1RADOSGW-ADMIN(8) Ceph RADOSGW-ADMIN(8)
2
6 radosgw-admin - rados REST gateway user administration utility
7
9 radosgw-admin command [ options ... ]
10
13 radosgw-admin is a RADOS gateway user administration utility. It allows
14 creating and modifying users.
15
17 radosgw-admin utility uses many commands for administration purpose
18 which are as follows:
19 user create
21 Create a new user.
22 user modify
24 Modify a user.
25 user info
27 Display information of a user, and any potentially available
28 subusers and keys.
29 user rm
31 Remove a user.
32 user suspend
34 Suspend a user.
35 user enable
37 Re-enable user after suspension.
38 user check
40 Check user info.
41 user stats
43 Show user stats as accounted by quota subsystem.
44 user list
46 List all users.
47 caps add
49 Add user capabilities.
50 caps rm
52 Remove user capabilities.
53 subuser create
55 Create a new subuser (primarily useful for clients using the
56 Swift API).
57 subuser modify
59 Modify a subuser.
60 subuser rm
62 Remove a subuser.
63 key create
65 Create access key.
66 key rm Remove access key.
68 bucket list
70 List all buckets.
71 bucket limit check
73 Show bucket sharding stats.
74 bucket link
76 Link bucket to specified user.
77 bucket unlink
79 Unlink bucket from specified user.
80 bucket stats
82 Returns bucket statistics.
83 bucket rm
85 Remove a bucket.
86 bucket check
88 Check bucket index.
89 bucket rewrite
91 Rewrite all objects in the specified bucket.
92 bucket reshard
94 Reshard a bucket.
95 bucket sync disable
97 Disable bucket sync.
98 bucket sync enable
100 Enable bucket sync.
101 bi get Retrieve bucket index object entries.
103 bi put Store bucket index object entries.
105 bi list
107 List raw bucket index entries.
108 bi purge
110 Purge bucket index entries.
111 object rm
113 Remove an object.
114 object stat
116 Stat an object for its metadata.
117 object unlink
119 Unlink object from bucket index.
120 object rewrite
122 Rewrite the specified object.
123 objects expire
125 Run expired objects cleanup.
126 period rm
128 Remove a period.
129 period get
131 Get the period info.
132 period get-current
134 Get the current period info.
135 period pull
137 Pull a period.
138 period push
140 Push a period.
141 period list
143 List all periods.
144 period update
146 Update the staging period.
147 period commit
149 Commit the staging period.
150 quota set
152 Set quota params.
153 quota enable
155 Enable quota.
156 quota disable
158 Disable quota.
159 global quota get
161 View global quota parameters.
162 global quota set
164 Set global quota parameters.
165 global quota enable
167 Enable a global quota.
168 global quota disable
170 Disable a global quota.
171 realm create
173 Create a new realm.
174 realm rm
176 Remove a realm.
177 realm get
179 Show the realm info.
180 realm get-default
182 Get the default realm name.
183 realm list
185 List all realms.
186 realm list-periods
188 List all realm periods.
189 realm rename
191 Rename a realm.
192 realm set
194 Set the realm info (requires infile).
195 realm default
197 Set the realm as default.
198 realm pull
200 Pull a realm and its current period.
201 zonegroup add
203 Add a zone to a zonegroup.
204 zonegroup create
206 Create a new zone group info.
207 zonegroup default
209 Set the default zone group.
210 zonegroup rm
212 Remove a zone group info.
213 zonegroup get
215 Show the zone group info.
216 zonegroup modify
218 Modify an existing zonegroup.
219 zonegroup set
221 Set the zone group info (requires infile).
222 zonegroup remove
224 Remove a zone from a zonegroup.
225 zonegroup rename
227 Rename a zone group.
228 zonegroup list
230 List all zone groups set on this cluster.
231 zonegroup placement list
233 List zonegroup's placement targets.
234 zonegroup placement add
236 Add a placement target id to a zonegroup.
237 zonegroup placement modify
239 Modify a placement target of a specific zonegroup.
240 zonegroup placement rm
242 Remove a placement target from a zonegroup.
243 zonegroup placement default
245 Set a zonegroup's default placement target.
246 zone create
248 Create a new zone.
249 zone rm
251 Remove a zone.
252 zone get
254 Show zone cluster params.
255 zone set
257 Set zone cluster params (requires infile).
258 zone modify
260 Modify an existing zone.
261 zone list
263 List all zones set on this cluster.
264 metadata sync status
266 Get metadata sync status.
267 metadata sync init
269 Init metadata sync.
270 metadata sync run
272 Run metadata sync.
273 data sync status
275 Get data sync status of the specified source zone.
276 data sync init
278 Init data sync for the specified source zone.
279 data sync run
281 Run data sync for the specified source zone.
282 sync error list
284 list sync error.
285 sync error trim
287 trim sync error.
288 zone rename
290 Rename a zone.
291 zone placement list
293 List zone's placement targets.
294 zone placement add
296 Add a zone placement target.
297 zone placement modify
299 Modify a zone placement target.
300 zone placement rm
302 Remove a zone placement target.
303 pool add
305 Add an existing pool for data placement.
306 pool rm
308 Remove an existing pool from data placement set.
309 pools list
311 List placement active set.
312 policy Display bucket/object policy.
314 log list
316 List log objects.
317 log show
319 Dump a log from specific object or (bucket + date + bucket-id).
320 (NOTE: required to specify formatting of date to
321 "YYYY-MM-DD-hh")
322 log rm Remove log object.
324 usage show
326 Show the usage information (with optional user and date range).
327 usage trim
329 Trim usage information (with optional user and date range).
330 gc list
332 Dump expired garbage collection objects (specify --include-all
333 to list all entries, including unexpired).
334 gc process
336 Manually process garbage.
337 lc list
339 List all bucket lifecycle progress.
340 lc process
342 Manually process lifecycle.
343 metadata get
345 Get metadata info.
346 metadata put
348 Put metadata info.
349 metadata rm
351 Remove metadata info.
352 metadata list
354 List metadata info.
355 mdlog list
357 List metadata log.
358 mdlog trim
360 Trim metadata log.
361 mdlog status
363 Read metadata log status.
364 bilog list
366 List bucket index log.
367 bilog trim
369 Trim bucket index log (use start-marker, end-marker).
370 datalog list
372 List data log.
373 datalog trim
375 Trim data log.
376 datalog status
378 Read data log status.
379 orphans find
381 Init and run search for leaked rados objects
382 orphans finish
384 Clean up search for leaked rados objects
385 orphans list-jobs
387 List the current job-ids for the orphans search.
388 role create
390 create a new AWS role for use with STS.
391 role rm
393 Remove a role.
394 role get
396 Get a role.
397 role list
399 List the roles with specified path prefix.
400 role modify
402 Modify the assume role policy of an existing role.
403 role-policy put
405 Add/update permission policy to role.
406 role-policy list
408 List the policies attached to a role.
409 role-policy get
411 Get the specified inline policy document embedded with the given
412 role.
413 role-policy rm
415 Remove the policy attached to a role
416 reshard add
418 Schedule a resharding of a bucket
419 reshard list
421 List all bucket resharding or scheduled to be resharded
422 reshard process
424 Process of scheduled reshard jobs
425 reshard status
427 Resharding status of a bucket
428 reshard cancel
430 Cancel resharding a bucket
431
433 -c ceph.conf, --conf=ceph.conf
434 Use ceph.conf configuration file instead of the default
435 /etc/ceph/ceph.conf to determine monitor addresses during
436 startup.
437 -m monaddress[:port]
439 Connect to specified monitor (instead of looking through
440 ceph.conf).
441 --tenant=<tenant>
443 Name of the tenant.
444 --uid=uid
446 The radosgw user ID.
447 --subuser=<name>
449 Name of the subuser.
450 --access-key=<key>
452 S3 access key.
453 --email=email
455 The e-mail address of the user.
456 --secret/--secret-key=<key>
458 The secret key.
459 --gen-access-key
461 Generate random access key (for S3).
462 --gen-secret
464 Generate random secret key.
465 --key-type=<type>
467 key type, options are: swift, s3.
468 --temp-url-key[-2]=<key>
470 Temporary url key.
471 --max-buckets
473 max number of buckets for a user (0 for no limit, negative value
474 to disable bucket creation). Default is 1000.
475 --access=<access>
477 Set the access permissions for the sub-user. Available access
478 permissions are read, write, readwrite and full.
479 --display-name=<name>
481 The display name of the user.
482 --admin
484 Set the admin flag on the user.
485 --system
487 Set the system flag on the user.
488 --bucket=bucket
490 Specify the bucket name.
491 --pool=<pool>
493 Specify the pool name. Also used with orphans find as data pool
494 to scan for leaked rados objects.
495 --object=object
497 Specify the object name.
498 --date=yyyy-mm-dd
500 The date in the format yyyy-mm-dd.
501 --start-date=yyyy-mm-dd
503 The start date in the format yyyy-mm-dd.
504 --end-date=yyyy-mm-dd
506 The end date in the format yyyy-mm-dd.
507 --bucket-id=<bucket-id>
509 Specify the bucket id.
510 --shard-id=<shard-id>
512 Optional for mdlog list, data sync status. Required for mdlog
513 trim.
514 --max-entries=<entries>
516 Optional for listing operations to specify the max entires
517 --purge-data
519 When specified, user removal will also purge all the user data.
520 --purge-keys
522 When specified, subuser removal will also purge all the subuser
523 keys.
524 --purge-objects
526 When specified, the bucket removal will also purge all objects
527 in it.
528 --metadata-key=<key>
530 Key to retrieve metadata from with metadata get.
531 --remote=<remote>
533 Zone or zonegroup id of remote gateway.
534 --period=<id>
536 Period id.
537 --url=<url>
539 url for pushing/pulling period or realm.
540 --epoch=<number>
542 Period epoch.
543 --commit
545 Commit the period during 'period update'.
546 --staging
548 Get the staging period info.
549 --master
551 Set as master.
552 --master-zone=<id>
554 Master zone id.
555 --rgw-realm=<name>
557 The realm name.
558 --realm-id=<id>
560 The realm id.
561 --realm-new-name=<name>
563 New name of realm.
564 --rgw-zonegroup=<name>
566 The zonegroup name.
567 --zonegroup-id=<id>
569 The zonegroup id.
570 --zonegroup-new-name=<name>
572 The new name of the zonegroup.
573 --rgw-zone=<zone>
575 Zone in which radosgw is running.
576 --zone-id=<id>
578 The zone id.
579 --zone-new-name=<name>
581 The new name of the zone.
582 --source-zone
584 The source zone for data sync.
585 --default
587 Set the entity (realm, zonegroup, zone) as default.
588 --read-only
590 Set the zone as read-only when adding to the zonegroup.
591 --placement-id
593 Placement id for the zonegroup placement commands.
594 --tags=<list>
596 The list of tags for zonegroup placement add and modify com‐
597 mands.
598 --tags-add=<list>
600 The list of tags to add for zonegroup placement modify command.
601 --tags-rm=<list>
603 The list of tags to remove for zonegroup placement modify com‐
604 mand.
605 --endpoints=<list>
607 The zone endpoints.
608 --index-pool=<pool>
610 The placement target index pool.
611 --data-pool=<pool>
613 The placement target data pool.
614 --data-extra-pool=<pool>
616 The placement target data extra (non-ec) pool.
617 --placement-index-type=<type>
619 The placement target index type (normal, indexless, or #id).
620 --tier-type=<type>
622 The zone tier type.
623 --tier-config=<k>=<v>[,...]
625 Set zone tier config keys, values.
626 --tier-config-rm=<k>[,...]
628 Unset zone tier config keys.
629 --sync-from-all[=false]
631 Set/reset whether zone syncs from all zonegroup peers.
632 --sync-from=[zone-name][,...]
634 Set the list of zones to sync from.
635 --sync-from-rm=[zone-name][,...]
637 Remove the zones from list of zones to sync from.
638 --fix Besides checking bucket index, will also fix it.
640 --check-objects
642 bucket check: Rebuilds bucket index according to actual objects
643 state.
644 --format=<format>
646 Specify output format for certain operations. Supported formats:
647 xml, json.
648 --sync-stats
650 Option for 'user stats' command. When specified, it will update
651 user stats with the current stats reported by user's buckets
652 indexes.
653 --show-log-entries=<flag>
655 Enable/disable dump of log entries on log show.
656 --show-log-sum=<flag>
658 Enable/disable dump of log summation on log show.
659 --skip-zero-entries
661 Log show only dumps entries that don't have zero value in one of
662 the numeric field.
663 --infile
665 Specify a file to read in when setting data.
666 --categories=<list>
668 Comma separated list of categories, used in usage show.
669 --caps=<caps>
671 List of caps (e.g., "usage=read, write; user=read".
672 --compression=<compression-algorithm>
674 Placement target compression algorithm (lz4|snappy|zlib|zstd)
675 --yes-i-really-mean-it
677 Required for certain operations.
678 --min-rewrite-size
680 Specify the min object size for bucket rewrite (default 4M).
681 --max-rewrite-size
683 Specify the max object size for bucket rewrite (default
684 ULLONG_MAX).
685 --min-rewrite-stripe-size
687 Specify the min stripe size for object rewrite (default 0). If
688 the value is set to 0, then the specified object will always be
689 rewritten for restriping.
690 --warnings-only
692 When specified with bucket limit check, list only buckets near‐
693 ing or over the current max objects per shard value.
694 --bypass-gc
696 When specified with bucket deletion, triggers object deletions
697 by not involving GC.
698 --inconsistent-index
700 When specified with bucket deletion and bypass-gc set to true,
701 ignores bucket index consistency.
702
704 --max-objects
705 Specify max objects (negative value to disable).
706 --max-size
708 Specify max size (in B/K/M/G/T, negative value to disable).
709 --quota-scope
711 The scope of quota (bucket, user).
712
714 --num-shards
715 Number of shards to use for keeping the temporary scan info
716 --orphan-stale-secs
718 Number of seconds to wait before declaring an object to be an
719 orphan. Default is 86400 (24 hours).
720 --job-id
722 Set the job id (for orphans find)
723 --max-concurrent-ios
725 Maximum concurrent ios for orphans find. Default is 32.
726
728 --extra-info
729 Provide extra info in the job list.
730
732 --role-name
733 The name of the role to create.
734 --path The path to the role.
736 --assume-role-policy-doc
738 The trust relationship policy document that grants an entity
739 permission to assume the role.
740 --policy-name
742 The name of the policy document.
743 --policy-doc
745 The permission policy document.
746 --path-prefix
748 The path prefix for filtering the roles.
749
751 Generate a new user:
752 $ radosgw-admin user create --display-name="johnny rotten" --uid=johnny
754 { "user_id": "johnny",
755 "rados_uid": 0,
756 "display_name": "johnny rotten",
757 "email": "",
758 "suspended": 0,
759 "subusers": [],
760 "keys": [
761 { "user": "johnny",
762 "access_key": "TCICW53D9BQ2VGC46I44",
763 "secret_key": "tfm9aHMI8X76L3UdgE+ZQaJag1vJQmE6HDb5Lbrz"}],
764 "swift_keys": []}
765 Remove a user:
767 $ radosgw-admin user rm --uid=johnny
769 Remove a user and all associated buckets with their contents:
771 $ radosgw-admin user rm --uid=johnny --purge-data
773 Remove a bucket:
775 $ radosgw-admin bucket rm --bucket=foo
777 Link bucket to specified user:
779 $ radosgw-admin bucket link --bucket=foo --bucket_id=<bucket id> --uid=johnny
781 Unlink bucket from specified user:
783 $ radosgw-admin bucket unlink --bucket=foo --uid=johnny
785 Show the logs of a bucket from April 1st, 2012:
787 $ radosgw-admin log show --bucket=foo --date=2012-04-01-01 --bucket-id=default.14193.1
789 Show usage information for user from March 1st to (but not including)
791 April 1st, 2012:
792 $ radosgw-admin usage show --uid=johnny \
794 --start-date=2012-03-01 --end-date=2012-04-01
795 Show only summary of usage information for all users:
797 $ radosgw-admin usage show --show-log-entries=false
799 Trim usage information for user until March 1st, 2012:
801 $ radosgw-admin usage trim --uid=johnny --end-date=2012-04-01
803
805 radosgw-admin is part of Ceph, a massively scalable, open-source, dis‐
806 tributed storage system. Please refer to the Ceph documentation at
807 http://ceph.com/docs for more information.
808
810 ceph(8) radosgw(8)
811
813 2010-2014, Inktank Storage, Inc. and contributors. Licensed under Cre‐
814 ative Commons Attribution Share Alike 3.0 (CC-BY-SA-3.0)
815dev Apr 29, 2019 RADOSGW-ADMIN(8)