<div dir="ltr"><div><div>Hi Zach, <br><br>><br><div><b>Option 1</b>. 3 <span class="">Gluster</span> nodes, one large volume, divided up into subdirs (1 for each website), mounting the respective subdirs into their <span class="">containers</span> & using ACLs & LXD’s u/g id maps (mixed feelings about security here)</div><div>><br><br></div><div>Which version of GlusterFS is in use here ? because gluster sub directory support patch is available in upstream, however I dont think its in a good state to consume. Yeah, if the subdirectory mount is performed we have to take enough care to make sure the isolation of the mounts between multiple user, ie security is a concern here.<br><br>><br></div><div><b>Option 2</b>. 3 <span class="">Gluster</span> nodes, website-specifc bricks on each, creating website-specific volumes, then mounting those respective volumes into their <span class="">containers</span>. Example:</div><div><div> gnode-1</div><div> - /data/website1/brick1</div><div> - /data/website2/brick1</div><div><div> gnode-2</div><div> - /data/website1/brick2</div><div> - /data/website2/brick2</div><div><div> gnode-3</div><div> - /data/website1/brick3</div><div> - /data/website2/brick3</div></div></div></div><div>><br><br></div><div>Yes, this looks to be an ideal or more consumable approach to me.<br><br>><br></div><div><br></div><div><b>Option 3</b>. 3 <span class="">Gluster</span> nodes, every website get’s their own mini “<span class="">Gluster</span> Cluster” via LXD <span class="">containers</span> on the <span class="">Gluster</span> nodes. Example:</div><div> gnode-1</div><div> - gcontainer-website1</div><div> - /data/brick1</div><div><div> - gcontainer-website2</div><div> - /data/brick1</div></div><div> gnode-2</div><div> - gcontainer-website1</div><div> - /data/brick2</div><div><div> - gcontainer-website2</div><div> - /data/brick2</div></div><div><div> gnode-3</div><div> - gcontainer-website1</div><div> - /data/brick3</div><div><div> - gcontainer-website2</div><div> - /data/brick3<br>><br></div></div></div><br></div>This is very difficult or complex to achieve and maintain. <br><br></div>In short, I would vote for option 2. <br><br>Also for safer side, you may need take snapshot of the volumes or configure a backup for these volumes to avoid single point of failure. <br> <div class="gmail_extra"><br></div><div class="gmail_extra">Please let me know if you need any details.<br><br clear="all"></div><div class="gmail_extra"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div>--Humble<br></div><br></div></div></div>
<br></div></div>