1RADOSGW-ADMIN(8)                     Ceph                     RADOSGW-ADMIN(8)
2
3
4

NAME

6       radosgw-admin - rados REST gateway user administration utility
7

SYNOPSIS

9       radosgw-admin command [ options ... ]
10
11

DESCRIPTION

13       radosgw-admin is a RADOS gateway user administration utility. It allows
14       creating and modifying users.
15

COMMANDS

17       radosgw-admin utility uses many  commands  for  administration  purpose
18       which are as follows:
19
20       user create
21              Create a new user.
22
23       user modify
24              Modify a user.
25
26       user info
27              Display  information  of  a  user, and any potentially available
28              subusers and keys.
29
30       user rm
31              Remove a user.
32
33       user suspend
34              Suspend a user.
35
36       user enable
37              Re-enable user after suspension.
38
39       user check
40              Check user info.
41
42       user stats
43              Show user stats as accounted by quota subsystem.
44
45       user list
46              List all users.
47
48       caps add
49              Add user capabilities.
50
51       caps rm
52              Remove user capabilities.
53
54       subuser create
55              Create a new subuser (primarily useful  for  clients  using  the
56              Swift API).
57
58       subuser modify
59              Modify a subuser.
60
61       subuser rm
62              Remove a subuser.
63
64       key create
65              Create access key.
66
67       key rm Remove access key.
68
69       bucket list
70              List  buckets,  or,  if bucket specified with --bucket=<bucket>,
71              list its objects. If bucket specified  adding  --allow-unordered
72              removes  ordering  requirement, possibly generating results more
73              quickly in buckets with large number of objects.
74
75       bucket limit check
76              Show bucket sharding stats.
77
78       bucket link
79              Link bucket to specified user.
80
81       bucket unlink
82              Unlink bucket from specified user.
83
84       bucket stats
85              Returns bucket statistics.
86
87       bucket rm
88              Remove a bucket.
89
90       bucket check
91              Check bucket index.
92
93       bucket rewrite
94              Rewrite all objects in the specified bucket.
95
96       bucket reshard
97              Reshard a bucket.
98
99       bucket sync disable
100              Disable bucket sync.
101
102       bucket sync enable
103              Enable bucket sync.
104
105       bi get Retrieve bucket index object entries.
106
107       bi put Store bucket index object entries.
108
109       bi list
110              List raw bucket index entries.
111
112       bi purge
113              Purge bucket index entries.
114
115       object rm
116              Remove an object.
117
118       object stat
119              Stat an object for its metadata.
120
121       object unlink
122              Unlink object from bucket index.
123
124       object rewrite
125              Rewrite the specified object.
126
127       objects expire
128              Run expired objects cleanup.
129
130       period rm
131              Remove a period.
132
133       period get
134              Get the period info.
135
136       period get-current
137              Get the current period info.
138
139       period pull
140              Pull a period.
141
142       period push
143              Push a period.
144
145       period list
146              List all periods.
147
148       period update
149              Update the staging period.
150
151       period commit
152              Commit the staging period.
153
154       quota set
155              Set quota params.
156
157       quota enable
158              Enable quota.
159
160       quota disable
161              Disable quota.
162
163       global quota get
164              View global quota parameters.
165
166       global quota set
167              Set global quota parameters.
168
169       global quota enable
170              Enable a global quota.
171
172       global quota disable
173              Disable a global quota.
174
175       realm create
176              Create a new realm.
177
178       realm rm
179              Remove a realm.
180
181       realm get
182              Show the realm info.
183
184       realm get-default
185              Get the default realm name.
186
187       realm list
188              List all realms.
189
190       realm list-periods
191              List all realm periods.
192
193       realm rename
194              Rename a realm.
195
196       realm set
197              Set the realm info (requires infile).
198
199       realm default
200              Set the realm as default.
201
202       realm pull
203              Pull a realm and its current period.
204
205       zonegroup add
206              Add a zone to a zonegroup.
207
208       zonegroup create
209              Create a new zone group info.
210
211       zonegroup default
212              Set the default zone group.
213
214       zonegroup rm
215              Remove a zone group info.
216
217       zonegroup get
218              Show the zone group info.
219
220       zonegroup modify
221              Modify an existing zonegroup.
222
223       zonegroup set
224              Set the zone group info (requires infile).
225
226       zonegroup remove
227              Remove a zone from a zonegroup.
228
229       zonegroup rename
230              Rename a zone group.
231
232       zonegroup list
233              List all zone groups set on this cluster.
234
235       zonegroup placement list
236              List zonegroup's placement targets.
237
238       zonegroup placement add
239              Add a placement target id to a zonegroup.
240
241       zonegroup placement modify
242              Modify a placement target of a specific zonegroup.
243
244       zonegroup placement rm
245              Remove a placement target from a zonegroup.
246
247       zonegroup placement default
248              Set a zonegroup's default placement target.
249
250       zone create
251              Create a new zone.
252
253       zone rm
254              Remove a zone.
255
256       zone get
257              Show zone cluster params.
258
259       zone set
260              Set zone cluster params (requires infile).
261
262       zone modify
263              Modify an existing zone.
264
265       zone list
266              List all zones set on this cluster.
267
268       metadata sync status
269              Get metadata sync status.
270
271       metadata sync init
272              Init metadata sync.
273
274       metadata sync run
275              Run metadata sync.
276
277       data sync status
278              Get data sync status of the specified source zone.
279
280       data sync init
281              Init data sync for the specified source zone.
282
283       data sync run
284              Run data sync for the specified source zone.
285
286       sync error list
287              list sync error.
288
289       sync error trim
290              trim sync error.
291
292       zone rename
293              Rename a zone.
294
295       zone placement list
296              List zone's placement targets.
297
298       zone placement add
299              Add a zone placement target.
300
301       zone placement modify
302              Modify a zone placement target.
303
304       zone placement rm
305              Remove a zone placement target.
306
307       pool add
308              Add an existing pool for data placement.
309
310       pool rm
311              Remove an existing pool from data placement set.
312
313       pools list
314              List placement active set.
315
316       policy Display bucket/object policy.
317
318       log list
319              List log objects.
320
321       log show
322              Dump a log from specific object or (bucket + date +  bucket-id).
323              (NOTE:    required    to   specify   formatting   of   date   to
324              "YYYY-MM-DD-hh")
325
326       log rm Remove log object.
327
328       usage show
329              Show the usage information (with optional user and date range).
330
331       usage trim
332              Trim usage information (with optional user and date range).
333
334       gc list
335              Dump expired garbage collection objects  (specify  --include-all
336              to list all entries, including unexpired).
337
338       gc process
339              Manually process garbage.
340
341       lc list
342              List all bucket lifecycle progress.
343
344       lc process
345              Manually process lifecycle.
346
347       metadata get
348              Get metadata info.
349
350       metadata put
351              Put metadata info.
352
353       metadata rm
354              Remove metadata info.
355
356       metadata list
357              List metadata info.
358
359       mdlog list
360              List metadata log.
361
362       mdlog trim
363              Trim metadata log.
364
365       mdlog status
366              Read metadata log status.
367
368       bilog list
369              List bucket index log.
370
371       bilog trim
372              Trim bucket index log (use start-marker, end-marker).
373
374       datalog list
375              List data log.
376
377       datalog trim
378              Trim data log.
379
380       datalog status
381              Read data log status.
382
383       orphans find
384              Init and run search for leaked rados objects
385
386       orphans finish
387              Clean up search for leaked rados objects
388
389       orphans list-jobs
390              List the current job-ids for the orphans search.
391
392       role create
393              create a new AWS role for use with STS.
394
395       role rm
396              Remove a role.
397
398       role get
399              Get a role.
400
401       role list
402              List the roles with specified path prefix.
403
404       role modify
405              Modify the assume role policy of an existing role.
406
407       role-policy put
408              Add/update permission policy to role.
409
410       role-policy list
411              List the policies attached to a role.
412
413       role-policy get
414              Get the specified inline policy document embedded with the given
415              role.
416
417       role-policy rm
418              Remove the policy attached to a role
419
420       reshard add
421              Schedule a resharding of a bucket
422
423       reshard list
424              List all bucket resharding or scheduled to be resharded
425
426       reshard process
427              Process of scheduled reshard jobs
428
429       reshard status
430              Resharding status of a bucket
431
432       reshard cancel
433              Cancel resharding a bucket
434

OPTIONS

436       -c ceph.conf, --conf=ceph.conf
437              Use  ceph.conf  configuration  file  instead  of   the   default
438              /etc/ceph/ceph.conf   to   determine  monitor  addresses  during
439              startup.
440
441       -m monaddress[:port]
442              Connect  to  specified  monitor  (instead  of  looking   through
443              ceph.conf).
444
445       --tenant=<tenant>
446              Name of the tenant.
447
448       --uid=uid
449              The radosgw user ID.
450
451       --subuser=<name>
452              Name of the subuser.
453
454       --access-key=<key>
455              S3 access key.
456
457       --email=email
458              The e-mail address of the user.
459
460       --secret/--secret-key=<key>
461              The secret key.
462
463       --gen-access-key
464              Generate random access key (for S3).
465
466       --gen-secret
467              Generate random secret key.
468
469       --key-type=<type>
470              key type, options are: swift, s3.
471
472       --temp-url-key[-2]=<key>
473              Temporary url key.
474
475       --max-buckets
476              max number of buckets for a user (0 for no limit, negative value
477              to disable bucket creation).  Default is 1000.
478
479       --access=<access>
480              Set the access permissions for the sub-user.   Available  access
481              permissions are read, write, readwrite and full.
482
483       --display-name=<name>
484              The display name of the user.
485
486       --admin
487              Set the admin flag on the user.
488
489       --system
490              Set the system flag on the user.
491
492       --bucket=bucket
493              Specify the bucket name.
494
495       --pool=<pool>
496              Specify the pool name.  Also used with orphans find as data pool
497              to scan for leaked rados objects.
498
499       --object=object
500              Specify the object name.
501
502       --date=yyyy-mm-dd
503              The date in the format yyyy-mm-dd.
504
505       --start-date=yyyy-mm-dd
506              The start date in the format yyyy-mm-dd.
507
508       --end-date=yyyy-mm-dd
509              The end date in the format yyyy-mm-dd.
510
511       --bucket-id=<bucket-id>
512              Specify the bucket id.
513
514       --shard-id=<shard-id>
515              Optional for mdlog list, data sync status.  Required  for  mdlog
516              trim.
517
518       --max-entries=<entries>
519              Optional for listing operations to specify the max entires
520
521       --purge-data
522              When specified, user removal will also purge all the user data.
523
524       --purge-keys
525              When  specified, subuser removal will also purge all the subuser
526              keys.
527
528       --purge-objects
529              When specified, the bucket removal will also purge  all  objects
530              in it.
531
532       --metadata-key=<key>
533              Key to retrieve metadata from with metadata get.
534
535       --remote=<remote>
536              Zone or zonegroup id of remote gateway.
537
538       --period=<id>
539              Period id.
540
541       --url=<url>
542              url for pushing/pulling period or realm.
543
544       --epoch=<number>
545              Period epoch.
546
547       --commit
548              Commit the period during 'period update'.
549
550       --staging
551              Get the staging period info.
552
553       --master
554              Set as master.
555
556       --master-zone=<id>
557              Master zone id.
558
559       --rgw-realm=<name>
560              The realm name.
561
562       --realm-id=<id>
563              The realm id.
564
565       --realm-new-name=<name>
566              New name of realm.
567
568       --rgw-zonegroup=<name>
569              The zonegroup name.
570
571       --zonegroup-id=<id>
572              The zonegroup id.
573
574       --zonegroup-new-name=<name>
575              The new name of the zonegroup.
576
577       --rgw-zone=<zone>
578              Zone in which radosgw is running.
579
580       --zone-id=<id>
581              The zone id.
582
583       --zone-new-name=<name>
584              The new name of the zone.
585
586       --source-zone
587              The source zone for data sync.
588
589       --default
590              Set the entity (realm, zonegroup, zone) as default.
591
592       --read-only
593              Set the zone as read-only when adding to the zonegroup.
594
595       --placement-id
596              Placement id for the zonegroup placement commands.
597
598       --tags=<list>
599              The  list  of  tags  for zonegroup placement add and modify com‐
600              mands.
601
602       --tags-add=<list>
603              The list of tags to add for zonegroup placement modify command.
604
605       --tags-rm=<list>
606              The list of tags to remove for zonegroup placement  modify  com‐
607              mand.
608
609       --endpoints=<list>
610              The zone endpoints.
611
612       --index-pool=<pool>
613              The placement target index pool.
614
615       --data-pool=<pool>
616              The placement target data pool.
617
618       --data-extra-pool=<pool>
619              The placement target data extra (non-ec) pool.
620
621       --placement-index-type=<type>
622              The placement target index type (normal, indexless, or #id).
623
624       --tier-type=<type>
625              The zone tier type.
626
627       --tier-config=<k>=<v>[,...]
628              Set zone tier config keys, values.
629
630       --tier-config-rm=<k>[,...]
631              Unset zone tier config keys.
632
633       --sync-from-all[=false]
634              Set/reset whether zone syncs from all zonegroup peers.
635
636       --sync-from=[zone-name][,...]
637              Set the list of zones to sync from.
638
639       --sync-from-rm=[zone-name][,...]
640              Remove the zones from list of zones to sync from.
641
642       --fix  Besides checking bucket index, will also fix it.
643
644       --check-objects
645              bucket  check: Rebuilds bucket index according to actual objects
646              state.
647
648       --format=<format>
649              Specify output format for certain operations. Supported formats:
650              xml, json.
651
652       --sync-stats
653              Option  for 'user stats' command. When specified, it will update
654              user stats with the current stats  reported  by  user's  buckets
655              indexes.
656
657       --show-log-entries=<flag>
658              Enable/disable dump of log entries on log show.
659
660       --show-log-sum=<flag>
661              Enable/disable dump of log summation on log show.
662
663       --skip-zero-entries
664              Log show only dumps entries that don't have zero value in one of
665              the numeric field.
666
667       --infile
668              Specify a file to read in when setting data.
669
670       --categories=<list>
671              Comma separated list of categories, used in usage show.
672
673       --caps=<caps>
674              List of caps (e.g., "usage=read, write; user=read".
675
676       --compression=<compression-algorithm>
677              Placement target compression algorithm (lz4|snappy|zlib|zstd)
678
679       --yes-i-really-mean-it
680              Required for certain operations.
681
682       --min-rewrite-size
683              Specify the min object size for bucket rewrite (default 4M).
684
685       --max-rewrite-size
686              Specify  the  max  object  size  for  bucket  rewrite   (default
687              ULLONG_MAX).
688
689       --min-rewrite-stripe-size
690              Specify  the  min stripe size for object rewrite (default 0). If
691              the value is set to 0, then the specified object will always  be
692              rewritten for restriping.
693
694       --warnings-only
695              When  specified with bucket limit check, list only buckets near‐
696              ing or over the current max objects per shard value.
697
698       --bypass-gc
699              When specified with bucket deletion, triggers  object  deletions
700              by not involving GC.
701
702       --inconsistent-index
703              When  specified  with bucket deletion and bypass-gc set to true,
704              ignores bucket index consistency.
705

QUOTA OPTIONS

707       --max-objects
708              Specify max objects (negative value to disable).
709
710       --max-size
711              Specify max size (in B/K/M/G/T, negative value to disable).
712
713       --quota-scope
714              The scope of quota (bucket, user).
715

ORPHANS SEARCH OPTIONS

717       --num-shards
718              Number of shards to use for keeping the temporary scan info
719
720       --orphan-stale-secs
721              Number of seconds to wait before declaring an object  to  be  an
722              orphan.  Default is 86400 (24 hours).
723
724       --job-id
725              Set the job id (for orphans find)
726
727       --max-concurrent-ios
728              Maximum concurrent ios for orphans find.  Default is 32.
729

ORPHANS LIST-JOBS OPTIONS

731       --extra-info
732              Provide extra info in the job list.
733

ROLE OPTIONS

735       --role-name
736              The name of the role to create.
737
738       --path The path to the role.
739
740       --assume-role-policy-doc
741              The  trust  relationship  policy  document that grants an entity
742              permission to assume the role.
743
744       --policy-name
745              The name of the policy document.
746
747       --policy-doc
748              The permission policy document.
749
750       --path-prefix
751              The path prefix for filtering the roles.
752

EXAMPLES

754       Generate a new user:
755
756          $ radosgw-admin user create --display-name="johnny rotten" --uid=johnny
757          { "user_id": "johnny",
758            "rados_uid": 0,
759            "display_name": "johnny rotten",
760            "email": "",
761            "suspended": 0,
762            "subusers": [],
763            "keys": [
764                  { "user": "johnny",
765                    "access_key": "TCICW53D9BQ2VGC46I44",
766                    "secret_key": "tfm9aHMI8X76L3UdgE+ZQaJag1vJQmE6HDb5Lbrz"}],
767            "swift_keys": []}
768
769       Remove a user:
770
771          $ radosgw-admin user rm --uid=johnny
772
773       Remove a user and all associated buckets with their contents:
774
775          $ radosgw-admin user rm --uid=johnny --purge-data
776
777       Remove a bucket:
778
779          $ radosgw-admin bucket rm --bucket=foo
780
781       Link bucket to specified user:
782
783          $ radosgw-admin bucket link --bucket=foo --bucket_id=<bucket id> --uid=johnny
784
785       Unlink bucket from specified user:
786
787          $ radosgw-admin bucket unlink --bucket=foo --uid=johnny
788
789       Show the logs of a bucket from April 1st, 2012:
790
791          $ radosgw-admin log show --bucket=foo --date=2012-04-01-01 --bucket-id=default.14193.1
792
793       Show usage information for user from March 1st to (but  not  including)
794       April 1st, 2012:
795
796          $ radosgw-admin usage show --uid=johnny \
797                          --start-date=2012-03-01 --end-date=2012-04-01
798
799       Show only summary of usage information for all users:
800
801          $ radosgw-admin usage show --show-log-entries=false
802
803       Trim usage information for user until March 1st, 2012:
804
805          $ radosgw-admin usage trim --uid=johnny --end-date=2012-04-01
806

AVAILABILITY

808       radosgw-admin  is part of Ceph, a massively scalable, open-source, dis‐
809       tributed storage system.  Please refer to  the  Ceph  documentation  at
810       http://ceph.com/docs for more information.
811

SEE ALSO

813       ceph(8) radosgw(8)
814
816       2010-2020,  Inktank Storage, Inc. and contributors. Licensed under Cre‐
817       ative Commons Attribution Share Alike 3.0 (CC-BY-SA-3.0)
818
819
820
821
822dev                              Apr 21, 2020                 RADOSGW-ADMIN(8)
Impressum