piglei writes: > Hi, I am a ceph newbie. I want to create two isolated rgw services in a > single ceph cluster, the requirements: > > * Two radosgw will have different hosts, such as radosgw-x.site.com and > radosgw-y.site.com. File uploaded to rgw-xcannot be accessed via rgw-y. > * Isolated bucket and user namespaces is not necessary, because I could > prepend term to bucket name and user name, like "x-bucket" or "y-bucket" > > At first I thought region and zone may be the solution, but after a little > more researchs, I found that region and zone are for different geo locations, > they share the same metadata (buckets and users) and objects instead of > isolated copies. > > After that I noticed ceph's multi-tenancy feature since jewel release, which > is probably what I'm looking for, here is my solution using multi-tenancy: > > * using two tenant called x and y, each rgw service matches one tenant. > * Limit incoming requests to rgw in it's own tenant, which means you can only > retrieve resources belongs to buckets "x:bucket" when > callingradosgw-x.site.com. This can be archived by some custom nginx rules. > > Is this the right approach or Should I just use two different clusters > instead? Looking forward to your awesome advises. >
Since jewel, you can also consider looking into realms which sort of provide for isolated namespaces within a zone or zonegroup. -- Abhishek _______________________________________________ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
