Configuring Domains

Domain Essentials

Within a tenant, a domain is the primary entity for dividing and controlling access and resources. Domains have these essential features:

  • Ownership: Each domain owns one or more buckets.

  • Access control: Domains can define separate identity management system so the users and groups within them are separated from those in other domains.

  • Delegation: Domain administrators can create and access storage domains and they can delegate management duties for the storage domains they create.

  • Content: The domain itself stores buckets for named objects for end-user data and collections (stored searches).

Unnamed Objects

Unnamed objects written directly to the domain are represented by a system-defined Content IDs bucket part of each domain.

See the Naming Rules for Swarm for domains.

Domain Usage

The storage used chart displays the current current size of the storage footprint used by all domains, inclusive of all versions, replicas, and erasure-coded segments when viewing all domains in a given tenant. The Bandwidth Used chart displays the total bandwidth (bytes in and bytes out) used by each domain over a rolling 30-day window. See Usage Reports.

A domain reports the usage at the very top, along with the total bucket and collection count when opening up a domain: 

Dynamic Filtering

Narrow the listing by entering a string in the Filter box, which filters by Name if a large number of domains exist.

Default Items

Every domain is created with standard built-in items to help manage the contents:

  • A special system-generated bucket for unnamed objects (Content IDs),

  • A set of default search collections, for commonly needed views in to the content, by age and type

Delete Domain

The Delete command deletes the domain and all buckets and uploaded contents and any saved collections for the domain.

Warning: This command cannot be undone, so proceed with caution.

Domain Properties

Owner

Every domain needs an owner with access to and ultimate authority over. Create a domain for another to manage as a root or tenant admin.

Note

Ownership defaults to the specific administrator who created the domain, but the owner does not need to be a root or tenant administrator.

Change the owner when creating a context for someone else to manage. One does not want to own or be responsible for managing the data in the domain when creating a domain for a client.

Quotas

Quotas can be set to determine how much storage and/or network bandwidth the domain is permitted to consume.  

See Setting Quotas.

Storage Policies

Storage policies control how this domain's objects are protected (using replication and/or erasure coding) and whether versioning is in use. The domain inherits the storage policies in force for the cluster by default.

Specify custom policies if inheriting these policies is disabled, but these custom policies are subject to what is allowed and in force in the cluster. A warning icon and message alerts to the situation if opting for something being overridden by a higher policy.

See Setting Storage Policies.

Identity Management

The IDSYS objects define the identity management systems controlling the domain's users:

  • User and group information

  • The authentication system

See Setting Identity Management and Gateway Identity System.

Permissions

Permissions are determined by the access control policy, which are the rules granting (or denying) users and groups the ability to perform specific actions.

See Setting Permissions.

Tokens

See Setting Tokens.

© DataCore Software Corporation. · https://www.datacore.com · All rights reserved.