[
https://issues.apache.org/jira/browse/HDDS-4904?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17297568#comment-17297568
]
Arpit Agarwal edited comment on HDDS-4904 at 3/8/21, 5:34 PM:
--------------------------------------------------------------
{quote} faked (no per-file permission).
{quote}
Isn't this a serious concern to overlook? How can it be an acceptable solution
for anyone if security is absent?
My understanding of CSI may be simplistic. When we claim CSI support, a user of
Ozone will expect that we support mountable block storage that can be formatted
and used as a filesystem volume with full POSIX compliance.
For the limited use cases that goofys allows, why use the CSI driver at all?
Why not just write files into Ozone using the S3 interface or just use
goofys/fuse from inside the container?
was (Author: arpitagarwal):
{quote} faked (no per-file permission).
{quote}
Isn't this a serious concern to overlook? How can it be an acceptable solution
for anyone if security is absent?
My understanding of CSI may be simplistic. When we claim CSI support, a user of
Ozone will expect that we support mountable block storage that can be formatted
and used as a filesystem volume with full POSIX compliance.
For the limited use cases that goofys allows, why use the CSI driver at all?
Why not just write files into Ozone using the S3 interface or just use
goofys/fuse from inside the container.
> Remove mention of CSI support
> -----------------------------
>
> Key: HDDS-4904
> URL: https://issues.apache.org/jira/browse/HDDS-4904
> Project: Apache Ozone
> Issue Type: Improvement
> Reporter: Arpit Agarwal
> Assignee: Dinesh Chitlangia
> Priority: Critical
>
> The Ozone website prominently mentions CSI support:
> [https://ozone.apache.org/docs/1.0.0/]
> [https://ozone.apache.org/docs/1.0.0/interface/csi.html]
> Our docs give a false impression to users that CSI is fully functional and
> supported for persistent storage inside containers.
> This support uses goofys+S3 gateway, so it is not appropriate for any serious
> usage. A real CSI solution should use an approach like the cBlocks prototype
> by building directly on top of HDDS containers with a real device driver.
> Until that time we should not claim CSI support. Alternatively we should be
> honest with our users that it is a prototype and not suitable for serious
> usage.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
