<div dir="ltr">I'm okay with just using one volume for everyone. In our current storage solution, we use what it calls 'volumes' to manage quotas, but Gluster allows directory level quotas which would satisfy our need.<div>
<br></div><div>I also forgot to mention that our users are not POSIX users. Our current storage solution uses ACLs and authentication tokens for managing access. It would be great if Gluster had a similar way for clients to access a directory based on their authentication token, rather than UNIX file permissions.</div>
</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Jul 2, 2013 at 8:20 PM, Jay Vyas <span dir="ltr"><<a href="mailto:jayunit100@gmail.com" target="_blank">jayunit100@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="auto"><div>Hmmm... but given that glusters fuse client is posix compliant, can't you just create a single volume and use a customized umask setup on user-named subdirectories in that volume to mimic this behaviour?</div>
<div><div class="h5"><div><br></div><div>On Jul 2, 2013, at 7:25 PM, Joshua Hawn <<a href="mailto:josh@picloud.com" target="_blank">josh@picloud.com</a>> wrote:<br><br></div><blockquote type="cite"><div><div dir="ltr">
<span style="font-family:arial,sans-serif;font-size:13px">I've been looking into using Gluster to replace a system that we currently use for storing data for several thousand users. With our current networked file system, each user can create volumes and only that user has access to their volumes with authentication.</span><div style="font-family:arial,sans-serif;font-size:13px">
<br></div><div style="font-family:arial,sans-serif;font-size:13px">I see that Gluster also offers a username/password auth system, which is great, but there are several issues about it that bother me: </div><div style="font-family:arial,sans-serif;font-size:13px">
<br></div><div style="font-family:arial,sans-serif;font-size:13px">[1] Currently all the authentication related information is passed un-encrypted over the network from client to server.<br></div><div style="font-family:arial,sans-serif;font-size:13px">
[2] Currently each volume is managed as a separate process on the server.</div><div style="font-family:arial,sans-serif;font-size:13px"><br></div><div style="font-family:arial,sans-serif;font-size:13px">[1] is a major security issue for me and [2] is a major scalablity issue.</div>
<div style="font-family:arial,sans-serif;font-size:13px"><br></div><div style="font-family:arial,sans-serif;font-size:13px">Are either of these issues going to be fixed in the next release or are there any alternatives that Gluster offers? Also, is the authentication layer only used by the Gluster FUSE client or is it possible with NFS or CIFS?</div>
<div style="font-family:arial,sans-serif;font-size:13px"><br></div><div style="font-family:arial,sans-serif;font-size:13px">I've also wondered if Gluster can support authentication on a sub-directory level? If not, how complicated would it be to modify the source code to enable it? This would enable us to go around the one-process-per-volume issue.</div>
</div>
</div></blockquote></div></div><blockquote type="cite"><div><span>_______________________________________________</span><br><span>Gluster-users mailing list</span><br><span><a href="mailto:Gluster-users@gluster.org" target="_blank">Gluster-users@gluster.org</a></span><br>
<span><a href="http://supercolony.gluster.org/mailman/listinfo/gluster-users" target="_blank">http://supercolony.gluster.org/mailman/listinfo/gluster-users</a></span></div></blockquote></div></blockquote></div><br></div>