| Table of Contents | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
After configuring Content Gateway, determine whether it is working correctly with Swarm and Elasticsearch by performing a functional verification. Create a domain within Gateway, then a bucket under that domain, then an object in that bucket. Perform a search query and read against the object. Create tokens for S3 client token authentication, and assign a Gateway tenant context to a domain. If any of these requests fail see Gateway Troubleshooting.
...
Authentication
The default install has an "anonymous can do anything" policy.json and an empty idsys.json (therefore, no users). Before proceeding with verification, set up authentication.
...
The authentication store of choice as referenced in Content Gateway's root "idsys.json" is configured correctly and ready to handle authentication requests (LDAP, Active Directory, or local Linux PAM — pluggable authentication modules).
The user designated as the top level "root" user for Content Gateway is named "admin" with password of "password".
Gateway's root "policy.json" is properly configured to allow this user full access rights for operations to the entire cluster.
...
Note
These configuration files are found on the Gateway machine(s) under the directory "/etc/caringo/cloudgateway".
See Content Gateway Authentication.
Create Domain, Bucket, and Object
A domain and bucket in the domain are created then an object is instantiated in the bucket.
...
Note
Hostname / IP address information
...
, alternatively, service port need to be changed depending on how the routing to the Gateway machine is configured.
Domain creation of domain 'demodomain.caringodemo.int' in the cluster 'caringodemo.int' (Gateway target GATEWAY:PORT):
Code Block curl -v -u "admin:password" -X POST -d "" "http: //GATEWAY:PORT/?domain=demodomain.caringodemo.int&createdomain" -H "content-type:application/castorcontext"
Bucket creation of 'bucket1' in the new domain 'demodomain.caringodemo.int':
Code Block curl -v -u "admin:password" -X POST -d "" "http://GATEWAY:PORT/bucket1?domain=demodomain.caringodemo.int" -H "content-type:application/castorcontext"
Placing a file/stream/object 'install.log' in the bucket 'bucket1' within the domain 'demodomain.caringodemo.int':
Code Block curl -v -u "admin:password" -X POST --data-binary @install.log "http://GATEWAY:PORT/bucket1/install.log?domain=demodomain.caringodemo.int"
Listing the indexed bucket(s) and contents of bucket 'bucket1' in the domain 'demodomain.caringodemo.int':
Code Block curl -v -u "admin:password" 'http: //GATEWAY:PORT/?format=json&domain=demodomain.caringodemo.int' curl -v -u "admin:password" 'http: //GATEWAY:PORT/bucket1?format=json&domain=demodomain.caringodemo.int'
Retrieving the stream 'install.log' from bucket 'bucket1' in domain 'demodomain.caringodemo.int':
Code Block curl -v -u "admin:password" 'http://GATEWAY:PORT/bucket1/install.log?domain=demodomain.caringodemo.int' > install.log
Create Tokens for S3 Clients
Proceed to token creation now that basic operations using Swarm SCSP are used to verify functionality. This allows for the creation of token/secret pairs for a given domain, which can then be assigned to S3 clients to allow them access via Content Gateway's S3 protocol.
These commands assume a user "myuser" is creating the necessary tokens to set up an S3 client for access.
| Info |
|---|
NoteImportantSCSP commands must be used to create tokens, so " |
...
An S3 client should be configured to use the hexadecimal token along with the assigned secret to authenticate using Gateway's S3 protocol service.
Assign Tenancy to Domains under Gateway
To use Gateway's tenant functionality, add the tenant context to any domain that is created within such a deployment. To assign tenancy at domain creation time, issue a domain creation request using the following parameters:
...