Git branch: https://github.com/apache/ozone/tree/HDDS-3630
For a quick intro to the S3 multi-tenancy feature, here is an excerpt from the documentation:
Before Ozone multi-tenancy, all S3 access to Ozone (via S3 Gateway) are
confined to a single designated S3 volume (that is volume `s3v`, by default).Ozone multi-tenancy allows multiple S3-accessible volumes to be created.
Each volume can be managed separately by their own tenant admins via CLI for user operations, and via Apache Ranger for access control.
For more, please check out the full documentation. The doc has feature overview, setup guide, CLI guide and access control guide (best viewed locally rendered using hugo serve
command under ./hadoop-hdds/docs/
, as it is not published to the website yet).Currently there will be one RocksDB for each Container on datanode, which leads to hundreds of thousands of RocksDB instances on one datanode. It's very challenging to manage this amount of RocksDB instances in one JVM. Please refer to the "problem statement" section of the design document[1] for challenge details. Unlike the current approach, Datanode RocksDB merge feature will use only one RocksDB for each data volume. With far fewer RocksDB instances to manage, the write path performance and DN stability are improved, Refer to the Micro Benchmark Data section of the design document.
To enable the feature, the following configs need to be added to Ozone Manager's ozone-site.xml
.
...
2. Documentation
Documentation has been is being added since by
Jira | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|
3. Design, attached the docs
...
5. Docker-compose / acceptance tests
New acceptance test is being added by Jira:
Jira | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|
6. Support of containers / Kubernetes:
...
We have tested major datanode actions which requrie
S3 Gateway performance to be tested. Performance has been considered during development. For example, in order to for the client (S3 Gateway) to select the correct decryption key based on the actual user principal (S3 Gateway) and without introducing extra round trip, the user principal is piggy-backed in RpcClient#getS3Volume
.
activities which require RocksDB operation, include container create & close & delete, and block put & get. Except that container delete performance drops because container metadata KV need to be deleted from RocksDB, other four major activities all have performance improved.
Ozone Java RPC client performance should not be affected.