On Thu, 10 May 2018 20:07:03 +0800 Yuxin Wang <[email protected]> wrote:
> I'm working on a swift project. Our customer cares about S3 compatibility > very much. I tested our swift cluster with ceph/s3-tests and analyzed the > failed cases. It turns out that lots of the failed cases are related to > unique container/bucket. But as we know, containers are just unique in a > tenant/project. >[...] > Do you have any ideas on how to do or maybe why not to do? I'd highly > appreciate any suggestions. I don't have a recipy, but here's a thought: try making all the accounts that need the interoperability with S3 belong to the same Keystone tenant. As long as you do not give those accounts the owner role (one of those listed in operator_roles=), they will not be able to access each other's buckets (Swift containers). Unfortunately, I think they will not be able to create any buckets either, but perhaps it's something that can be tweaked - for sure if you're willing to far enough to make new middleware. -- Pete __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
