UID/GID Mapping

From Lustre Wiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Introduction

Using Nodemap, UIDs, GIDs and PROJIDs provided by remote clients can be mapped onto a local set of UIDs, GIDs and PROJIDs for storage in the filesystem. Non-overlapping ranges of UID, GID, PROJID would be used from the filesystem to cater to different subsets of users.

The Nodemap functionality also allows restricting client sub-groups to mount only a specific subdirectory tree of the filesystem, rather than the whole filesystem (Subdirectory Mount).

You may find Nodemaps useful if:

  • You need to prevent UID, GID, and PROJID collisions between clients in different administrative domains
  • Two or more partner organizations would like to share data in the same filesystem
  • You can limit access from a partner site
  • You can limit administrator/root access to the filesystem
  • Force clients to mount the filesystem read-only
  • Specifying a subdirectory for clients (e.g. multi-tenancy)
  • Selectively enable audit logging for clients
  • Selectively enable client-side data encryption

Resources

Presentations