Project

General

Profile

Rgw - multitenancy

Summary

Introducing the rados gateway tenant. It provides a level of hierarchy on top of users and their data. This provides the ability to separate the users into different organizational entities.

Owners

  • Name (Affiliation)
  • Name (Affiliation)
  • Name

Interested Parties

  • Yehuda Sadeh (Inktank)
  • Name (Affiliation)
  • Name

Current Status

A preliminary work that implemented this has been done as part of the Dumpling development. However, this has not been been merged upstream and needs to be brought up-to-date with the current code base.

Detailed Description

We define a new 'tenant' level on top of the current user data structure. A tenant has its own set of users. Any user may be referred as tenant:user (or probably tenant/user, as the colon has been used in the past for subbusers), and this can be used to globally reference any user. Bucket names are now per-tenant.
We define a default tenant, which we access if tenant is not specified.
Open questions:
- how to handle virtual bucket names? Two different tenants can have the same bucket names
- what should we do with subusers?

Work items

Coding tasks

  1. Task 1
  2. Task 2
  3. Task 3

Build / release tasks

  1. Task 1
  2. Task 2
  3. Task 3

Documentation tasks

  1. Task 1
  2. Task 2
  3. Task 3

Deprecation tasksEdit section

  1. Task 1
  2. Task 2
  3. Task 3