Re: How to create two isolated rgw services in one ceph cluster?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I'm testing multi realm features according to official multisite(http://docs.ceph.com/docs/jewel/radosgw/multisite/) doc, but after set up a zone-group and zone, every time I run radosgw-admin command,  it will print an error mesage:

> 2016-12-05 16:19:21.117371 7f85beec59c0  0 error in read_id for id  : (2) No such file or directory

This vaguely error message seems start to appear after I run `radosgw-admin zonegroup delete --rgw-zonegroup=default` command.

What can I do to fix this?

Thank you.

On Sun, Dec 4, 2016 at 8:39 AM, piglei <piglei2007@xxxxxxxxx> wrote:
Thank you Abhishek, I will take a look at Realm soon. BTW, what's your point on the multi-tenancy combined nginx rules solution?

AFAIK, Ceph's multi-tenancy feature seems like a replacement of adding prefix for user/bucket name manually. It only avoids name conflict across different tenants, but lacks the ability of real isolation of user data. What do you think?

On Fri, Dec 2, 2016 at 10:07 PM, Abhishek L <abhishek@xxxxxxxx> wrote:

piglei writes:

> Hi, I am a ceph newbie. I want to create two isolated rgw services in a single ceph cluster, the requirements:
>
> * Two radosgw will have different hosts, such as radosgw-x.site.com and radosgw-y.site.com. File uploaded to rgw-xcannot be accessed via rgw-y.
> * Isolated bucket and user namespaces is not necessary, because I could prepend term to bucket name and user name, like "x-bucket" or "y-bucket"
>
> At first I thought region and zone may be the solution, but after a little more researchs, I found that region and zone are for different geo locations, they share the same metadata (buckets and users) and objects instead of isolated copies.
>
> After that I noticed ceph's multi-tenancy feature since jewel release, which is probably what I'm looking for, here is my solution using multi-tenancy:
>
> * using two tenant called x and y, each rgw service matches one tenant.
> * Limit incoming requests to rgw in it's own tenant, which means you can only retrieve resources belongs to buckets "x:bucket" when callingradosgw-x.site.com. This can be archived by some custom nginx rules.
>
> Is this the right approach or Should I just use two different clusters instead? Looking forward to your awesome advises.
>

Since jewel, you can also consider looking into realms which sort of
provide for isolated namespaces within a zone or zonegroup.

--
Abhishek


_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com

[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]


  Powered by Linux