Feature #65551
open[rgw][accounts] bucket quota management at account-level
0%
Description
Account feature has been introduced by https://github.com/ceph/ceph/pull/54333 and we are planning to migrate our radosgw users to accounts. As described at https://docs.ceph.com/en/latest/radosgw/account/#resource-ownership,
Because the resources are owned by the account rather than its users, all usage statistics and quota enforcement apply to the account as a whole rather than its individual users.
Resource management would now be done at account-level.
Currently, we set quotas at both "user" and "bucket" scopes for all our users: e.g.,
"bucket_quota": {
"enabled": true,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": 2000000
},
"user_quota": {
"enabled": true,
"check_on_raw": false,
"max_size": 10001000000512,
"max_size_kb": 9766601563,
"max_objects": -1
},
and update bucket quotas on-demand if need be for a particular user.
However, "quota set" radosgw-admin cmd doesn't support setting bucket-scoped quotas for accounts but only for users. We can perhaps use "rgw bucket default quota max objects" ceph/rgw config item to set the default bucket quota for newly created users but IAM users (users created under an account using aws API) do not honor this config item.
>>> iam_client3.create_user(UserName="myiamuser")
{'User': {'Path': '/', 'UserName': 'myiamuser', 'UserId': '267ec9ca-f2ac-4864-af5e-33bb7ae00963', 'Arn': 'arn:aws:iam::RGW12879111715873415:user/myiamuser', 'CreateDate': datetime.datetime(2024, 4, 17, 14, 31, 19, 180196, tzinfo=tzutc())}, 'ResponseMetadata': {'RequestId': 'tx00000cae4d083bcdaf11d-00661fdd37-54126-default', 'HTTPStatusCode': 200, 'HTTPHeaders': {'x-amz-request-id': 'tx00000cae4d083bcdaf11d-00661fdd37-54126-default', 'content-type': 'application/xml', 'server': 'Ceph Object Gateway (squid)', 'content-length': '495', 'date': 'Wed, 17 Apr 2024 14:31:19 GMT', 'connection': 'Keep-Alive'}, 'RetryAttempts': 0}}
--> 'UserId': '267ec9ca-f2ac-4864-af5e-33bb7ae00963'
$ ./bin/radosgw-admin -c ./ceph.conf user info --uid=267ec9ca-f2ac-4864-af5e-33bb7ae00963 | jq '.bucket_quota'
{
"enabled": false,
"check_on_raw": false,
"max_size": -1,
"max_size_kb": 0,
"max_objects": -1
}
Opening this feature request to see whether we can let bucket quota management be done at account-level similar to how it is currently done for non-accounted rgw users and have all users under an account honor these limits.
Updated by Casey Bodley 12 days ago
- Project changed from Ceph to rgw
- Assignee set to Casey Bodley
Updated by Casey Bodley 12 days ago
- Status changed from New to Fix Under Review
- Backport set to squid
- Pull request ID set to 56986
Updated by Casey Bodley 7 days ago
- Status changed from Fix Under Review to Pending Backport
Updated by Casey Bodley 7 days ago
- Copied to Backport #65640: squid: [rgw][accounts] bucket quota management at account-level added
Updated by Backport Bot 7 days ago
- Tags changed from rgw to rgw backport_processed