<html><head><meta http-equiv=Content-Type content="text/html; charset=UTF-8"><META name="Author" content="GroupWise WebAccess"><style type="text/css">
body p
{
margin: 0px;
}
</style></head><body style='font-family: Helvetica, Arial, sans-serif; font-size: 13px; '>Hello,<br><br>I am writing the mail to explain the logic behind introducing custom roles for NFS-Ganesha in Deepsea.<br><br>Normal use case:<br>-------------------------<br>Deepsea provides a default "Ganesha" role. This role uses the configuration from the /srv/salt/ceph/ganesha/files/ganesha.conf.j2. If you look at this file it defines both FSALs, cephfs and rgw. For cephfs, things are pretty simple. But for rgw, we also need to populate the FSAL block with user_id, access_key and secret_access_key. To do so we need a list of users. That should be provided in the file /srv/pillar/ceph/rgw.sls.<br><br>Example rgw.sls:<br>rgw_configurations:<br> rgw:<br> users:<br> - { uid: "demo", name: "Demo", email: "demo@demo.nil" }<br> - { uid: "demo1", name: "Demo1", email: "demo1@demo.nil" }<br><br>Ganesha will read this file and populate the RGW FSAL with users "demo" and "demo1". <br><br>Custom roles:<br>--------------------<br>In the default setup, we are running both the FSALs on the same ganesha server node. But there may be a case where user wants to run NFS-Ganesha + Ceph FSAL on one set of nodes and NFS-Ganesha + RGW FSAL on other set of nodes. With just the role "ganesha", its not possible. There is another case possible, where admin may want to run NFS-Ganesha + RGW with user1, and for other user2 on other node. To handle such cases we added support for custom roles.<br><br>1. NFS-Ganesha server with CephFS and RGW on different nodes <ul><li>Assign custom roles, ganesha_cephfs and ganesha_rgw to nodes (in policy.cfg) <br></li><li>Add new conf file, ganesha_cephfs.conf.j2 and ganesha_rgw.conf.j2, with their respective FSALs.</li><li>Add keyring file, ganesha_cephfs.j2 and ganesha_rgw.j2</li><li>Update rgw.sls to reflect new ganesha_configurations and rgw_configurations. <br></li><li>Run the stages upto 4</li></ul><p>In this case rgw.sls:</p><p>rgw_configurations:<br> ganesha_rgw:<br> users:<br> - { uid: "demo", name: "Demo", email: "demo@demo.nil" }<br> - { uid: "demo1", name: "Demo1", email: "demo1@demo.nil" } <br></p><p><br></p><p>ganesha_configurations:</p><p> - ganesha_rgw: <br></p><p><br></p><p>2. NFS-Ganesha + Custom RGW:</p><p> The other use case could be where admin wants to run NFS-Ganesha RGW FSAL but with different users on different nodes. Let say these different set of nodes are named as "silver" and "gold".</p><p> So, we want only silver users to run on silver node. Similarly, only gold users to run on gold nodes. To do so, we define the following rgw.sls</p><p><br></p><p>rgw.sls</p><p>-----------<br></p><p>rgw_configurations:<br> silver:<br> users:<br> - { uid: "demo", name: "Demo", email: "demo@demo.nil" }</p><p> gold:<br> users:<br> - { uid: "demo", name: "Demo", email: "demo@demo.nil" }</p><p><br></p><p> <br></p><p>ganesha_configurations:</p> - silver<br> - gold<br><ul><li>Assign custom roles,silver and gold to nodes (in policy.cfg) <br></li><li>Add new conf file, silver.conf.j2 and gold.conf.j2, with their respective FSALs.</li><li>Add keyring file, silver.j2 and gold.j2</li><li>Update rgw.sls to reflect new ganesha_configurations and rgw_configurations. Similar to above example. <br></li><li>Run the stages upto 4</li></ul><p>SIlver and gold are just names. <br></p><p><br></p><p>Thanks,</p><p>Supriti <br></p> <br/><div style='clear: both;'><div><font size="2">------</font></div><div><font size="2">Supriti Singh </font><div><font size="2">SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton,</font></div><div><font size="2">HRB 21284 (AG Nürnberg)</font></div><div><div style="color: black;"> </div></div></div><br/></body></html>