Merge "cephfs_native: doc fixes"
This commit is contained in:
commit
3032ec34b4
@ -146,8 +146,9 @@ Create a section like this to define a CephFS backend:
|
|||||||
cephfs_cluster_name = ceph
|
cephfs_cluster_name = ceph
|
||||||
cephfs_enable_snapshots = True
|
cephfs_enable_snapshots = True
|
||||||
|
|
||||||
Set ``cephfs_enable_snapshots`` to True in the section to let the driver
|
Set ``driver-handles-share-servers`` to ``False`` as the driver does not
|
||||||
perform snapshot related operations.
|
manage the lifecycle of ``share-servers``. To let the driver perform snapshot
|
||||||
|
related operations, set ``cephfs_enable_snapshots`` to True.
|
||||||
|
|
||||||
Then edit ``enabled_share_backends`` to point to the driver's backend section
|
Then edit ``enabled_share_backends`` to point to the driver's backend section
|
||||||
using the section name. In this example we are also including another backend
|
using the section name. In this example we are also including another backend
|
||||||
@ -195,17 +196,11 @@ Allow Ceph auth ID ``alice`` access to the share using ``cephx`` access type.
|
|||||||
|
|
||||||
manila access-allow cephshare1 cephx alice
|
manila access-allow cephshare1 cephx alice
|
||||||
|
|
||||||
|
Note the access status, and the access/secret key of ``alice``.
|
||||||
|
|
||||||
Mounting shares using FUSE client
|
.. code-block:: console
|
||||||
---------------------------------
|
|
||||||
|
|
||||||
Using the secret key of the authorized ID ``alice`` create a keyring file,
|
manila access-list cephshare1
|
||||||
``alice.keyring`` like:
|
|
||||||
|
|
||||||
.. code-block:: ini
|
|
||||||
|
|
||||||
[client.alice]
|
|
||||||
key = AQA8+ANW/4ZWNRAAOtWJMFPEihBA1unFImJczA==
|
|
||||||
|
|
||||||
.. note::
|
.. note::
|
||||||
|
|
||||||
@ -232,6 +227,19 @@ Using the secret key of the authorized ID ``alice`` create a keyring file,
|
|||||||
For more details, please see the Ceph documentation.
|
For more details, please see the Ceph documentation.
|
||||||
http://docs.ceph.com/docs/jewel/rados/operations/user-management/#add-a-user
|
http://docs.ceph.com/docs/jewel/rados/operations/user-management/#add-a-user
|
||||||
|
|
||||||
|
|
||||||
|
Mounting shares using FUSE client
|
||||||
|
---------------------------------
|
||||||
|
|
||||||
|
Using the secret key of the authorized ID ``alice`` create a keyring file,
|
||||||
|
``alice.keyring`` like:
|
||||||
|
|
||||||
|
.. code-block:: ini
|
||||||
|
|
||||||
|
[client.alice]
|
||||||
|
key = AQA8+ANW/4ZWNRAAOtWJMFPEihBA1unFImJczA==
|
||||||
|
|
||||||
|
|
||||||
Using the mon IP addresses from the share's export location, create a
|
Using the mon IP addresses from the share's export location, create a
|
||||||
configuration file, ``ceph.conf`` like:
|
configuration file, ``ceph.conf`` like:
|
||||||
|
|
||||||
@ -257,19 +265,12 @@ from the share's export location:
|
|||||||
Known restrictions
|
Known restrictions
|
||||||
------------------
|
------------------
|
||||||
|
|
||||||
Mitaka release
|
|
||||||
|
|
||||||
Consider the driver as a building block for supporting multi-tenant
|
Consider the driver as a building block for supporting multi-tenant
|
||||||
workloads in the future. However, it can be used in private cloud
|
workloads in the future. However, it can be used in private cloud
|
||||||
deployments.
|
deployments.
|
||||||
|
|
||||||
- The guests have direct access to Ceph's public network.
|
- The guests have direct access to Ceph's public network.
|
||||||
|
|
||||||
- The secret-key of a Ceph auth ID required to mount a share is not exposed to
|
|
||||||
an user by a manila API. To workaround this, the storage admin would need to
|
|
||||||
pass the key out of band of manila, or the user would need to use the Ceph ID
|
|
||||||
and key already created and shared with her by the cloud admin.
|
|
||||||
|
|
||||||
- The snapshot support of the driver is disabled by default.
|
- The snapshot support of the driver is disabled by default.
|
||||||
``cephfs_enable_snapshots`` configuration option needs to be set to ``True``
|
``cephfs_enable_snapshots`` configuration option needs to be set to ``True``
|
||||||
to allow snapshot operations.
|
to allow snapshot operations.
|
||||||
@ -281,12 +282,17 @@ deployments.
|
|||||||
- To restrict share sizes, CephFS uses quotas that are enforced in the client
|
- To restrict share sizes, CephFS uses quotas that are enforced in the client
|
||||||
side. The CephFS clients are relied on to respect quotas.
|
side. The CephFS clients are relied on to respect quotas.
|
||||||
|
|
||||||
|
Mitaka release
|
||||||
|
|
||||||
|
- The secret-key of a Ceph auth ID required to mount a share is not exposed to
|
||||||
|
an user by a manila API. To workaround this, the storage admin would need to
|
||||||
|
pass the key out of band of manila, or the user would need to use the Ceph ID
|
||||||
|
and key already created and shared with her by the cloud admin.
|
||||||
|
|
||||||
|
|
||||||
Security
|
Security
|
||||||
--------
|
--------
|
||||||
|
|
||||||
Mitaka release
|
|
||||||
|
|
||||||
- Each share's data is mapped to a distinct Ceph RADOS namespace. A guest is
|
- Each share's data is mapped to a distinct Ceph RADOS namespace. A guest is
|
||||||
restricted to access only that particular RADOS namespace.
|
restricted to access only that particular RADOS namespace.
|
||||||
http://docs.ceph.com/docs/master/cephfs/file-layouts/
|
http://docs.ceph.com/docs/master/cephfs/file-layouts/
|
||||||
|
Loading…
Reference in New Issue
Block a user