Ceph rgw 处理上传文件读取不了的问题

一、测试过程
1、设置bucket类型为public-read 或者为public-reda-write的存储桶。

下面这里建了一个public-read的存储桶，其中ACL: anon: READ 表示该存储桶的访问类型为public-read

类型。

root@control1 ~]# s3cmd info s3://test1111
s3://test1111/ (bucket):
   Location:  cn
   Payer:     BucketOwner
   Expiration Rule: none
   Policy:    none
   CORS:      none
   ACL:       *anon*: READ
   ACL:       admin: FULL_CONTROL
   URL:       http://10.110.101.30:8080/test1111/

2、向该存储桶上传文件。并查看对象的权限。

[root@control1 ~]# s3cmd info s3://test1111/15690311636958128.jpg
s3://test1111/15690311636958128.jpg (object):
   File size: 34790
   Last mod:  Tue, 02 Jun 2020 06:05:10 GMT
   MIME type: application/octet-stream
   Storage:   STANDARD
   MD5 sum:   dcd6cadab3c9718b0a914424048364ac
   SSE:       none
   Policy:    none
   CORS:      none
   ACL:       admin: FULL_CONTROL

3、打开浏览器，打开console,输入以下代码，进行访问测试

var xhr = new XMLHttpRequest();
xhr.open('GET', 'http://10.110.101.30:8080/test1111/15690311636958128.jpg');
xhr.send(null);
xhr.onload = function(e) {
    var xhr = e.target;
    console.log(xhr.responseText);
}

#######
Access to XMLHttpRequest at 'http://10.110.101.30:8080/test1111/15690311636958128.jpg' from origin 'chrome-search://local-ntp' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

执行回车，结果如下：

4、设置CORS规则

# 编辑cors规则
[root@control1 ~]# cat cors.xml
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>DELETE</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>GET</AllowedMethod>
<AllowedOrigin>*</AllowedOrigin>
<AllowedHeader>*</AllowedHeader>
<ExposeHeader>ETag</ExposeHeader>
</CORSRule>
</CORSConfiguration>


# 设置cor规则
[root@control1 ~]# s3cmd setcors cors.xml s3://test1111

#查看存储桶的COR规则
[root@control1 ~]# s3cmd info s3://test1111
s3://test1111/ (bucket):
   Location:  cn
   Payer:     BucketOwner
   Expiration Rule: none
   Policy:    none
   CORS:      <CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><CORSRule><AllowedMethod>GET</AllowedMethod><AllowedMethod>PUT</AllowedMethod><AllowedMethod>DELETE</AllowedMethod><AllowedMethod>POST</AllowedMethod><AllowedOrigin>*</AllowedOrigin><AllowedHeader>*</AllowedHeader><ExposeHeader>ETag</ExposeHeader></CORSRule></CORSConfiguration>
   ACL:       *anon*: READ
   ACL:       admin: FULL_CONTROL
   URL:       http://10.110.101.30:8080/test1111/

# 查看object的规则
[root@control1 ~]# s3cmd info  s3://test1111/15690311636958128.jpg
s3://test1111/15690311636958128.jpg (object):
   File size: 34790
   Last mod:  Tue, 02 Jun 2020 06:05:10 GMT
   MIME type: application/octet-stream
   Storage:   STANDARD
   MD5 sum:   dcd6cadab3c9718b0a914424048364ac
   SSE:       none
   Policy:    none
   CORS:      <CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><CORSRule><AllowedMethod>GET</AllowedMethod><AllowedMethod>PUT</AllowedMethod><AllowedMethod>DELETE</AllowedMethod><AllowedMethod>POST</AllowedMethod><AllowedOrigin>*</AllowedOrigin><AllowedHeader>*</AllowedHeader><ExposeHeader>ETag</ExposeHeader></CORSRule></CORSConfiguration>
   ACL:       admin: FULL_CONTROL

5、访问测试

看上图还是不能访问，提示accessdenied

例如我的操作 我们需要给对象设置为任何人都可以读取

# 将object的acl规则设置为public-read
[root@control1 ~]# s3cmd setacl  -P  s3://test1111/15690311636958128.jpg
s3://test1111/15690311636958128.jpg: ACL set to Public  [1 of 1]

# 查看对象相关的变量信息
[root@control1 ~]# s3cmd info  s3://test1111/15690311636958128.jpg
s3://test1111/15690311636958128.jpg (object):
   File size: 34790
   Last mod:  Tue, 02 Jun 2020 06:27:11 GMT
   MIME type: application/octet-stream
   Storage:   STANDARD
   MD5 sum:   dcd6cadab3c9718b0a914424048364ac
   SSE:       none
   Policy:    none
   CORS:      GETPUTDELETEPOST**ETag
   ACL:       *anon*: READ
   ACL:       admin: FULL_CONTROL
   URL:       http://10.110.101.30:8080/test1111/15690311636958128.jpg