondary cluster isn't correctly creating it's synchronization user >> on >> the secondary cluster. >> >> @wissem mimouna >> The secondary sync user has needed to be manually created as its not >> syncing from the primary zone when the secondary realm/zone is created >> with >> the rgw module. Once I create it then I can get data syncing to run but >> the >> metadata syncing is failing with the mdlog error. Which is what I'm >> assuming is stopping the secondary sync user from being created in the >> first place. >> Much appreciated, >> Kevin >> >> >> On Mon, Sep 15, 2025 at 9:11 AM wissem mimouna <[email protected]> wrote: >> >> > Hi, >> > >> > >> > For the secondary site sync user you can edit the zone configuration on >> > both sites and add the credentials for the synchronisation system user , >> > as follow: >> > >> > >> > radosgw-admin zone modify --rgw-zone=<zone-name> >> > --access-key=<access-key> --secret=<secret-key> >> > >> > radosgw-admin period update --commit >> > >> > Regards >> > >> > On 12.09.2025 01:03, Kevin Hrpcek wrote: >> > > Hey all, >> > > >> > > I've been having some problems with a relatively basic rgw multisite >> set >> > > up. I initially had it working a few weeks ago with a simple config >> but >> > > rebuilt it with ssl enabled for the endpoints and then started having >> > some >> > > problems to work through. I eventually had that working but then tore >> it >> > > all down so I could verify the recreation steps but now I'm having >> > problems >> > > with the multisite. There are a few different errors.... >> > > >> > > I set up the master zone without problems, but if I use the rgw module >> > with >> > > a token and spec it fails to sync the sync user and the primary zone >> > can't >> > > sync back from the secondary zone. A permission denied error for data >> > > syncing primary->secondary but secondary-> primary works because it >> has >> > the >> > > credentials. >> > > >> > > So i used to be able to manually create the user on the secondary zone >> > and >> > > get data syncing but the metadata wouldn't sync with the master >> showing >> > an >> > > error message but when I check the mdlog on the primary it looks okay. >> > > >> > > 2025-09-11T15:15:18.771+0000 7fc29e96c640 1 req 14061042141473454829 >> > > 0.001000005s failed to read mdlog history: (2) No such file or >> directory >> > > >> > > I ended up trying a full clean reset of rgw on both clusters so I >> deleted >> > > the daemons and all related pools. The primary starts up but I still >> have >> > > the problem of the sync user not being created on the secondary and >> now >> > > when I try to create a user on the secondary for syncing or just for >> the >> > > dashboard to work I get errors that I've tracked down to >> > > >> > >> https://github.com/ceph/ceph/blob/62bcf65e8c0995783bb3e368909716346874ad62/src/rgw/radosgw-admin/radosgw-admin.cc#L4631 >> > > but am not quite following whats all going on in the source to >> determine >> > > why. >> > > >> > > # radosgw-admin user create --uid=dashboard --display-name=dashboard >> > > --system >> > > couldn't init storage provider >> > > # radosgw-admin user create --uid=sysuser-asdf >> > --display-name=sysuser-asdf >> > > --access-key=xxxxxxxxxxxxx --secret-key=yyyyyyyyyyyyyyy --system >> > > --rgw-realm=asdf >> > > Unable to initialize site config. >> > > >> > > Any thoughts? It seems like I may have messed something up in the ceph >> > > config database from multiple tear downs and restarts of the multisite >> > > setup but I'm not seeing what it could be. >> > > >> > > ceph 19.2.1 using cephadm on alma 9 >> > > >> > > Thanks! >> > > Kevin >> > > _______________________________________________ >> > > ceph-users mailing list -- [email protected] >> > > To unsubscribe send an email to [email protected] >> > >> _______________________________________________ >> ceph-users mailing list -- [email protected] >> To unsubscribe send an email to [email protected] >> > _______________________________________________ ceph-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
