Feature #36338
Namespace support for libcephfs
0%
Description
Namespace support for libcephfs would allow applications like nfs-ganesha to make use of namespaces in cephfs. With namespace support in libcephfs you
would be able to logically seperate the objects per namespace: one for
each nfs-ganesha instance ... and restrict access to only this namespace
instead of the whole pool:
caps: [mds] allow rw path=/path/on/cephfs
caps: [mon] allow r
caps: [osd] allow rw pool=cephfs_data namespace=your-name-space-here
As a (Ceph) storage admin you would be able to provide tenants the
(cephx) capabilities to use nfs-ganesha, without the need to give them
unrestricted rw access to your cephfs_data pool(s).
History
#1 Updated by Jeff Layton over 5 years ago
There is a ceph_select_filesystem call in libcephfs which might do what we'd need for this, but it's not clear to me how that interacts with RADOS namespaces.
#2 Updated by Patrick Donnelly over 5 years ago
- Status changed from New to Rejected
You need to do a few things:
- Set the auth caps to only mount a certain path: http://docs.ceph.com/docs/master/cephfs/client-auth/#path-restriction
- Set the pool namespace on the new directory: http://docs.ceph.com/docs/mimic/cephfs/file-layouts/#layout-fields
#3 Updated by Zheng Yan over 5 years ago
- Status changed from Rejected to New
you just need to set directory layout on /path/on/cephfs
setfattr -n ceph.file.layout.pool_namespace -v your-name-space-here /path/on/cephfs
#4 Updated by Stefan Kooman over 5 years ago
@Patrick/@Zheng: I don't get your points. I mean, I do know how to configure namespaces in cephfs. And I do use it with ceph-fuse. But, an application build on libcephfs that wants to use that data, needs to have support for the namespace the data was written in, right? Nfs-Ganesha is such a client, but it does not have support for it, yet, because libcephfs would not have support for it.
I might have not been clear, so let me rephrase: Has "libcephfs" support for RADOS namespaces?
Jeff wondered about the following:
"There is a ceph_select_filesystem call in libcephfs which might do what we'd need for this, but it's not clear to me how that interacts with RADOS namespaces."
Is the "ceph_select_filesystem" call in libcephfs there to choose which of the available ceph fs filesystems you want to use (multi fs in cephfs: http://docs.ceph.com/docs/master/cephfs/experimental-features/#multiple-filesystems-within-a-ceph-cluster)?
Thanks!
#5 Updated by Patrick Donnelly over 5 years ago
Stefan Kooman wrote:
@Patrick/@Zheng: I don't get your points. I mean, I do know how to configure namespaces in cephfs. And I do use it with ceph-fuse. But, an application build on libcephfs that wants to use that data, needs to have support for the namespace the data was written in, right? Nfs-Ganesha is such a client, but it does not have support for it, yet, because libcephfs would not have support for it.
I might have not been clear, so let me rephrase: Has "libcephfs" support for RADOS namespaces?
Yes.
Jeff wondered about the following:
"There is a ceph_select_filesystem call in libcephfs which might do what we'd need for this, but it's not clear to me how that interacts with RADOS namespaces."
ceph_select_filesystem just allows a libcephfs application (e.g. Ganesha) to operate on a particular Ceph file system. RADOS namespaces have nothing to do with this.
Is the "ceph_select_filesystem" call in libcephfs there to choose which of the available ceph fs filesystems you want to use (multi fs in cephfs: http://docs.ceph.com/docs/master/cephfs/experimental-features/#multiple-filesystems-within-a-ceph-cluster)?
Yes.
#6 Updated by Stefan Kooman over 5 years ago
Thanks. As it's already implemented this ticket can be closed.
#7 Updated by Jeff Layton over 5 years ago
- Status changed from New to Resolved
- Assignee set to Jeff Layton
#8 Updated by Patrick Donnelly about 5 years ago
- Category deleted (
109) - Component(FS) Client, Ganesha FSAL added
- Component(FS) deleted (
libcephfs)