On Fri, 2018-10-05 at 22:31 +0200, Stefan Kooman wrote: > Dear devs (ceph-devel / nfs-ganesha-devel), > > Matt Benjamin asked me in this github issue [1] to send an email to the > dev mailing lists to discuss a feature [1]. As this feature needs > support from both "(lib)cephfs", librados as well as nfs-ganesha I'm > sending it to both lists. > > TL;DR: > > Add support for nfs-ganesha to make use of 1) librados namespace, 2) > (lib)cephfs namespace in order to avoid seperate pools for each > nfs-ganesha instance. > > Motivation: > > As far as I'm aware of libcephfs / librados support "namespaces". Note: > namespaces in this context are not "multiple filesystems" but rather an > "object prefix" to separate different objects in cephfs / RADOS. One of > the benefits of "namespaces" is that you can have multiple instances of > ganesha using the same pool / filesystem without objects clashing. > > Currently you would need a separate pool for "RADOS_KV" and "RADOS_URLS" > per nfs-ganesha instance. With namespace support in libcephfs you > would be able to logically seperate the objects per namespace: one for > each nfs-ganesha instance ... and restrict access to only this namespace > instead of the whole pool: > > caps: [mds] allow rw path=/path/on/cephfs > caps: [mon] allow r > caps: [osd] allow rw pool=cephfs_data namespace=your-name-space-here > > As a (Ceph) storage admin you would be able to provide tenants the > (cephx) capabilities to use nfs-ganesha, without the need to give them > rw access to your cephfs_data pool(s). > > As it turns out the "librados" support is already present in nfs-ganesha > 2.7 [2]. However, only when you are using the CEPH FSAL in > "active/active" mode. It would be nice to "backport" / reuse this code > to be able to use it with the "rados_ng" RADOS_KV recovery backend and / > or RADOS_URLS. This would be useful for those that (still) want to use a > "active/passive" setup (CTDB, pacemaker / corosync). > > The "libcephfs" namespace support is not yet implemented in nfs-ganesha > AFAIK. This would provide the benefits as discussed in motivation. > > With adding support for "namespaces" it opens the way for nfs-ganesha > multi-tenancy. > > Does this makes sense? Do you agree on the use case? Would this indeed > need support from both ceph as well as nfs-ganesha developers? > > Thanks, > > Stefan Kooman > > [1]: https://github.com/nfs-ganesha/nfs-ganesha/issues/353 > [2]: > https://github.com/nfs-ganesha/nfs-ganesha/blob/next/src/doc/man/ganesha-rados-grace.rst > This is already implemented via a "namespace" parameter to RADOS_KV in nfs-ganesha 2.7. It's not implemented in RADOS_URLS yet, but it wouldn't be too hard to do. -- Jeff Layton <jlayton@xxxxxxxxxx>
