Gateway mediated networking model with NFS-Ganesha

Registered by Csaba Henk on 2014-01-08

NFS-Ganesha[1] (in sequel: Ganesha) is a userspace NFS server, with a modular
architecture with respect to storage backends. Ganesha would act as a mediator
between Manila tenants and the storage pool.

The intended Ganesha helper module and utilities would enable Manila drivers whose backends (e.g., GlusterFS and GPFS) have Ganesha support i.e., have a Ganesha FSAL [2], to easily serve NFS shares mediated by Ganesha server residing either in a service VM/share server or otherwise. So the drivers would be able to exploit the advantages of Ganesha[3], one of them being the ability to support multi-protocols such NFSv2, v3, v4, v4.1, and v4.2.

For more technical details of the Ganesha driver, please read the 'Technical overview' section of the "full specification" link provided below.
------------

[1]: https://github.com/nfs-ganesha/nfs-ganesha/wiki

[2]: FSAL is Ganesha's term for a modular driver component, stands for
     "File System Abstraction Layer". Here is the list of current ones:
     https://github.com/nfs-ganesha/nfs-ganesha/wiki/Fsalsupport

[3]: http://events.linuxfoundation.org/sites/events/files/slides/Collab14_nfsGanesha.pdf

Blueprint information

Status:
Complete
Approver:
Ben Swartzlander
Priority:
High
Drafter:
Csaba Henk
Direction:
Approved
Assignee:
Csaba Henk
Definition:
Approved
Series goal:
Accepted for kilo
Implementation:
Implemented
Milestone target:
milestone icon 2015.1.0
Started by
Csaba Henk on 2014-11-25
Completed by
Csaba Henk on 2015-02-26

Related branches

Sprints

Whiteboard

IN SCOPE

The Ganesha driver core (helper module and utilities) would allow or deny to a share by adding or removing exports (or export blocks), in realtime (using dbus), and persistently (by adding or deleting exporting blocks from the Ganesha config file on disk). Export blocks in native ganesha format would need to be generated and parsed. And as each export block requires an unique export ID, the IDs would also be managed appropriately.

Initially the Ganesha core would be used to interact with Ganesha server not running in a service VM/share server.
Addressed by Gerrit topic: https://review.openstack.org/#q,topic:bp/gateway-mediated-with-ganesha,n,z

OUT OF SCOPE

Discussion of adjustment of the Ganesha library to handle share servers has been removed from this blueprint. Please follow up on that effort at https://blueprints.launchpad.net/manila/+spec/ganesha-share-server.

USER STORIES

How would a backend driver use Ganesha driver helper module and utilities?
---------------------------------------------------------------------------------------------------------------------
What the Ganesha helper offers for a backend driver: to manage access (allow or deny)
via NFS to shares.

The Ganesha helper operates by creating export blocks, ie. snippets of Ganesha config
that specify an export. The Ganesha helper is configured by export block templates,
ie. export blocks with placeholders, where the placeholders are filled with concrete values
during the operation of the helper.

The backend driver has to delegate its {allow,deny}_access calls to a custom subclass
of the basic Ganesha helper class.

The subclass has to be endowed with export block templates. Ie. what the subclass
code has to do: provide export block templates filled with data specific to the FSAL (Ganesha's
concept of a module) that interfaces with drivers' backend technology.

As an example, the glusterfs driver module would be extended to use Ganesha helper module.

Addressed by: https://review.openstack.org/124637
    glusterfs: add NFS-Ganesha based service backend

(?)

Work Items

Work items:
[chenk] Implement ganesha helper module and related utilities to be used by drivers that don't create share servers https://review.openstack.org/124635: DONE
[rraja] Refactor glusterfs module to be able to accommodate different NAS helpers: https://review.openstack.org/124636: DONE
[chenk] Make glusterfs driver (in glusterfs module) use the ganesha helper https://review.openstack.org/124637: DONE

This blueprint contains Public information 
Everyone can see this information.