Discussion:
[ceph-users] Multi tenanted radosgw and existing Keystone users/tenants
Mark Kirkwood
2018-12-04 03:41:00 UTC
Permalink
Hi,

I've set up a Luminous RGW with Keystone integration, and subsequently set

rgw keystone implicit tenants = true

So now all newly created users/tenants (or old ones that never accessed
RGW) get their own namespaces. However there are some pre-existing users
that have created buckets and objects - and these are in the global
namespace. Is there any way to move the existing buckets and objects to
private namespaces and change these users to use said private namespaces?

Cheers

Mark
Florian Haas
2018-12-05 16:24:00 UTC
Permalink
Hi Mark,
Post by Mark Kirkwood
Hi,
I've set up a Luminous RGW with Keystone integration, and subsequently set
rgw keystone implicit tenants = true
So now all newly created users/tenants (or old ones that never accessed
RGW) get their own namespaces. However there are some pre-existing users
that have created buckets and objects - and these are in the global
namespace. Is there any way to move the existing buckets and objects to
private namespaces and change these users to use said private namespaces?
It looks like you're running into the issue described in this PR:
https://github.com/ceph/ceph/pull/23994

Sooo... bit complicated, fix still pending.

Cheers,
Florian
Matt Benjamin
2018-12-05 16:28:30 UTC
Permalink
This capability is stable and should merge to master shortly.

Matt
Post by Florian Haas
Hi Mark,
Post by Mark Kirkwood
Hi,
I've set up a Luminous RGW with Keystone integration, and subsequently set
rgw keystone implicit tenants = true
So now all newly created users/tenants (or old ones that never accessed
RGW) get their own namespaces. However there are some pre-existing users
that have created buckets and objects - and these are in the global
namespace. Is there any way to move the existing buckets and objects to
private namespaces and change these users to use said private namespaces?
https://github.com/ceph/ceph/pull/23994
Sooo... bit complicated, fix still pending.
Cheers,
Florian
_______________________________________________
ceph-users mailing list
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
--
Matt Benjamin
Red Hat, Inc.
315 West Huron Street, Suite 140A
Ann Arbor, Michigan 48103

http://www.redhat.com/en/technologies/storage

tel. 734-821-5101
fax. 734-769-8938
cel. 734-216-5309
Mark Kirkwood
2018-12-05 22:29:57 UTC
Permalink
Post by Florian Haas
Hi Mark,
Post by Mark Kirkwood
Hi,
I've set up a Luminous RGW with Keystone integration, and subsequently set
rgw keystone implicit tenants = true
So now all newly created users/tenants (or old ones that never accessed
RGW) get their own namespaces. However there are some pre-existing users
that have created buckets and objects - and these are in the global
namespace. Is there any way to move the existing buckets and objects to
private namespaces and change these users to use said private namespaces?
https://github.com/ceph/ceph/pull/23994
Sooo... bit complicated, fix still pending.
Thanks!

FWIW for a very small number of existing buckets and objects, unloading
the buckets and objects, deleting the buckets and the RGW user (i.e
*not* the Keystone tenant + user) and reloading again works. Clearly
this rapidly becomes unwieldy...


Cheers

Mark

Loading...