CephFS - Security & » History » Version 1
Jessica Mack, 06/09/2015 07:10 PM
| 1 | 1 | Jessica Mack | h1. CephFS - Security & multiple instances in a single RADOS Cluster |
|---|---|---|---|
| 2 | |||
| 3 | h3. Summary |
||
| 4 | |||
| 5 | Right now, it's only possible to have one filesystem in a CephFS cluster. Some users have expressed interest in multiple filesystems across a cluster. We need to gather requirements in order to choose one of two (or more?) ways we could do this in the future. |
||
| 6 | This ties in with more general security requirements, which we also need to gather requirements on. |
||
| 7 | |||
| 8 | h3. Owners |
||
| 9 | |||
| 10 | * Gregory Farnum (Inktank/Red Hat) |
||
| 11 | * Sage Weil (Inktank/Red Hat) |
||
| 12 | * Name |
||
| 13 | |||
| 14 | h3. Interested Parties |
||
| 15 | |||
| 16 | * Name (Affiliation) |
||
| 17 | * Name (Affiliation) |
||
| 18 | * Name |
||
| 19 | |||
| 20 | h3. Current Status |
||
| 21 | |||
| 22 | There are two general options we see as available in the future: |
||
| 23 | 1) Allow multiple MDSMaps within a cluster, each supporting a different filesystem running on different MDS daemons. |
||
| 24 | 2) Put "syntactic sugar" and some new security models around the existing options to mount subtrees from a client. |
||
| 25 | |||
| 26 | h3. Detailed Description |
||
| 27 | |||
| 28 | There are tradeoffs to both of these approaches in terms of code complexity, security models, and user features. |
||
| 29 | |||
| 30 | h3. Work items |