I think this just lacks traction but I don't see any reason why we wouldn't do it. Although rgw has many backends it interacts with to the point it's kinda clustering the CephObjectStore CRD a bit. So let's have a good API design if we decide to go ahead with this.

@leseb Thank you for the reply. I didn't look deeply into the Object Store CRD yet, beyond taking an example and shooting it at my cluster. What would be your preferred mode to discuss future API design?

@horazont we can start with a design doc PR, you can find the template here https://github.com/rook/rook/blob/master/design/design_template.md. Thanks

We've added a PR with a first draft of the design document: #9444.

I started working on the code and I discovered the issue, that go-ceph does not support all required RGW Admin Ops calls that are needed to implement the changes from the design document.

I've started a discussion there and hope to implement the required features.

Thanks for keeping us up-to-date @sebastianriese.

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in a week if no further activity occurs. Thank you for your contributions.

In the meantime, ceph/go-ceph#644 has been proposed and merged, which means that our main focus of work is currently implementing the rook extension itself. I don't think there's a PR yet. @sebastianriese?

(in other words: this issue shouldn't be closed just yet, I think)

👋 @sebastianriese -- have you had a chance to follow up on the rest of this?

We're still working on getting the tests right--as this will depend on Keystone for integration tests, much of the recent work has been on integrating that somehow sensible.

We've still got this on our list and intend to finish it before the end of the year.

We're still working on getting the tests right--as this will depend on Keystone for integration tests, much of the recent work has been on integrating that somehow sensible.

We've still got this on our list and intend to finish it before the end of the year.

awesome. we've got a workaround that works for now at our side in the meantime.

Do you have any updates about the keystone integration and native Swift API support? Is there any particular code that needs to be adjusted?

Opened #13807 to implement authentication using keystone with s3 and swift.