Hi, John
Thanks. Is this a new future of jewel? Now, we are using hammer.
发送自我的三星 Galaxy 智能手机。
-------- 原始信息 --------
由: John Spray <jspray@xxxxxxxxxx>
日期: 2016/10/11 19:17 (GMT+08:00)
收件人: 卢 迪 <ludi_1981@xxxxxxxxxxx>
抄送: ceph-users@xxxxxxxxxxxxxx
主题: Re: can I create multiple pools for cephfs
On Tue, Oct 11, 2016 at 12:05 PM, 卢 迪 <ludi_1981@xxxxxxxxxxx> wrote:
> Hi All,
>
>
> When I create meta and data pools for CEPHFS, all clients use the same pools
> for cephfs. Can I create multiple pools for different user?
>
>
> For example, I have pool_A for client A to mount cephfs; I want to create a
> pool_B for client B to mount cephfs. The purpose is to make sure client A
> can't see client B's files when they access the same cluster.
>
> Is this possible? Thanks.
Yes, you can accomplish this.
[the links below are offline right now but they should be accessible
as soon as ceph.com is back online]
You can add multiple data pools to a filesystem (see add_data_pool
command) and then assign different pools to different directories
using layouts (http://docs.ceph.com/docs/jewel/cephfs/file-layouts)
Then you can create client capabilities that restrict the clients by
path to a particular directory, and also restrict them to the pool
that is used for the data in that directory
(http://docs.ceph.com/docs/jewel/cephfs/client-auth/)
You can also do this with rados namespaces instead of pools, if you
just want the security isolation without the overhead of having
entirely separate pools.
John
>
>
> _______________________________________________
> ceph-users mailing list
> ceph-users@xxxxxxxxxxxxxx
> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>
> Hi All,
>
>
> When I create meta and data pools for CEPHFS, all clients use the same pools
> for cephfs. Can I create multiple pools for different user?
>
>
> For example, I have pool_A for client A to mount cephfs; I want to create a
> pool_B for client B to mount cephfs. The purpose is to make sure client A
> can't see client B's files when they access the same cluster.
>
> Is this possible? Thanks.
Yes, you can accomplish this.
[the links below are offline right now but they should be accessible
as soon as ceph.com is back online]
You can add multiple data pools to a filesystem (see add_data_pool
command) and then assign different pools to different directories
using layouts (http://docs.ceph.com/docs/jewel/cephfs/file-layouts)
Then you can create client capabilities that restrict the clients by
path to a particular directory, and also restrict them to the pool
that is used for the data in that directory
(http://docs.ceph.com/docs/jewel/cephfs/client-auth/)
You can also do this with rados namespaces instead of pools, if you
just want the security isolation without the overhead of having
entirely separate pools.
John
>
>
> _______________________________________________
> ceph-users mailing list
> ceph-users@xxxxxxxxxxxxxx
> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
