openstack-manuals/doc/admin-guide-cloud/source/shared_file_systems_key_concepts.rst

Key concepts

Share

In the Shared File Systems service share is the fundamental resource unit allocated by the Shared File System service. It represents an allocation of a persistent, readable, and writable filesystem that can be accessed by OpenStack compute instances, or clients outside of OpenStack (depending on deployment configuration).

Note

A share is an abstract storage object that may or may not directly map to a "share" concept from the underlying storage provider.

Snapshot

A snapshot is a point-in-time, read-only copy of a share. Snapshots can be created from an existing share that is operational regardless of whether a client has mounted the file system. A snapshot can serve as the content source for a new share when the share is created with the create from snapshot option specified.

Storage Pools

With the Kilo release of OpenStack, the Shared File Systems service has introduced the concept of storage pools. The storage may present one or more logical storage resource pools from which the Shared File Systems service will select as a storage location when provisioning shares.

Share Type

Share type is an abstract collection of criteria used to characterize shares. They are most commonly used to create a hierarchy of functional capabilities that represent a tiered level of storage services; for example, a cloud administrator might define a premium share type that indicates a greater level of performance than a basic share type, which would represent a best-effort level of performance.

Share Access Rules

Share access rules define which users can access a particular share. For example, access rules can be declared for NFS shares by listing the valid IP networks (using CIDR notation) which should have access to the share.

Security Services

Security services are the concept in the Shared File Systems service that allow Finer-grained client access rules to be declared for authentication or authorization to access share content. External services including LDAP, Active Directory, Kerberos can be declared as resources that should be consulted when making an access decision to a particular share. Shares can be associated to multiple security services but only one service per one type.

Share Networks

A share network is an object that defines a relationship between a tenant's network/subnet (as defined in an OpenStack network service (Neutron or Nova-network)) and the shares created by the same tenant; that is, a tenant may find it desirable to provision shares such that only instances connected to a particular OpenStack-defined network have access to the share. Also, security services can be attached to share networks, because most of auth protocols require some interaction with network services.

Share Servers

A share server is a logical entity that hosts the shares that are created on a specific share network. A share server may be a configuration object within the storage controller, or it may represent logical resources provisioned within an OpenStack deployment that are used to support the data path used to access shares.

Share servers interact with network services to determine the appropriate IP addresses on which to export shares according to the related share network. The Shared File Systems service has a pluggable network model that allows share servers to work with different implementations of Network service.