On Tue, Oct 11, 2016 at 12:05 PM, 卢 迪 <ludi_1981@xxxxxxxxxxx> wrote: > Hi All, > > > When I create meta and data pools for CEPHFS, all clients use the same pools > for cephfs. Can I create multiple pools for different user? > > > For example, I have pool_A for client A to mount cephfs; I want to create a > pool_B for client B to mount cephfs. The purpose is to make sure client A > can't see client B's files when they access the same cluster. > > Is this possible? Thanks. Yes, you can accomplish this. [the links below are offline right now but they should be accessible as soon as ceph.com is back online] You can add multiple data pools to a filesystem (see add_data_pool command) and then assign different pools to different directories using layouts (http://docs.ceph.com/docs/jewel/cephfs/file-layouts) Then you can create client capabilities that restrict the clients by path to a particular directory, and also restrict them to the pool that is used for the data in that directory (http://docs.ceph.com/docs/jewel/cephfs/client-auth/) You can also do this with rados namespaces instead of pools, if you just want the security isolation without the overhead of having entirely separate pools. John > > > _______________________________________________ > ceph-users mailing list > ceph-users@xxxxxxxxxxxxxx > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com > _______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
 |