All of lore.kernel.org
 help / color / mirror / Atom feed
From: Tim Serong <tserong@suse.com>
To: Sage Weil <sweil@redhat.com>, Ken Dreyer <kdreyer@redhat.com>
Cc: cjwatson@debian.org, timm@fnal.gov, ceph-maintainers@ceph.com,
	ceph-devel@vger.kernel.org
Subject: Re: [Ceph-maintainers] statically allocated uid/gid for ceph
Date: Thu, 11 Dec 2014 13:07:02 +1100	[thread overview]
Message-ID: <5488FC46.5080106@suse.com> (raw)
In-Reply-To: <alpine.DEB.2.00.1412101044300.22847@cobra.newdream.net>

On 12/11/2014 05:48 AM, Sage Weil wrote:
> +ceph-devel
> 
> On Wed, 10 Dec 2014, Ken Dreyer wrote:
>> On 12/06/2014 01:54 PM, Sage Weil wrote:
>>> Hi Colin, Boris, Owen,
>>>
>>> We would like to choose a statically allocated uid and gid for use by Ceph 
>>> storage servers.  The basic goals are:
>>>
>>>  - run daemons as non-root (right now everything is uid 0 (runtime and 
>>> on-disk data) and this is clearly not ideal)
>>>  - enable hot swap of disks between storage servers
>>>  - standardize across distros so that we can build clusters with a mix
>>>
>>> To support the hot swap, we can't use the usual uids allocated dynamically 
>>> during package installation.  Disks will completely filled with Ceph data 
>>> files with the uid from one machine and will not be usable on another 
>>> machine.
>>>
>>> I'm hoping we can choose a static uid/gid pair that is unused for Debian 
>>> (and Ubuntu), Fedora (and RHEL/CentOS), and OpenSUSE/SLES.  This will let 
>>> us maintain consistency across the entire ecosystem.
>>
>> How many system users should I request from the Fedora Packaging
>> Committee, and what should their names be?
>>
>> For example, are ceph-mon and ceph-osd going to run under the same
>> non-privileged system account?
> 
> Hmm, my first impulse was to make a single user and group.  But it might 
> make sense that e.g. rgw should run in a different context than ceph-osd 
> or ceph-mon.
> 
> If we go down that road, then maybe
> 
>  ceph-osd
>  ceph-mon
>  ceph-mds
>  ceph-rgw
>  ceph-calamari
> 
> and a 'ceph' group that we can use for /var/log/ceph etc for the qemu 
> and other librados users?
> 
> Alternatively, if we just do user+group ceph, then rgw can run as www-data 
> or apache (as it does now).  Not sure what makes the most sense for 
> ceph-calamari.

FWIW my gut says go with a single ceph user+group and leave rgw running
as the apache user.

Calamari consists of a few pieces - the web-accessible bit runs as the
apache user, then there's the cthulhu daemon, as well as carbon-cache
for the graphite stuff.  These latter two I believe run as root (at
least, they do with my SUSE packages which have systemd units for each
of these services, and I assume they run as root on other distros where
they're run under supervisord).  Now that I think of it though, I wonder
if it makes sense to just run the whole lot as the apache user...?

Regards,

Tim
-- 
Tim Serong
Senior Clustering Engineer
SUSE
tserong@suse.com

  reply	other threads:[~2014-12-11  2:07 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <alpine.DEB.2.00.1412061245410.18213@cobra.newdream.net>
     [not found] ` <5488919E.4090109@redhat.com>
2014-12-10 18:48   ` [Ceph-maintainers] statically allocated uid/gid for ceph Sage Weil
2014-12-11  2:07     ` Tim Serong [this message]
2014-12-11 22:47       ` John Spray
2015-04-14  1:02       ` Sage Weil
2015-04-14  1:05       ` Sage Weil
2015-04-14  4:03         ` Tim Serong
2015-04-14 15:21           ` Sage Weil
2015-04-14 16:12             ` Ken Dreyer
2015-04-15 17:14               ` Gaudenz Steinlin
2015-04-27  9:56                 ` Tim Serong
2015-04-27 11:29                   ` HEWLETT, Paul (Paul)** CTR **
2015-04-28  5:00                     ` Tim Serong
2015-04-27 16:02                   ` Sage Weil
2015-05-14 12:16                     ` Tim Serong
2015-05-14 13:53                       ` Ken Dreyer
2015-05-14 16:08                       ` Sage Weil
     [not found]                         ` <CAANLjFpgivwxMhFLy4OcCxnJ_k5ssORCUm2r+BgtU+LEPQmvPw@mail.gmail.com>
2015-05-14 16:20                           ` Robert LeBlanc
2015-05-14 16:41                           ` Sage Weil
2015-05-15  3:27                             ` Tim Serong
2015-05-15 10:25                 ` Colin Watson
2015-04-15 10:32             ` Tim Serong

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5488FC46.5080106@suse.com \
    --to=tserong@suse.com \
    --cc=ceph-devel@vger.kernel.org \
    --cc=ceph-maintainers@ceph.com \
    --cc=cjwatson@debian.org \
    --cc=kdreyer@redhat.com \
    --cc=sweil@redhat.com \
    --cc=timm@fnal.gov \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.