This is a draft Object Storage page for the proposed OpenStack-Ansible operations guide.
In multi-region Object Storage utilizing separate database backends, objects
are retrievable from an alternate location if the default_project_id
for a user in the keystone database is the same across each database
backend.
Important
It is recommended to perform the following steps before a failure occurs to avoid having to dump and restore the database.
If a failure does occur, follow these steps to restore the database from the Primary (failed) Region:
Record the Primary Region output of the default_project_id
for
the specified user from the user table in the keystone database:
Note
The user is admin
in this example.
# mysql -e "SELECT default_project_id from keystone.user WHERE \
name='admin';"
+----------------------------------+
| default_project_id |
+----------------------------------+
| 76ef6df109744a03b64ffaad2a7cf504 |
+-----------------—————————————————+
Record the Secondary Region output of the default_project_id
for the specified user from the user table in the keystone
database:
# mysql -e "SELECT default_project_id from keystone.user WHERE \
name='admin';"
+----------------------------------+
| default_project_id |
+----------------------------------+
| 69c46f8ad1cf4a058aa76640985c |
+----------------------------------+
In the Secondary Region, update the references to the
project_id
to match the ID from the Primary Region:
# export PRIMARY_REGION_TENANT_ID="76ef6df109744a03b64ffaad2a7cf504"
# export SECONDARY_REGION_TENANT_ID="69c46f8ad1cf4a058aa76640985c"
# mysql -e "UPDATE keystone.assignment set \
target_id='${PRIMARY_REGION_TENANT_ID}' \
WHERE target_id='${SECONDARY_REGION_TENANT_ID}';"
# mysql -e "UPDATE keystone.user set \
default_project_id='${PRIMARY_REGION_TENANT_ID}' WHERE \
default_project_id='${SECONDARY_REGION_TENANT_ID}';"
# mysql -e "UPDATE keystone.project set \
id='${PRIMARY_REGION_TENANT_ID}' WHERE \
id='${SECONDARY_REGION_TENANT_ID}';"
The user in the Secondary Region now has access to objects PUT in the Primary Region. The Secondary Region can PUT objects accessible by the user in the Primary Region.
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.