3 =================================================================
4 radosgw-admin -- rados REST gateway user administration utility
5 =================================================================
7 .. program:: radosgw-admin
12 | **radosgw-admin** *command* [ *options* *...* ]
18 :program:`radosgw-admin` is a RADOS gateway user administration utility. It
19 allows creating and modifying users.
25 :program:`radosgw-admin` utility uses many commands for administration purpose
28 :command:`user create`
31 :command:`user modify`
35 Display information of a user, and any potentially available
41 :command:`user suspend`
44 :command:`user enable`
45 Re-enable user after suspension.
51 Show user stats as accounted by quota subsystem.
57 Add user capabilities.
60 Remove user capabilities.
62 :command:`subuser create`
63 Create a new subuser (primarily useful for clients using the Swift API).
65 :command:`subuser modify`
77 :command:`bucket list`
78 List buckets, or, if bucket specified with --bucket=<bucket>,
79 list its objects. If bucket specified adding --allow-unordered
80 removes ordering requirement, possibly generating results more
81 quickly in buckets with large number of objects.
83 :command:`bucket limit check`
84 Show bucket sharding stats.
86 :command:`bucket link`
87 Link bucket to specified user.
89 :command:`bucket unlink`
90 Unlink bucket from specified user.
92 :command:`bucket stats`
93 Returns bucket statistics.
98 :command:`bucket check`
101 :command:`bucket rewrite`
102 Rewrite all objects in the specified bucket.
104 :command:`bucket reshard`
107 :command:`bucket sync disable`
110 :command:`bucket sync enable`
114 Retrieve bucket index object entries.
117 Store bucket index object entries.
120 List raw bucket index entries.
123 Purge bucket index entries.
128 :command:`object stat`
129 Stat an object for its metadata.
131 :command:`object unlink`
132 Unlink object from bucket index.
134 :command:`object rewrite`
135 Rewrite the specified object.
137 :command:`objects expire`
138 Run expired objects cleanup.
143 :command:`period get`
146 :command:`period get-current`
147 Get the current period info.
149 :command:`period pull`
152 :command:`period push`
155 :command:`period list`
158 :command:`period update`
159 Update the staging period.
161 :command:`period commit`
162 Commit the staging period.
167 :command:`quota enable`
170 :command:`quota disable`
173 :command:`global quota get`
174 View global quota parameters.
176 :command:`global quota set`
177 Set global quota parameters.
179 :command:`global quota enable`
180 Enable a global quota.
182 :command:`global quota disable`
183 Disable a global quota.
185 :command:`realm create`
194 :command:`realm get-default`
195 Get the default realm name.
197 :command:`realm list`
200 :command:`realm list-periods`
201 List all realm periods.
203 :command:`realm rename`
207 Set the realm info (requires infile).
209 :command:`realm default`
210 Set the realm as default.
212 :command:`realm pull`
213 Pull a realm and its current period.
215 :command:`zonegroup add`
216 Add a zone to a zonegroup.
218 :command:`zonegroup create`
219 Create a new zone group info.
221 :command:`zonegroup default`
222 Set the default zone group.
224 :command:`zonegroup rm`
225 Remove a zone group info.
227 :command:`zonegroup get`
228 Show the zone group info.
230 :command:`zonegroup modify`
231 Modify an existing zonegroup.
233 :command:`zonegroup set`
234 Set the zone group info (requires infile).
236 :command:`zonegroup remove`
237 Remove a zone from a zonegroup.
239 :command:`zonegroup rename`
242 :command:`zonegroup list`
243 List all zone groups set on this cluster.
245 :command:`zonegroup placement list`
246 List zonegroup's placement targets.
248 :command:`zonegroup placement add`
249 Add a placement target id to a zonegroup.
251 :command:`zonegroup placement modify`
252 Modify a placement target of a specific zonegroup.
254 :command:`zonegroup placement rm`
255 Remove a placement target from a zonegroup.
257 :command:`zonegroup placement default`
258 Set a zonegroup's default placement target.
260 :command:`zone create`
267 Show zone cluster params.
270 Set zone cluster params (requires infile).
272 :command:`zone modify`
273 Modify an existing zone.
276 List all zones set on this cluster.
278 :command:`metadata sync status`
279 Get metadata sync status.
281 :command:`metadata sync init`
284 :command:`metadata sync run`
287 :command:`data sync status`
288 Get data sync status of the specified source zone.
290 :command:`data sync init`
291 Init data sync for the specified source zone.
293 :command:`data sync run`
294 Run data sync for the specified source zone.
296 :command:`sync error list`
299 :command:`sync error trim`
302 :command:`zone rename`
305 :command:`zone placement list`
306 List zone's placement targets.
308 :command:`zone placement add`
309 Add a zone placement target.
311 :command:`zone placement modify`
312 Modify a zone placement target.
314 :command:`zone placement rm`
315 Remove a zone placement target.
318 Add an existing pool for data placement.
321 Remove an existing pool from data placement set.
323 :command:`pools list`
324 List placement active set.
327 Display bucket/object policy.
333 Dump a log from specific object or (bucket + date + bucket-id).
334 (NOTE: required to specify formatting of date to "YYYY-MM-DD-hh")
339 :command:`usage show`
340 Show the usage information (with optional user and date range).
342 :command:`usage trim`
343 Trim usage information (with optional user and date range).
346 Dump expired garbage collection objects (specify --include-all to list all
347 entries, including unexpired).
349 :command:`gc process`
350 Manually process garbage.
353 List all bucket lifecycle progress.
355 :command:`lc process`
356 Manually process lifecycle.
358 :command:`metadata get`
361 :command:`metadata put`
364 :command:`metadata rm`
365 Remove metadata info.
367 :command:`metadata list`
370 :command:`mdlog list`
373 :command:`mdlog trim`
376 :command:`mdlog status`
377 Read metadata log status.
379 :command:`bilog list`
380 List bucket index log.
382 :command:`bilog trim`
383 Trim bucket index log (use start-marker, end-marker).
385 :command:`datalog list`
388 :command:`datalog trim`
391 :command:`datalog status`
392 Read data log status.
394 :command:`orphans find`
395 Init and run search for leaked rados objects
397 :command:`orphans finish`
398 Clean up search for leaked rados objects
400 :command:`orphans list-jobs`
401 List the current job-ids for the orphans search.
403 :command:`role create`
404 create a new AWS role for use with STS.
413 List the roles with specified path prefix.
415 :command:`role modify`
416 Modify the assume role policy of an existing role.
418 :command:`role-policy put`
419 Add/update permission policy to role.
421 :command:`role-policy list`
422 List the policies attached to a role.
424 :command:`role-policy get`
425 Get the specified inline policy document embedded with the given role.
427 :command:`role-policy rm`
428 Remove the policy attached to a role
430 :command:`reshard add`
431 Schedule a resharding of a bucket
433 :command:`reshard list`
434 List all bucket resharding or scheduled to be resharded
436 :command:`reshard process`
437 Process of scheduled reshard jobs
439 :command:`reshard status`
440 Resharding status of a bucket
442 :command:`reshard cancel`
443 Cancel resharding a bucket
448 .. option:: -c ceph.conf, --conf=ceph.conf
450 Use ``ceph.conf`` configuration file instead of the default
451 ``/etc/ceph/ceph.conf`` to determine monitor addresses during
454 .. option:: -m monaddress[:port]
456 Connect to specified monitor (instead of looking through ceph.conf).
458 .. option:: --tenant=<tenant>
462 .. option:: --uid=uid
466 .. option:: --subuser=<name>
470 .. option:: --access-key=<key>
474 .. option:: --email=email
476 The e-mail address of the user.
478 .. option:: --secret/--secret-key=<key>
482 .. option:: --gen-access-key
484 Generate random access key (for S3).
486 .. option:: --gen-secret
488 Generate random secret key.
490 .. option:: --key-type=<type>
492 key type, options are: swift, s3.
494 .. option:: --temp-url-key[-2]=<key>
498 .. option:: --max-buckets
500 max number of buckets for a user (0 for no limit, negative value to disable bucket creation).
503 .. option:: --access=<access>
505 Set the access permissions for the sub-user.
506 Available access permissions are read, write, readwrite and full.
508 .. option:: --display-name=<name>
510 The display name of the user.
514 Set the admin flag on the user.
518 Set the system flag on the user.
520 .. option:: --bucket=bucket
522 Specify the bucket name.
524 .. option:: --pool=<pool>
526 Specify the pool name.
527 Also used with `orphans find` as data pool to scan for leaked rados objects.
529 .. option:: --object=object
531 Specify the object name.
533 .. option:: --date=yyyy-mm-dd
535 The date in the format yyyy-mm-dd.
537 .. option:: --start-date=yyyy-mm-dd
539 The start date in the format yyyy-mm-dd.
541 .. option:: --end-date=yyyy-mm-dd
543 The end date in the format yyyy-mm-dd.
545 .. option:: --bucket-id=<bucket-id>
547 Specify the bucket id.
549 .. option:: --shard-id=<shard-id>
551 Optional for mdlog list, data sync status. Required for ``mdlog trim``.
553 .. option:: --max-entries=<entries>
555 Optional for listing operations to specify the max entires
557 .. option:: --purge-data
559 When specified, user removal will also purge all the user data.
561 .. option:: --purge-keys
563 When specified, subuser removal will also purge all the subuser keys.
565 .. option:: --purge-objects
567 When specified, the bucket removal will also purge all objects in it.
569 .. option:: --metadata-key=<key>
571 Key to retrieve metadata from with ``metadata get``.
573 .. option:: --remote=<remote>
575 Zone or zonegroup id of remote gateway.
577 .. option:: --period=<id>
581 .. option:: --url=<url>
583 url for pushing/pulling period or realm.
585 .. option:: --epoch=<number>
591 Commit the period during 'period update'.
593 .. option:: --staging
595 Get the staging period info.
601 .. option:: --master-zone=<id>
605 .. option:: --rgw-realm=<name>
609 .. option:: --realm-id=<id>
613 .. option:: --realm-new-name=<name>
617 .. option:: --rgw-zonegroup=<name>
621 .. option:: --zonegroup-id=<id>
625 .. option:: --zonegroup-new-name=<name>
627 The new name of the zonegroup.
629 .. option:: --rgw-zone=<zone>
631 Zone in which radosgw is running.
633 .. option:: --zone-id=<id>
637 .. option:: --zone-new-name=<name>
639 The new name of the zone.
641 .. option:: --source-zone
643 The source zone for data sync.
645 .. option:: --default
647 Set the entity (realm, zonegroup, zone) as default.
649 .. option:: --read-only
651 Set the zone as read-only when adding to the zonegroup.
653 .. option:: --placement-id
655 Placement id for the zonegroup placement commands.
657 .. option:: --tags=<list>
659 The list of tags for zonegroup placement add and modify commands.
661 .. option:: --tags-add=<list>
663 The list of tags to add for zonegroup placement modify command.
665 .. option:: --tags-rm=<list>
667 The list of tags to remove for zonegroup placement modify command.
669 .. option:: --endpoints=<list>
673 .. option:: --index-pool=<pool>
675 The placement target index pool.
677 .. option:: --data-pool=<pool>
679 The placement target data pool.
681 .. option:: --data-extra-pool=<pool>
683 The placement target data extra (non-ec) pool.
685 .. option:: --placement-index-type=<type>
687 The placement target index type (normal, indexless, or #id).
689 .. option:: --tier-type=<type>
693 .. option:: --tier-config=<k>=<v>[,...]
695 Set zone tier config keys, values.
697 .. option:: --tier-config-rm=<k>[,...]
699 Unset zone tier config keys.
701 .. option:: --sync-from-all[=false]
703 Set/reset whether zone syncs from all zonegroup peers.
705 .. option:: --sync-from=[zone-name][,...]
707 Set the list of zones to sync from.
709 .. option:: --sync-from-rm=[zone-name][,...]
711 Remove the zones from list of zones to sync from.
715 Besides checking bucket index, will also fix it.
717 .. option:: --check-objects
719 bucket check: Rebuilds bucket index according to actual objects state.
721 .. option:: --format=<format>
723 Specify output format for certain operations. Supported formats: xml, json.
725 .. option:: --sync-stats
727 Option for 'user stats' command. When specified, it will update user stats with
728 the current stats reported by user's buckets indexes.
730 .. option:: --show-log-entries=<flag>
732 Enable/disable dump of log entries on log show.
734 .. option:: --show-log-sum=<flag>
736 Enable/disable dump of log summation on log show.
738 .. option:: --skip-zero-entries
740 Log show only dumps entries that don't have zero value in one of the numeric
745 Specify a file to read in when setting data.
747 .. option:: --categories=<list>
749 Comma separated list of categories, used in usage show.
751 .. option:: --caps=<caps>
753 List of caps (e.g., "usage=read, write; user=read".
755 .. option:: --compression=<compression-algorithm>
757 Placement target compression algorithm (lz4|snappy|zlib|zstd)
759 .. option:: --yes-i-really-mean-it
761 Required for certain operations.
763 .. option:: --min-rewrite-size
765 Specify the min object size for bucket rewrite (default 4M).
767 .. option:: --max-rewrite-size
769 Specify the max object size for bucket rewrite (default ULLONG_MAX).
771 .. option:: --min-rewrite-stripe-size
773 Specify the min stripe size for object rewrite (default 0). If the value
774 is set to 0, then the specified object will always be
775 rewritten for restriping.
777 .. option:: --warnings-only
779 When specified with bucket limit check,
780 list only buckets nearing or over the current max objects per shard value.
782 .. option:: --bypass-gc
784 When specified with bucket deletion,
785 triggers object deletions by not involving GC.
787 .. option:: --inconsistent-index
789 When specified with bucket deletion and bypass-gc set to true,
790 ignores bucket index consistency.
795 .. option:: --max-objects
797 Specify max objects (negative value to disable).
799 .. option:: --max-size
801 Specify max size (in B/K/M/G/T, negative value to disable).
803 .. option:: --quota-scope
805 The scope of quota (bucket, user).
808 Orphans Search Options
809 ======================
811 .. option:: --num-shards
813 Number of shards to use for keeping the temporary scan info
815 .. option:: --orphan-stale-secs
817 Number of seconds to wait before declaring an object to be an orphan.
818 Default is 86400 (24 hours).
822 Set the job id (for orphans find)
824 .. option:: --max-concurrent-ios
826 Maximum concurrent ios for orphans find.
830 Orphans list-jobs options
831 =========================
833 .. option:: --extra-info
835 Provide extra info in the job list.
841 .. option:: --role-name
843 The name of the role to create.
847 The path to the role.
849 .. option:: --assume-role-policy-doc
851 The trust relationship policy document that grants an entity permission to
854 .. option:: --policy-name
856 The name of the policy document.
858 .. option:: --policy-doc
860 The permission policy document.
862 .. option:: --path-prefix
864 The path prefix for filtering the roles.
869 Generate a new user::
871 $ radosgw-admin user create --display-name="johnny rotten" --uid=johnny
872 { "user_id": "johnny",
874 "display_name": "johnny rotten",
880 "access_key": "TCICW53D9BQ2VGC46I44",
881 "secret_key": "tfm9aHMI8X76L3UdgE+ZQaJag1vJQmE6HDb5Lbrz"}],
886 $ radosgw-admin user rm --uid=johnny
888 Remove a user and all associated buckets with their contents::
890 $ radosgw-admin user rm --uid=johnny --purge-data
894 $ radosgw-admin bucket rm --bucket=foo
896 Link bucket to specified user::
898 $ radosgw-admin bucket link --bucket=foo --bucket_id=<bucket id> --uid=johnny
900 Unlink bucket from specified user::
902 $ radosgw-admin bucket unlink --bucket=foo --uid=johnny
904 Show the logs of a bucket from April 1st, 2012::
906 $ radosgw-admin log show --bucket=foo --date=2012-04-01-01 --bucket-id=default.14193.1
908 Show usage information for user from March 1st to (but not including) April 1st, 2012::
910 $ radosgw-admin usage show --uid=johnny \
911 --start-date=2012-03-01 --end-date=2012-04-01
913 Show only summary of usage information for all users::
915 $ radosgw-admin usage show --show-log-entries=false
917 Trim usage information for user until March 1st, 2012::
919 $ radosgw-admin usage trim --uid=johnny --end-date=2012-04-01
925 :program:`radosgw-admin` is part of Ceph, a massively scalable, open-source,
926 distributed storage system. Please refer to the Ceph documentation at
927 http://ceph.com/docs for more information.
933 :doc:`ceph <ceph>`\(8)
934 :doc:`radosgw <radosgw>`\(8)