答复: Ceph user manangerment question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Daleep,

 

Thank you for reply. 

I have read the document for a moment. Let me try to clarify this. 

 

In my case, I only assgin “mon ‘allow r” permission to account appuser. But, I still can mount cephfs and see the directory created before(the folder name is “test”).


And, I can create a folder under this folder too. (the folder is “test2”)

However, when I created and edited an text file(“test.txt”) with a read only error.When I quit with "q!", I still see the file with 0 bytes.

 

I'm wondering I must misunderstand something. I thought I shouldn't see this folder "test" because the user didn't have the read/write permission against any pool in this cluster. I shouldn't create the "test.txt" in this folder too because of premission.(But, I CREATED it with nothing)

 

Let's say assigning an OS user permission(for example, Linux). I have to give read permission if a user want to read a file; If it has to execute a script, I have to grant the exeucte permission. I want to understand when and why I should assign which permssion to an user by meeting a special task. Can I find this kind of document?

 

Thanks,

Dillon

发件人: Daleep Singh Bais <daleepbais@xxxxxxxxx>
发送时间: 2016年9月27日 6:55:10
收件人: 卢 迪; ceph-users@xxxxxxxxxxxxxx
主题: Re: Ceph user manangerment question
 
Hi Dillon,

Ceph uses CephX authentication, which gives permission to users on selected Pools  to read / write.  We give mon 'allow r'
 to get cluster/Crush map for client.

You can refer to below URL for more information on CephX and creating user keyrings for access to selected / specific pools.

http://docs.ceph.com/docs/jewel/rados/configuration/auth-config-ref/
docs.ceph.com
Deployment Scenarios¶ There are two main scenarios for deploying a Ceph cluster, which impact how you initially configure Cephx. Most first time Ceph users use ceph ...



The below URL will give you information on various permissions which can be applied while creating a CephX authentication key.

http://docs.ceph.com/docs/firefly/rados/operations/auth-intro/
docs.ceph.com
Ceph Authentication & Authorization¶ Ceph is a distributed storage system where a typical deployment involves a relatively small quorum of monitors, scores of ...



Hope this will give some insight and way forward to proceed.

Thanks,

Daleep Singh Bais

On 09/27/2016 12:02 PM, 卢 迪 wrote:

Hello all,


I'm a newbie of Ceph. I read the document and created a ceph cluster against VM. I have a question about how to apply user managerment to the cluster. I'm not asking how to create or modify users or user privileges. I have found this in the Ceph document.


I want to know:


1. Is there a way to know the usage of all privileges? For example, I created an user client.appuser with mon "allow r", this user can accsess the Ceph; If I removed the mon "allow r", it will be time out. (in this case, I mount the cluster with cephfs). If someone has these information, could you please share with me?


2. What kind of situation would you create differnet users for cluster? In currently, I user admin user to access the all cluster, such as start cluster, mount file system and etc. It looks like the appuser( I created above) can mount file system too. Is it possible to create an user liking the OS user or database user? So, one user upload some data, the others can't see them or can only read them.


ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com


_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]

  Powered by Linux