I assume it means that pools with an enabled application "cephfs" can
be targeted by specifying this tag instead of listing each pool
separately. Browsing through the code [1] seems to confirm that
(somehow, I'm not a dev):
if (g.match.pool_tag.application == ng.match.pool_tag.application
But I agree, it's worth adding that to the docs.
[1]
https://github.com/ceph/ceph/blob/09e81319648dd504cfd94edfdd321c7163cefa98/src/osd/OSDCap.cc#L549
Zitat von Petr Bena <petr@bena.rocks>:
Hello
In https://docs.ceph.com/en/latest/cephfs/client-auth/ we can find that
ceph fs authorize cephfs_a client.foo / r /bar rw Results in
client.foo
key: *key*
caps: [mds] allow r, allow rw path=/bar
caps: [mon] allow r
caps: [osd] allow rw tag cephfs data=cephfs_a
What is this "tag cephfs" thing? It seems like some undocumented
black magic to me, since I can't find anything that documents it.
Can someone explain how it works under the hood? What does it expand
to? What does it limit and how?
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx