Bug 1637540 - [Doc RFE] Document interoperability improvements for RGW tenant/buckets (Tech Preview)
Summary: [Doc RFE] Document interoperability improvements for RGW tenant/buckets (Tech...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Ceph Storage
Classification: Red Hat Storage
Component: Documentation
Version: 3.2
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: 3.2
Assignee: John Brier
QA Contact: Tejas
URL:
Whiteboard:
Depends On:
Blocks: 1629585
TreeView+ depends on / blocked
 
Reported: 2018-10-09 12:55 UTC by Anjana Suparna Sriram
Modified: 2019-02-20 17:37 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Technology Preview
Doc Text:
.Improved interoperability with S3 and Swift via a unified tenant namespace This enhancement allows buckets to be moved between tenants. It also allows buckets to be renamed. In Red Hat Ceph Storage 2 `rgw_keystone_implicit_tenants` only applied to Swift. As of Red Hat Ceph Storage 3 this option applies to s3 also. Sites that used this feature with Red Hat Ceph Strage 2 now have outstanding data that depends on the old behavior. To accomodate that issue this enhancement also expands `rgw_keystone_implicit_tenants` so it can be set to any of "none", "all", "s3" or "swift". For more information, see Bucket management in the link:{object-gw-rhel-guide}#bucket-management[Object Gateway Guide for Red Hat Enterprise Linux] or link:{object-gw-ubuntu-guide}#bucket-management[Object Gateway Guide for Ubuntu] depending on your distribution. The `rgw_keystone_implicit_tenants` setting is documented in link:{rgw-to-keystone}#configuring_civetweb[Using Keystone to Authenticate Ceph Object Gateway Users].
Clone Of:
Environment:
Last Closed: 2019-01-23 09:59:35 UTC
Embargoed:


Attachments (Terms of Use)

Description Anjana Suparna Sriram 2018-10-09 12:55:22 UTC
User Story:
As a storage admin who uses RGW, I want to improve interoperability with S3 and Swift via a unified tenant namespace, the ability to move buckets between tenants, and rename buckets.

Content Plan Reference: https://docs.google.com/document/d/1Nxnh6XxpTiDO2TANEw5pvXZ0nYUwf36zTaqxCm0014w/edit#

Comment 6 John Brier 2018-11-28 16:26:46 UTC
More useful info:

bool split_mode = implicit_value.is_split_mode();
  /* Normally, empty "tenant" field of acct_user means the authenticated
   * identity has the legacy, global tenant. However, due to inclusion
    * of multi-tenancy, we got some special compatibility kludge for remote
    * backends like Keystone.
    * If the global tenant is the requested one, we try the same tenant as
    * the user name first. If that RGWUserInfo exists, we use it. This way,
    * migrated OpenStack users can get their namespaced containers and nobody's
   * the wiser.
   * If that fails, we look up in the requested (possibly empty) tenant.
   * If that fails too, we create the account within the global or separated
   * namespace depending on rgw_keystone_implicit_tenants.
   * For compatibility with previous versions of ceph, it is possible
   * to enable implicit_tenants for only s3 or only swift.
   * in this mode ("split_mode"), we must constrain the id lookups to
   * only use the identifier space that would be used if the id were
   * to be created. */

--- https://github.com/ceph/ceph/pull/22363/files#diff-15b9f415d50309d52c852a37f9f97705R477

Comment 14 John Brier 2018-12-17 15:48:11 UTC
Thanks for writing up a Doc Text. I will format it properly and clean it up and it will be included in the Release Notes.

FWIW, we don't normally put Doc Text in Doc bugs. Usually the Doc Text goes in the engineering bug and we add those as blockers to our Release Notes tracker BZ. In this case the engineering bug associated with this Doc RFE is already closed (1595379), and that bug had "Documented with BZ#1564520" in its Doc Text. Bug 1564520 is also closed and its Doc Text was about internal changes related to this Doc RFE (IIUC).

So we will use this Doc bug for this Doc Text but that's not normally how we do it.

Comment 15 John Brier 2018-12-17 19:45:28 UTC
Note to self, this bug is filtered by the CoRN script probably because it has component set to Documentation. I added it directly to corn-template/technology-previews.adoc. 

.Improved interoperability with S3 and Swift via a unified tenant namespace

This enhancement allows buckets to be moved between tenants. It also allows buckets to be renamed.

In Red Hat Ceph Storage 2 `rgw_keystone_implicit_tenants` only applied to Swift. As of Red Hat Ceph Storage 3 this option applies to s3 also. Sites that used this feature with Red Hat Ceph Strage 2 now have outstanding data that depends on the old behavior. To accomodate that issue this enhancement also expands `rgw_keystone_implicit_tenants` so it can be set to any of "none", "all", "s3" or "swift".

For more information, see Bucket management in the link:{object-gw-rhel-guide}#bucket-management[Object Gateway Guide for Red Hat Enterprise Linux] or link:{object-gw-ubuntu-guide}#bucket-management[Object Gateway Guide for Ubuntu] depending on your distribution. The `rgw_keystone_implicit_tenants` setting is documented in link:{rgw-to-keystone}#configuring_civetweb[Using Keystone to Authenticate Ceph Object Gateway Users].

Comment 16 Anjana Suparna Sriram 2019-01-23 09:59:35 UTC
Published on the customer portal as part of the RHCS 3.2 GA on 3rd Jan 2019


Note You need to log in before you can comment on or make changes to this bug.