Out of interest, assuming your using ceph RBD’s – do you hit an issue where by the locks don’t correctly ‘move’ when a container migrates? Historically we’ve had to clean up manually with rbd lock list / remove the lock to permit the pod to move properly.
Admittedly, we haven’t tested this since 1.2 From: users-boun...@lists.openshift.redhat.com [mailto:users-boun...@lists.openshift.redhat.com] On Behalf Of Diego Castro Sent: 10 January 2017 15:59 To: Philippe Lafoucrière <philippe.lafoucri...@tech-angels.com> Cc: users@lists.openshift.redhat.com Subject: Re: ceph pv Hello. You can use pv without worrying about secrets if you create a keyring file on each node at /etc/ceph/ceph.client.openshift.keyring and point the pv object to it: apiVersion: v1 kind: PersistentVolume metadata: name: mypv labels: size: 1024 spec: capacity: storage: 1024 accessModes: - "ReadWriteOnce" rbd: monitors: - "osm-0:6789" - "osm-1:6789" - "osm-2:6789" pool: rbd image: mypv user: openshift keyring: /etc/ceph/ceph.client.openshift.keyring fsType: ext4 readOnly: false persistentVolumeReclaimPolicy: "Retain" For more information to create a ceph user: http://docs.ceph.com/docs/giant/rados/operations/user-management/#managing-users --- Diego Castro / The CloudFather GetupCloud.com - Eliminamos a Gravidade 2017-01-09 17:42 GMT-03:00 Philippe Lafoucrière <philippe.lafoucri...@tech-angels.com<mailto:philippe.lafoucri...@tech-angels.com>>: On Mon, Jan 9, 2017 at 3:42 AM, James Eckersall <ja...@jeckersall.co.uk<mailto:ja...@jeckersall.co.uk>> wrote: Our use case would be utilisation of openshift clusters with untrusted clients in distinct projects, so we’re trying to ensure they can’t access each/others storage. We are in the same situation, and we generally let our clients access their projects without permissions for secrets :) _______________________________________________ users mailing list users@lists.openshift.redhat.com<mailto:users@lists.openshift.redhat.com> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
_______________________________________________ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users