3.4. Configuring a default share type

You can use the Shared File Systems service to define share types that you can use to create shares with specific settings. Share types work like Block Storage volume types. Each type has associated settings, for example, extra specifications. When you invoke the type during share creation the settings apply to the shared file system.

To secure the native CephFS back end against untrusted users, Red Hat recommends that you do not create a default share type. When a default share type does not exist, users are forced to specify a share type, and trusted users can use a custom private share type to which they have exclusive access rights.

If you must create a default share type for untrusted tenants, you can steer provisioning away from the native CephFS back end.

Procedure

  1. Set an extra specification on the share type:

    manila type-create default False
    manila type-key default set share_backend_name=’s!= cephfs’
  2. Create a private share type and provide trusted tenants with access to this share type:

    $ manila type-create --is-public false nativecephfstype false
    $ <share_backend_name>=cephfs 1
    $ manila type-key nativecephfstype set share_backend_name=$<share_backend_name>
    $ manila type-access-add nativecephfstype <trusted_tenant_project_id>__
1
<share_backend_name> set as the overcloud heat template option ManilaCephFSBackendName.

For more information about share types, see Creating a share type in the Storage Guide.