[jira] [Commented] (HDDS-4944) Multi-Tenant Support in Ozone

Mon, 26 Apr 2021 10:33:09 -0700 


    [ 
https://issues.apache.org/jira/browse/HDDS-4944?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17332633#comment-17332633
 ] 

Arpit Agarwal commented on HDDS-4944:
-------------------------------------

bq. Using dns the URL of buckets became https://bucket1.endpoint and 
https://bucket2.endpoint. There is no significant difference between this and 
using https://bucket1.sales.endpoint and https://bucket1.marketnig.endpoint

Here are the implications of this proposal.
# With the DNS model, each bucket needs a new DNS entry.
# You need distinct S3 gateway(s) per tenant. This complicates cluster 
manageability.
# When I create a new tenant, I have to spin up at leas one new S3 gateway.
# If a tenant is busy then its gateway could become a bottleneck, since all 
data is proxied by S3G. With current model you can go to any S3G in the cluster 
(it's another problem that we never gave good guidelines for setting up a load 
balancer when S3 support was designed).

Cluster admins usually do not have privileges to manage their own DNS 
infrastructure. Also Hadoop services never run with network administrator 
privileges to manage DNS. So how do your users create a DNS entry when a new 
bucket is created? Amazon can do this because they control their own 
infrastructure.

This idea optimizes for ease of development and fails to consider the usability 
aspect.

> Multi-Tenant Support in Ozone
> -----------------------------
>
>                 Key: HDDS-4944
>                 URL: https://issues.apache.org/jira/browse/HDDS-4944
>             Project: Apache Ozone
>          Issue Type: New Feature
>          Components: Ozone CLI, Ozone Datanode, Ozone Manager, Ozone Recon, 
> S3, SCM, Security
>    Affects Versions: 1.2.0
>            Reporter: Prashant Pogde
>            Assignee: Prashant Pogde
>            Priority: Major
>              Labels: pull-request-available
>         Attachments: Apache-S3-compatible-Multi-Tenant-Ozone-short.pdf.gz, 
> Ozone MultiTenant Feature _ Requirements and Abstractions-3.pdf, Ozone, 
> Multi-tenancy, S3, Kerberos....pdf, UseCaseAWSCompatibility.pdf, 
> UseCaseCephCompatibility.pdf, UseCaseConfigureMultiTenancy.png, 
> UseCaseCurrentOzoneS3BackwardCompatibility.pdf, 
> VariousActorsInteractions.png, uml_multitenant_interface_design.png
>
>
> This Jira will be used to track a new feature for Multi-Tenant support in 
> Ozone. Initially Multi-Tenant feature would be limited to ozone-users 
> accessing Ozone over S3 interface.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to