1RADOSGW-ADMIN(8) Ceph RADOSGW-ADMIN(8)
2
6 radosgw-admin - rados REST gateway user administration utility
7
9 radosgw-admin command [ options ... ]
10
13 radosgw-admin is a RADOS gateway user administration utility. It allows
14 creating and modifying users.
15
17 radosgw-admin utility uses many commands for administration purpose
18 which are as follows:
19 user create
21 Create a new user.
22 user modify
24 Modify a user.
25 user info
27 Display information of a user, and any potentially available
28 subusers and keys.
29 user rm
31 Remove a user.
32 user suspend
34 Suspend a user.
35 user enable
37 Re-enable user after suspension.
38 user check
40 Check user info.
41 user stats
43 Show user stats as accounted by quota subsystem.
44 user list
46 List all users.
47 caps add
49 Add user capabilities.
50 caps rm
52 Remove user capabilities.
53 subuser create
55 Create a new subuser (primarily useful for clients using the
56 Swift API).
57 subuser modify
59 Modify a subuser.
60 subuser rm
62 Remove a subuser.
63 key create
65 Create access key.
66 key rm Remove access key.
68 bucket list
70 List buckets, or, if bucket specified with --bucket=<bucket>,
71 list its objects. If bucket specified adding --allow-unordered
72 removes ordering requirement, possibly generating results more
73 quickly in buckets with large number of objects.
74 bucket limit check
76 Show bucket sharding stats.
77 bucket link
79 Link bucket to specified user.
80 bucket unlink
82 Unlink bucket from specified user.
83 bucket stats
85 Returns bucket statistics.
86 bucket rm
88 Remove a bucket.
89 bucket check
91 Check bucket index.
92 bucket rewrite
94 Rewrite all objects in the specified bucket.
95 bucket reshard
97 Reshard a bucket.
98 bucket sync disable
100 Disable bucket sync.
101 bucket sync enable
103 Enable bucket sync.
104 bi get Retrieve bucket index object entries.
106 bi put Store bucket index object entries.
108 bi list
110 List raw bucket index entries.
111 bi purge
113 Purge bucket index entries.
114 object rm
116 Remove an object.
117 object stat
119 Stat an object for its metadata.
120 object unlink
122 Unlink object from bucket index.
123 object rewrite
125 Rewrite the specified object.
126 objects expire
128 Run expired objects cleanup.
129 period rm
131 Remove a period.
132 period get
134 Get the period info.
135 period get-current
137 Get the current period info.
138 period pull
140 Pull a period.
141 period push
143 Push a period.
144 period list
146 List all periods.
147 period update
149 Update the staging period.
150 period commit
152 Commit the staging period.
153 quota set
155 Set quota params.
156 quota enable
158 Enable quota.
159 quota disable
161 Disable quota.
162 global quota get
164 View global quota parameters.
165 global quota set
167 Set global quota parameters.
168 global quota enable
170 Enable a global quota.
171 global quota disable
173 Disable a global quota.
174 realm create
176 Create a new realm.
177 realm rm
179 Remove a realm.
180 realm get
182 Show the realm info.
183 realm get-default
185 Get the default realm name.
186 realm list
188 List all realms.
189 realm list-periods
191 List all realm periods.
192 realm rename
194 Rename a realm.
195 realm set
197 Set the realm info (requires infile).
198 realm default
200 Set the realm as default.
201 realm pull
203 Pull a realm and its current period.
204 zonegroup add
206 Add a zone to a zonegroup.
207 zonegroup create
209 Create a new zone group info.
210 zonegroup default
212 Set the default zone group.
213 zonegroup rm
215 Remove a zone group info.
216 zonegroup get
218 Show the zone group info.
219 zonegroup modify
221 Modify an existing zonegroup.
222 zonegroup set
224 Set the zone group info (requires infile).
225 zonegroup remove
227 Remove a zone from a zonegroup.
228 zonegroup rename
230 Rename a zone group.
231 zonegroup list
233 List all zone groups set on this cluster.
234 zonegroup placement list
236 List zonegroup's placement targets.
237 zonegroup placement add
239 Add a placement target id to a zonegroup.
240 zonegroup placement modify
242 Modify a placement target of a specific zonegroup.
243 zonegroup placement rm
245 Remove a placement target from a zonegroup.
246 zonegroup placement default
248 Set a zonegroup's default placement target.
249 zone create
251 Create a new zone.
252 zone rm
254 Remove a zone.
255 zone get
257 Show zone cluster params.
258 zone set
260 Set zone cluster params (requires infile).
261 zone modify
263 Modify an existing zone.
264 zone list
266 List all zones set on this cluster.
267 metadata sync status
269 Get metadata sync status.
270 metadata sync init
272 Init metadata sync.
273 metadata sync run
275 Run metadata sync.
276 data sync status
278 Get data sync status of the specified source zone.
279 data sync init
281 Init data sync for the specified source zone.
282 data sync run
284 Run data sync for the specified source zone.
285 sync error list
287 list sync error.
288 sync error trim
290 trim sync error.
291 zone rename
293 Rename a zone.
294 zone placement list
296 List zone's placement targets.
297 zone placement add
299 Add a zone placement target.
300 zone placement modify
302 Modify a zone placement target.
303 zone placement rm
305 Remove a zone placement target.
306 pool add
308 Add an existing pool for data placement.
309 pool rm
311 Remove an existing pool from data placement set.
312 pools list
314 List placement active set.
315 policy Display bucket/object policy.
317 log list
319 List log objects.
320 log show
322 Dump a log from specific object or (bucket + date + bucket-id).
323 (NOTE: required to specify formatting of date to
324 "YYYY-MM-DD-hh")
325 log rm Remove log object.
327 usage show
329 Show the usage information (with optional user and date range).
330 usage trim
332 Trim usage information (with optional user and date range).
333 gc list
335 Dump expired garbage collection objects (specify --include-all
336 to list all entries, including unexpired).
337 gc process
339 Manually process garbage.
340 lc list
342 List all bucket lifecycle progress.
343 lc process
345 Manually process lifecycle.
346 metadata get
348 Get metadata info.
349 metadata put
351 Put metadata info.
352 metadata rm
354 Remove metadata info.
355 metadata list
357 List metadata info.
358 mdlog list
360 List metadata log.
361 mdlog trim
363 Trim metadata log.
364 mdlog status
366 Read metadata log status.
367 bilog list
369 List bucket index log.
370 bilog trim
372 Trim bucket index log (use start-marker, end-marker).
373 datalog list
375 List data log.
376 datalog trim
378 Trim data log.
379 datalog status
381 Read data log status.
382 orphans find
384 Init and run search for leaked rados objects
385 orphans finish
387 Clean up search for leaked rados objects
388 orphans list-jobs
390 List the current job-ids for the orphans search.
391 role create
393 create a new AWS role for use with STS.
394 role rm
396 Remove a role.
397 role get
399 Get a role.
400 role list
402 List the roles with specified path prefix.
403 role modify
405 Modify the assume role policy of an existing role.
406 role-policy put
408 Add/update permission policy to role.
409 role-policy list
411 List the policies attached to a role.
412 role-policy get
414 Get the specified inline policy document embedded with the given
415 role.
416 role-policy rm
418 Remove the policy attached to a role
419 reshard add
421 Schedule a resharding of a bucket
422 reshard list
424 List all bucket resharding or scheduled to be resharded
425 reshard process
427 Process of scheduled reshard jobs
428 reshard status
430 Resharding status of a bucket
431 reshard cancel
433 Cancel resharding a bucket
434
436 -c ceph.conf, --conf=ceph.conf
437 Use ceph.conf configuration file instead of the default
438 /etc/ceph/ceph.conf to determine monitor addresses during
439 startup.
440 -m monaddress[:port]
442 Connect to specified monitor (instead of looking through
443 ceph.conf).
444 --tenant=<tenant>
446 Name of the tenant.
447 --uid=uid
449 The radosgw user ID.
450 --subuser=<name>
452 Name of the subuser.
453 --access-key=<key>
455 S3 access key.
456 --email=email
458 The e-mail address of the user.
459 --secret/--secret-key=<key>
461 The secret key.
462 --gen-access-key
464 Generate random access key (for S3).
465 --gen-secret
467 Generate random secret key.
468 --key-type=<type>
470 key type, options are: swift, s3.
471 --temp-url-key[-2]=<key>
473 Temporary url key.
474 --max-buckets
476 max number of buckets for a user (0 for no limit, negative value
477 to disable bucket creation). Default is 1000.
478 --access=<access>
480 Set the access permissions for the sub-user. Available access
481 permissions are read, write, readwrite and full.
482 --display-name=<name>
484 The display name of the user.
485 --admin
487 Set the admin flag on the user.
488 --system
490 Set the system flag on the user.
491 --bucket=bucket
493 Specify the bucket name.
494 --pool=<pool>
496 Specify the pool name. Also used with orphans find as data pool
497 to scan for leaked rados objects.
498 --object=object
500 Specify the object name.
501 --date=yyyy-mm-dd
503 The date in the format yyyy-mm-dd.
504 --start-date=yyyy-mm-dd
506 The start date in the format yyyy-mm-dd.
507 --end-date=yyyy-mm-dd
509 The end date in the format yyyy-mm-dd.
510 --bucket-id=<bucket-id>
512 Specify the bucket id.
513 --shard-id=<shard-id>
515 Optional for mdlog list, data sync status. Required for mdlog
516 trim.
517 --max-entries=<entries>
519 Optional for listing operations to specify the max entires
520 --purge-data
522 When specified, user removal will also purge all the user data.
523 --purge-keys
525 When specified, subuser removal will also purge all the subuser
526 keys.
527 --purge-objects
529 When specified, the bucket removal will also purge all objects
530 in it.
531 --metadata-key=<key>
533 Key to retrieve metadata from with metadata get.
534 --remote=<remote>
536 Zone or zonegroup id of remote gateway.
537 --period=<id>
539 Period id.
540 --url=<url>
542 url for pushing/pulling period or realm.
543 --epoch=<number>
545 Period epoch.
546 --commit
548 Commit the period during 'period update'.
549 --staging
551 Get the staging period info.
552 --master
554 Set as master.
555 --master-zone=<id>
557 Master zone id.
558 --rgw-realm=<name>
560 The realm name.
561 --realm-id=<id>
563 The realm id.
564 --realm-new-name=<name>
566 New name of realm.
567 --rgw-zonegroup=<name>
569 The zonegroup name.
570 --zonegroup-id=<id>
572 The zonegroup id.
573 --zonegroup-new-name=<name>
575 The new name of the zonegroup.
576 --rgw-zone=<zone>
578 Zone in which radosgw is running.
579 --zone-id=<id>
581 The zone id.
582 --zone-new-name=<name>
584 The new name of the zone.
585 --source-zone
587 The source zone for data sync.
588 --default
590 Set the entity (realm, zonegroup, zone) as default.
591 --read-only
593 Set the zone as read-only when adding to the zonegroup.
594 --placement-id
596 Placement id for the zonegroup placement commands.
597 --tags=<list>
599 The list of tags for zonegroup placement add and modify com‐
600 mands.
601 --tags-add=<list>
603 The list of tags to add for zonegroup placement modify command.
604 --tags-rm=<list>
606 The list of tags to remove for zonegroup placement modify com‐
607 mand.
608 --endpoints=<list>
610 The zone endpoints.
611 --index-pool=<pool>
613 The placement target index pool.
614 --data-pool=<pool>
616 The placement target data pool.
617 --data-extra-pool=<pool>
619 The placement target data extra (non-ec) pool.
620 --placement-index-type=<type>
622 The placement target index type (normal, indexless, or #id).
623 --tier-type=<type>
625 The zone tier type.
626 --tier-config=<k>=<v>[,...]
628 Set zone tier config keys, values.
629 --tier-config-rm=<k>[,...]
631 Unset zone tier config keys.
632 --sync-from-all[=false]
634 Set/reset whether zone syncs from all zonegroup peers.
635 --sync-from=[zone-name][,...]
637 Set the list of zones to sync from.
638 --sync-from-rm=[zone-name][,...]
640 Remove the zones from list of zones to sync from.
641 --fix Besides checking bucket index, will also fix it.
643 --check-objects
645 bucket check: Rebuilds bucket index according to actual objects
646 state.
647 --format=<format>
649 Specify output format for certain operations. Supported formats:
650 xml, json.
651 --sync-stats
653 Option for 'user stats' command. When specified, it will update
654 user stats with the current stats reported by user's buckets
655 indexes.
656 --show-log-entries=<flag>
658 Enable/disable dump of log entries on log show.
659 --show-log-sum=<flag>
661 Enable/disable dump of log summation on log show.
662 --skip-zero-entries
664 Log show only dumps entries that don't have zero value in one of
665 the numeric field.
666 --infile
668 Specify a file to read in when setting data.
669 --categories=<list>
671 Comma separated list of categories, used in usage show.
672 --caps=<caps>
674 List of caps (e.g., "usage=read, write; user=read".
675 --compression=<compression-algorithm>
677 Placement target compression algorithm (lz4|snappy|zlib|zstd)
678 --yes-i-really-mean-it
680 Required for certain operations.
681 --min-rewrite-size
683 Specify the min object size for bucket rewrite (default 4M).
684 --max-rewrite-size
686 Specify the max object size for bucket rewrite (default
687 ULLONG_MAX).
688 --min-rewrite-stripe-size
690 Specify the min stripe size for object rewrite (default 0). If
691 the value is set to 0, then the specified object will always be
692 rewritten for restriping.
693 --warnings-only
695 When specified with bucket limit check, list only buckets near‐
696 ing or over the current max objects per shard value.
697 --bypass-gc
699 When specified with bucket deletion, triggers object deletions
700 by not involving GC.
701 --inconsistent-index
703 When specified with bucket deletion and bypass-gc set to true,
704 ignores bucket index consistency.
705
707 --max-objects
708 Specify max objects (negative value to disable).
709 --max-size
711 Specify max size (in B/K/M/G/T, negative value to disable).
712 --quota-scope
714 The scope of quota (bucket, user).
715
717 --num-shards
718 Number of shards to use for keeping the temporary scan info
719 --orphan-stale-secs
721 Number of seconds to wait before declaring an object to be an
722 orphan. Default is 86400 (24 hours).
723 --job-id
725 Set the job id (for orphans find)
726 --max-concurrent-ios
728 Maximum concurrent ios for orphans find. Default is 32.
729
731 --extra-info
732 Provide extra info in the job list.
733
735 --role-name
736 The name of the role to create.
737 --path The path to the role.
739 --assume-role-policy-doc
741 The trust relationship policy document that grants an entity
742 permission to assume the role.
743 --policy-name
745 The name of the policy document.
746 --policy-doc
748 The permission policy document.
749 --path-prefix
751 The path prefix for filtering the roles.
752
754 Generate a new user:
755 $ radosgw-admin user create --display-name="johnny rotten" --uid=johnny
757 { "user_id": "johnny",
758 "rados_uid": 0,
759 "display_name": "johnny rotten",
760 "email": "",
761 "suspended": 0,
762 "subusers": [],
763 "keys": [
764 { "user": "johnny",
765 "access_key": "TCICW53D9BQ2VGC46I44",
766 "secret_key": "tfm9aHMI8X76L3UdgE+ZQaJag1vJQmE6HDb5Lbrz"}],
767 "swift_keys": []}
768 Remove a user:
770 $ radosgw-admin user rm --uid=johnny
772 Remove a user and all associated buckets with their contents:
774 $ radosgw-admin user rm --uid=johnny --purge-data
776 Remove a bucket:
778 $ radosgw-admin bucket rm --bucket=foo
780 Link bucket to specified user:
782 $ radosgw-admin bucket link --bucket=foo --bucket_id=<bucket id> --uid=johnny
784 Unlink bucket from specified user:
786 $ radosgw-admin bucket unlink --bucket=foo --uid=johnny
788 Show the logs of a bucket from April 1st, 2012:
790 $ radosgw-admin log show --bucket=foo --date=2012-04-01-01 --bucket-id=default.14193.1
792 Show usage information for user from March 1st to (but not including)
794 April 1st, 2012:
795 $ radosgw-admin usage show --uid=johnny \
797 --start-date=2012-03-01 --end-date=2012-04-01
798 Show only summary of usage information for all users:
800 $ radosgw-admin usage show --show-log-entries=false
802 Trim usage information for user until March 1st, 2012:
804 $ radosgw-admin usage trim --uid=johnny --end-date=2012-04-01
806
808 radosgw-admin is part of Ceph, a massively scalable, open-source, dis‐
809 tributed storage system. Please refer to the Ceph documentation at
810 http://ceph.com/docs for more information.
811
813 ceph(8) radosgw(8)
814
816 2010-2020, Inktank Storage, Inc. and contributors. Licensed under Cre‐
817 ative Commons Attribution Share Alike 3.0 (CC-BY-SA-3.0)
818dev Apr 21, 2020 RADOSGW-ADMIN(8)