[Deepsea-users] NFS Ganesha custom roles

Supriti Singh Supriti.Singh at suse.com
Wed Jun 14 09:44:26 MDT 2017


Hello,

I am writing the mail to explain the logic behind introducing custom roles for NFS-Ganesha in Deepsea.

Normal use case:
-------------------------
Deepsea provides a default "Ganesha" role. This role uses the configuration from the
/srv/salt/ceph/ganesha/files/ganesha.conf.j2. If you look at this file it defines both FSALs, cephfs and rgw. For
cephfs, things are pretty simple. But for rgw, we also need to populate the FSAL block with user_id, access_key and
secret_access_key. To do so we need a list of users. That should be provided in the file /srv/pillar/ceph/rgw.sls.

Example rgw.sls:
rgw_configurations:
   rgw:
     users:
       - { uid: "demo", name: "Demo", email: "demo at demo.nil" }
       - { uid: "demo1", name: "Demo1", email: "demo1 at demo.nil" }

Ganesha will read this file and populate the RGW FSAL with users "demo" and "demo1". 

Custom roles:
--------------------
In the default setup, we are running both the FSALs on the same ganesha server  node. But there may be a case where user
wants to run NFS-Ganesha + Ceph  FSAL on one set of nodes and NFS-Ganesha + RGW FSAL on other set of  nodes. With just
the role "ganesha", its not possible. There is another  case possible, where admin may want to run NFS-Ganesha + RGW
with user1,  and for other user2 on other node. To handle such cases we added  support for custom roles.

1. NFS-Ganesha server with CephFS and RGW on different nodes 
* Assign custom roles, ganesha_cephfs and ganesha_rgw to nodes (in policy.cfg) 

* Add new conf file, ganesha_cephfs.conf.j2 and ganesha_rgw.conf.j2, with their respective FSALs.
* Add keyring file, ganesha_cephfs.j2 and ganesha_rgw.j2
* Update rgw.sls to reflect new ganesha_configurations and rgw_configurations. 

* Run the stages upto 4
In this case rgw.sls:
rgw_configurations:
  ganesha_rgw:
     users:
       - { uid: "demo", name: "Demo", email: "demo at demo.nil" }
       - { uid: "demo1", name: "Demo1", email: "demo1 at demo.nil" } 



ganesha_configurations:
 - ganesha_rgw: 



2. NFS-Ganesha + Custom RGW:
   The other use case could be where admin wants to run NFS-Ganesha RGW FSAL but with different users on different
nodes. Let say these different set of nodes are named as "silver" and "gold".
   So, we want only silver users to run on silver node. Similarly, only gold users to run on gold nodes. To do so, we
define the following rgw.sls


rgw.sls
-----------

rgw_configurations:
   silver:
     users:
       - { uid: "demo", name: "Demo", email: "demo at demo.nil" }
  gold:
     users:
       - { uid: "demo", name: "Demo", email: "demo at demo.nil" }


  

ganesha_configurations:
 - silver
 - gold

* Assign custom roles,silver and gold to nodes (in policy.cfg) 

* Add new conf file, silver.conf.j2 and gold.conf.j2, with their respective FSALs.
* Add keyring file, silver.j2 and gold.j2
* Update rgw.sls to reflect new ganesha_configurations and rgw_configurations. Similar to above example. 

* Run the stages upto 4
SIlver and gold are just names. 



Thanks,
Supriti 

 
------
Supriti Singh��SUSE Linux GmbH, GF: Felix Imend��rffer, Jane Smithard, Graham Norton,
HRB 21284 (AG N��rnberg)
 




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.suse.com/pipermail/deepsea-users/attachments/20170614/582f1f0c/attachment.htm>


More information about the Deepsea-users mailing list