[Deepsea-users] NFS Ganesha custom roles
Nathan Cutler
ncutler at suse.cz
Wed Jun 14 11:18:23 MDT 2017
I like this idea, I think. If I understand correctly, with the default
"ganesha" role I can do cephfs FSAL by itself, or cephfs + rgw FSAL, but
I cannot do rgw FSAL by itself. So I will need the custom role
ganesha_rgw for that.
On 06/14/2017 05:44 PM, Supriti Singh wrote:
> Hello,
>
> I am writing the mail to explain the logic behind introducing custom
> roles for NFS-Ganesha in Deepsea.
>
> Normal use case:
> -------------------------
> Deepsea provides a default "Ganesha" role. This role uses the
> configuration from the /srv/salt/ceph/ganesha/files/ganesha.conf.j2. If
> you look at this file it defines both FSALs, cephfs and rgw. For cephfs,
> things are pretty simple. But for rgw, we also need to populate the FSAL
> block with user_id, access_key and secret_access_key. To do so we need a
> list of users. That should be provided in the file /srv/pillar/ceph/rgw.sls.
>
> Example rgw.sls:
> rgw_configurations:
> rgw:
> users:
> - { uid: "demo", name: "Demo", email: "demo at demo.nil" }
> - { uid: "demo1", name: "Demo1", email: "demo1 at demo.nil" }
>
> Ganesha will read this file and populate the RGW FSAL with users "demo"
> and "demo1".
>
> Custom roles:
> --------------------
> In the default setup, we are running both the FSALs on the same ganesha
> server node. But there may be a case where user wants to run NFS-Ganesha
> + Ceph FSAL on one set of nodes and NFS-Ganesha + RGW FSAL on other set
> of nodes. With just the role "ganesha", its not possible. There is
> another case possible, where admin may want to run NFS-Ganesha + RGW
> with user1, and for other user2 on other node. To handle such cases we
> added support for custom roles.
>
> 1. NFS-Ganesha server with CephFS and RGW on different nodes
>
> * Assign custom roles, ganesha_cephfs and ganesha_rgw to nodes (in
> policy.cfg)
> * Add new conf file, ganesha_cephfs.conf.j2 and ganesha_rgw.conf.j2,
> with their respective FSALs.
> * Add keyring file, ganesha_cephfs.j2 and ganesha_rgw.j2
> * Update rgw.sls to reflect new ganesha_configurations and
> rgw_configurations.
> * Run the stages upto 4
>
> In this case rgw.sls:
>
> rgw_configurations:
> ganesha_rgw:
> users:
> - { uid: "demo", name: "Demo", email: "demo at demo.nil" }
> - { uid: "demo1", name: "Demo1", email: "demo1 at demo.nil" }
>
>
> ganesha_configurations:
>
> - ganesha_rgw:
>
>
> 2. NFS-Ganesha + Custom RGW:
>
> The other use case could be where admin wants to run NFS-Ganesha RGW
> FSAL but with different users on different nodes. Let say these
> different set of nodes are named as "silver" and "gold".
>
> So, we want only silver users to run on silver node. Similarly, only
> gold users to run on gold nodes. To do so, we define the following rgw.sls
>
>
> rgw.sls
>
> -----------
>
> rgw_configurations:
> silver:
> users:
> - { uid: "demo", name: "Demo", email: "demo at demo.nil" }
>
> gold:
> users:
> - { uid: "demo", name: "Demo", email: "demo at demo.nil" }
>
>
>
> ganesha_configurations:
>
> - silver
> - gold
>
> * Assign custom roles,silver and gold to nodes (in policy.cfg)
> * Add new conf file, silver.conf.j2 and gold.conf.j2, with their
> respective FSALs.
> * Add keyring file, silver.j2 and gold.j2
> * Update rgw.sls to reflect new ganesha_configurations and
> rgw_configurations. Similar to above example.
> * Run the stages upto 4
>
> SIlver and gold are just names.
>
>
> Thanks,
>
> Supriti
>
>
> ------
> Supriti Singh
> SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton,
> HRB 21284 (AG Nürnberg)
>
>
>
> _______________________________________________
> Deepsea-users mailing list
> Deepsea-users at lists.suse.com
> http://lists.suse.com/mailman/listinfo/deepsea-users
>
--
Nathan Cutler
Software Engineer Distributed Storage
SUSE LINUX, s.r.o.
Tel.: +420 284 084 037
More information about the Deepsea-users
mailing list