Why did they do this? Ceph Rados Gateway in SQLite.

In this video, we look into running rados gateway on backends other than Ceph, particularly in SQLite. This could be useful for testing workloads or running a proxy service with user management.

First a good start is to upgrade / update your system so you have the latest packages.

sudo apt update
sudo apt full-upgrade -y

Next up we add a pretty recent (as of this writing) ubuntu version of Ceph. Maybe a newer version on Debian have the same functionallity but sadly not yet.

sudo vi /etc/apt/sources.list.d/ceph.list
deb https://download.ceph.com/debian-18.1.3/ jammy main

Next up we add a release key and install the required packages.

wget -q -O- 'https://download.ceph.com/keys/release.asc' | sudo apt-key add -
sudo apt update
sudo apt install radosgw ceph-mon vim sqlite3 -y
sudo vi /etc/ceph/ceph.conf

Setting up a simple cluster with this ceph.conf file. Copy paste into /etc/ceph/ceph.conf and edit the addresses and other variables.

------------------------------------------------------------

[global]
fsid = 95c4545c-f14f-4245-8d70-5dd1ec20b169
mon initial members = testrgw
mon host = 192.168.1.100
public network = 192.168.1.0/24
cluster network = 192.168.1.0/24
auth cluster required = cephx
auth service required = cephx
auth client required = cephx

[client]
rgw backend store = dbstore
dbstore db dir = /rgwstore
dbstore db name prefix = testrgw

[client.rgw.testrgw]
host = testrgw 
keyring = /var/lib/ceph/radosgw/ceph-rgw.testrgw/keyring
log file = /var/log/ceph/ceph-rgw-testrgw.log
rgw frontends = "beast endpoint=192.168.1.100:8080"
rgw thread pool size = 512
------------------------------------------------------------

Setting up cluster with a new monitor key, creating other keyrings required for the clustger. Last but not least create one node in the cluster.

sudo ceph-authtool --create-keyring /tmp/monkey --gen-key -n mon. --cap mon 'allow *'
sudo ceph-authtool --create-keyring /etc/ceph/ceph.client.admin.keyring --gen-key -n client.admin --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow *' --cap mgr 'allow *'
sudo ceph-authtool --create-keyring /var/lib/ceph/bootstrap-osd/ceph.keyring --gen-key -n client.bootstrap-osd --cap mon 'profile bootstrap-osd'
sudo ceph-authtool /tmp/monkey --import-keyring /etc/ceph/ceph.client.admin.keyring
sudo ceph-authtool /tmp/monkey --import-keyring /var/lib/ceph/bootstrap-osd/ceph.keyring
sudo chown ceph:ceph /tmp/monkey
monmaptool --create --add testrgw 192.168.1.100 --fsid 95c4545c-f14f-4245-8d70-5dd1ec20b169 /tmp/monmap

Creating the monitor directory, and setting up the monitor and starting.

sudo -u ceph mkdir /var/lib/ceph/mon/ceph-testrgw
sudo -u ceph ceph-mon --mkfs -i testrgw --monmap /tmp/monmap --keyring /tmp/monkey
sudo systemctl start ceph-mon@testrgw

Next we check status and enable the second messaging protocol which is encrypted and more secure. Required for new clusters.

sudo ceph -s
sudo ceph mon enable-msgr2

Create database directory and setting the right permissions so ceph are allowed to read and write.

sudo mkdir /rgwstore
sudo chown ceph:ceph /rgwstore

Creating RGW with permissions keyring and starting the service.

sudo mkdir -p /var/lib/ceph/radosgw/ceph-rgw.`hostname -s`
sudo ceph auth get-or-create client.rgw.`hostname -s` osd 'allow rwx' mon 'allow rw' -o /var/lib/ceph/radosgw/ceph-rgw.`hostname -s`/keyring
sudo systemctl start ceph-radosgw@rgw.`hostname -s`
sudo systemctl status ceph-radosgw@rgw.`hostname -s`

To test the cluster you will need a RGW user, using this command you will create a user and set the access key and secret used for the S3 API.

sudo radosgw-admin --uid tester --display-name "Test user" --access_key TESTER --secret test123 user create

Last but not least when we have created some S3 data we can turn the service of and checking the database how the data is stored.

sudo systemctl stop ceph-radosgw@rgw.`hostname -s`
sqlite3 testrgw-default_ns.db 

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.