On Wed, 29 Jan 2020 at 16:52, Matthew Vernon <m...@sanger.ac.uk> wrote:
> Hi, > > On 29/01/2020 16:40, Paul Browne wrote: > > > Recently we deployed a brand new Stein cluster however, and I'm curious > > whether the idea of pointing the new OpenStack cluster at the same RBD > > pools for Cinder/Glance/Nova as the Luminous cluster would be considered > > bad practice, or even potentially dangerous. > > I think that would be pretty risky - here we have a Ceph cluster that > provides backing for our OpenStacks, and each OpenStack has its own set > of pools -metrics,-images,-volumes,-vms (and its own credential). > Hi Matthew, I think I've come around to that thinking now too. Despite using different keys, the 2 sets of clients in different OpenStack clusters would require the same capabilities on the shared pools, which widens the blast radius a bit too far for me, I think (unless there were also a capability to restrict the sets of clients' keys to specific namespaces within the shared pools similar to the caps given out to CephFS clients) Thanmks, Paul > > Regards, > > Matthew > > -- ******************* Paul Browne Research Computing Platforms University Information Services Roger Needham Building JJ Thompson Avenue University of Cambridge Cambridge United Kingdom E-Mail: pf...@cam.ac.uk Tel: 0044-1223-746548 ******************* _______________________________________________ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
