[英]Migrate ceph buckets to new user with zero downtime
I have a ceph/radosgw bucket with several million objects in it, and I need to change the ownership of the bucket to another user.我有一个包含数百万个对象的 ceph/radosgw 存储桶,我需要将存储桶的所有权更改给另一个用户。
Normally, this is done by link
ing the bucket to the new user, then chown
ing all of the files in it, like this:通常,这是通过将存储桶
link
到新用户,然后将其中的所有文件chown
来完成的,如下所示:
radosgw-admin bucket unlink --uid=user1 --bucket=bigbucket
radosgw-admin bucket link --uid=user2 --bucket=bigbucket
radosgw-admin bucket chown --uid=user2 --bucket=bigbucket
Unfortunately, the chown
operation has to loop over every single object in the bucket in order to update metadata.不幸的是,
chown
操作必须遍历存储桶中的每个 object才能更新元数据。 This results in an extended downtime window (sometimes 1 hour per million objects apparently) where neither the old user nor the new user can access the full contents of the bucket.这导致停机时间延长 window(有时显然是每百万个对象 1 小时),旧用户和新用户都无法访问存储桶的全部内容。
Is there any way to change bucket ownership that doesn't require downtime?有什么方法可以在不需要停机的情况下更改存储桶所有权? Some ideas:
一些想法:
uid
or some other piece of metadata that grants them access to the old user's bucket?uid
或其他一些元数据,授予他们访问旧用户存储桶的权限吗?You can add a bucket policy to the bucket to get access to both users until the migration gets done by chown
command:您可以向存储桶添加存储桶策略以访问两个用户,直到通过
chown
命令完成迁移:
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": {"AWS": ["arn:aws:iam:::user/user1", "arn:aws:iam:::user/user2"]},
"Action": "*",
"Resource": [
"arn:aws:s3:::bigbucket/*"
]
}]
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.