@Redouane Kachach I've been largely using the rgw module and it was originally working for a non ssl setup but now that is what is actually failing. A very simple multisite following the instructions fails to correctly initialize because the secondary cluster isn't correctly creating it's synchronization user on the secondary cluster. @wissem mimouna The secondary sync user has needed to be manually created as its not syncing from the primary zone when the secondary realm/zone is created with the rgw module. Once I create it then I can get data syncing to run but the metadata syncing is failing with the mdlog error. Which is what I'm assuming is stopping the secondary sync user from being created in the first place. Much appreciated, Kevin On Mon, Sep 15, 2025 at 9:11 AM wissem mimouna <ceph-users@xxxxx> wrote: > Hi, > > > For the secondary site sync user you can edit the zone configuration on > both sites and add the credentials for the synchronisation system user , > as follow: > > > radosgw-admin zone modify --rgw-zone=<zone-name> > --access-key=<access-key> --secret=<secret-key> > > radosgw-admin period update --commit > > Regards > > On 12.09.2025 01:03, Kevin Hrpcek wrote: > > Hey all, > > > > I've been having some problems with a relatively basic rgw multisite set > > up. I initially had it working a few weeks ago with a simple config but > > rebuilt it with ssl enabled for the endpoints and then started having > some > > problems to work through. I eventually had that working but then tore it > > all down so I could verify the recreation steps but now I'm having > problems > > with the multisite. There are a few different errors.... > > > > I set up the master zone without problems, but if I use the rgw module > with > > a token and spec it fails to sync the sync user and the primary zone > can't > > sync back from the secondary zone. A permission denied error for data > > syncing primary->secondary but secondary-> primary works because it has > the > > credentials. > > > > So i used to be able to manually create the user on the secondary zone > and > > get data syncing but the metadata wouldn't sync with the master showing > an > > error message but when I check the mdlog on the primary it looks okay. > > > > 2025-09-11T15:15:18.771+0000 7fc29e96c640 1 req 14061042141473454829 > > 0.001000005s failed to read mdlog history: (2) No such file or directory > > > > I ended up trying a full clean reset of rgw on both clusters so I deleted > > the daemons and all related pools. The primary starts up but I still have > > the problem of the sync user not being created on the secondary and now > > when I try to create a user on the secondary for syncing or just for the > > dashboard to work I get errors that I've tracked down to > > > https://github.com/ceph/ceph/blob/62bcf65e8c0995783bb3e368909716346874ad62/src/rgw/radosgw-admin/radosgw-admin.cc#L4631 > > but am not quite following whats all going on in the source to determine > > why. > > > > # radosgw-admin user create --uid=dashboard --display-name=dashboard > > --system > > couldn't init storage provider > > # radosgw-admin user create --uid=sysuser-asdf > --display-name=sysuser-asdf > > --access-key=xxxxxxxxxxxxx --secret-key=yyyyyyyyyyyyyyy --system > > --rgw-realm=asdf > > Unable to initialize site config. > > > > Any thoughts? It seems like I may have messed something up in the ceph > > config database from multiple tear downs and restarts of the multisite > > setup but I'm not seeing what it could be. > > > > ceph 19.2.1 using cephadm on alma 9 > > > > Thanks! > > Kevin > > _______________________________________________ > > ceph-users mailing list -- ceph-users@xxxxxxx > > To unsubscribe send an email to ceph-users-leave@xxxxxxx > _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |