红帽全球峰会此内容没有您所选择的语言版本。
7.3. User Properties
Roles and Permissions can be considered as the properties of the User object. Roles are predefined sets of privileges that can be configured from Red Hat Storage Console, permitting access and management to different levels of resources in the cluster, to specific physical and virtual resources. Multilevel administration includes a hierarchy of permissions that can be configured to provide a finely grained model of permissions, or a wider level of permissions as required by your enterprise. For example, a cluster administrator has permissions to manage all servers in the cluster, while a server administrator has system administrator permissions to a single server. A user can have permissions to log into and use a single server but not make any changes to the server configurations, while another user can be assigned system permissions to a server, effectively acting as system administrator on the server.
7.3.1. Roles
复制链接链接已复制到粘贴板!
Red Hat Storage provides a range of pre-configured or default roles, from the Superuser or system administration, to an end user with permissions to access a single volume only. There are two types of system administration roles: roles with system permissions to physical resources, such as hosts and storage; and roles with system permissions to virtual resources such as volumes. While you cannot change the default roles, you can clone them, and then customize the new roles as required.
Red Hat Storage Console has an
administrator role. The privileges provided by this role are shown in this section.
Note
The default roles cannot be removed from the Red Hat Storage, or privileges cannot be modified; however the name and descriptions can be changed.
Administrator Role
- Allows access to the Administration Portal for managing servers and volumes.For example, if a user has an
administratorrole on a cluster, they could manage all servers in the cluster using the Administration Portal.
| Role | Privileges | Notes |
|---|---|---|
| SuperUser | Full permissions across all objects and levels | Can manage all objects across all clusters. |
| ClusterAdmin | Cluster Administrator | Can use, create, delete, and manage all resources in a specific cluster, including servers and volumes. |
| GlusterAdmin | Gluster Administrator | Can create, delete, configure and manage a specific volume. Can also add or remove host. |
| HostAdmin | Host Administrator | Can configure, manage, and remove a specific host. Can also perform network-related operations on a specific host. |
| NetworkAdmin | Network Administrator | Can configure and manage networks attached to servers. |
7.3.2. Permissions
复制链接链接已复制到粘贴板!
The following table details the actions for each object in the cluster, for each of which permission may be assigned. This results in a high level of control over actions at multiple levels.
| Object | Action |
|---|---|
| System - Configure RHS-C | Manipulate Users, Manipulate Permissions, Manipulate Roles, Generic Configuration |
| Cluster - Configure Cluster | Create, Delete, Edit Cluster Properties, Edit Network |
| Server - Configure Server | Create, Delete, Edit Host Properties, Manipulate Status, Edit Network |
| Gluster Storage - Configure Gluster Storage | Create, Delete, Edit Volumes, Volume Options, Manipulate Status |
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}