Re: ACL nightmare on RadosGW for 200 TB dataset

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> Can't you set the ACL on the object when you put it?

I could create two tenants. One tenant DATASETADMIN for read/write
access, and a tenant DATASETUSERS for readonly access.

When I load the dataset into the object store, I need a "s3cmd put"
operation and a "s3cmd setacl" operation for each object. It is slow
but we do this only once. Giving read access will mean adding the user
to the DATASETUSERS tenant, without touching again the ACLs.

Still this is a workaround. We create ad-hoc tenants with read-only
permissions, and let the users in or out of these tenants.

If we want to use the original user's tenant in the ACL, it does not
scale for large number of objects AFAIK. :(

Saverio
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com



[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]


  Powered by Linux