CN116910015B

CN116910015B - Storage platform service method, device, equipment and storage medium

Info

Publication number: CN116910015B
Application number: CN202311174597.7A
Authority: CN
Inventors: 王帅阳; 肖国栋; 李旭东; 张在贵
Original assignee: Suzhou Inspur Intelligent Technology Co Ltd
Current assignee: Suzhou Inspur Intelligent Technology Co Ltd
Priority date: 2023-09-12
Filing date: 2023-09-12
Publication date: 2024-01-19
Anticipated expiration: 2043-09-12
Also published as: CN116910015A

Abstract

The embodiment of the application relates to the technical field of network storage, in particular to a storage platform service method, a device, equipment and a storage medium, aiming at flexibly distributing storage resources. The method comprises the following steps: the storage platform receives a service request sent by a user; determining tenants corresponding to the service request by the storage platform according to the service request, wherein a plurality of tenants are pre-configured in the storage platform, and globally configuring the tenants when the storage platform is deployed so as to perform software data isolation and physical data isolation on data corresponding to the tenants; when the user is a user corresponding to the tenant, the storage platform sends the service request to a corresponding file system according to global configuration information corresponding to the tenant; and the file system returns the resources corresponding to the service request to the user terminal of the user.

Description

Storage platform service method, device, equipment and storage medium

Technical Field

The embodiment of the application relates to the technical field of network storage, in particular to a storage platform service method, a storage platform service device, storage platform service equipment and a storage medium.

Background

The big data storage service is a service for storing massive data in a persistent manner, and when the general big data storage service stores data, a set of big data clusters is established for each service, and the service is stored through the established clusters.

In the related technology, for each service, a storage cluster needs to be independently created to store the data of the service, and only files can be shared integrally, so that multiple namespaces cannot be provided for multiple platforms, the resource waste is serious, and the cost requirement of clients cannot be met.

Disclosure of Invention

The embodiment of the application provides a storage platform service method, a device, equipment and a storage medium, which aim to flexibly allocate storage resources.

An embodiment of the present application provides a storage platform service method, where the method includes:

the storage platform receives a service request sent by a user;

determining tenants corresponding to the service request by the storage platform according to the service request, wherein a plurality of tenants are pre-configured in the storage platform, and globally configuring the tenants when the storage platform is deployed so as to perform software data isolation and physical data isolation on data corresponding to the tenants;

When the user is a user corresponding to the tenant, the storage platform sends the service request to a corresponding file system according to global configuration information corresponding to the tenant, wherein the global configuration information at least comprises the file system corresponding to the tenant and an address of a physical storage node corresponding to the tenant;

and the file system returns the resources corresponding to the service request to the user terminal of the user.

Optionally, the deployment procedure of the storage platform includes:

triggering a multi-tenant deployment flow in a management interface of the storage platform;

the storage platform deploys a pre-configured default file system in a plurality of storage nodes connected with the storage platform;

creating a plurality of tenants in the storage platform;

binding the plurality of tenants to the default file system;

each tenant in the plurality of tenants performs tenant attribute resource configuration in a tenant configuration interface of the storage platform;

each tenant of the plurality of tenants creates any number of namespaces in the tenant configuration interface;

each tenant in the plurality of tenants performs service sharing configuration in the tenant configuration interface.

Optionally, the method further comprises:

in the case that the tenant designates a special file system, the storage platform creates the special file system;

deploying the special file system into a storage node of the storage platform;

and establishing a binding relation between the tenant and the special file system.

Optionally, the method further comprises:

under the condition that the tenant needs to physically isolate the special file system, a designated node is allocated to the special file system;

and deploying the special file system into the designated node.

Optionally, each tenant of the plurality of tenants performs tenant attribute resource configuration in a tenant configuration interface of the storage platform, including:

the tenant performs tenant information configuration in the tenant configuration interface;

the tenant performs switch configuration in the tenant configuration interface;

and the tenant performs tenant resource configuration in the tenant configuration interface.

Optionally, the tenant performs tenant information configuration in the tenant configuration interface, including:

the tenant inputs tenant domain control information corresponding to the tenant in the tenant configuration interface;

The tenant inputs file system information corresponding to the tenant in the tenant configuration interface;

the tenant inputs tenant authentication information corresponding to the tenant in the tenant configuration interface;

and the tenant inputs service network configuration information corresponding to the tenant in the tenant configuration interface.

Optionally, the method further comprises:

and the storage platform stores the tenant domain control information, the file system information and the network configuration information into a global configuration.

Optionally, the tenant performs switch configuration in the tenant configuration interface, including:

the tenant picks up any tenant-level switch in the tenant configuration interface;

the tenant picks up any namespace-level switch in the tenant configuration interface;

and the tenant picks up any file-level switch in the tenant configuration interface.

Optionally, the method further comprises:

and the storage platform stores the switch configuration information into a working directory of a naming space of a file system corresponding to the tenant.

Optionally, the tenant performs tenant resource configuration in the tenant configuration interface, including:

the tenant inputs user information included by the tenant in the tenant configuration interface;

And the tenant inputs file information unique to the tenant in the tenant configuration interface.

Optionally, the method further comprises:

and the storage platform stores the user information and the file information into a metadata pool corresponding to the file system appointed by the tenant.

Optionally, each tenant of the plurality of tenants creates any number of namespaces in the tenant configuration interface, including:

the tenant opens a work catalog corresponding to the tenant in the tenant configuration interface;

and creating a namespace work directory corresponding to the namespace under the work directory.

Optionally, each tenant of the plurality of tenants performs service sharing configuration in the tenant configuration interface, including:

and the tenant performs sharing setting in the name space according to a business protocol between the tenant and the business in the tenant configuration interface.

Optionally, the tenant performs sharing setting in the namespace according to a business protocol between the tenant and the business in the tenant configuration interface, including:

when the sharing protocol between the tenant and the service is a first type sharing protocol, setting the resources in the name space corresponding to the tenant or the resources in the catalogue contained in the name space as shared resources;

And when the sharing protocol between the tenant and the service is a second type sharing protocol, setting all resources in the name space corresponding to the tenant as sharing resources.

Optionally, the storage platform determines, according to the service request, a tenant corresponding to the service request, including:

the storage platform determines the resources corresponding to the service request;

and the storage platform determines the tenant corresponding to the resource according to the binding relation of the resource.

Optionally, the step of determining whether the user is the user corresponding to the tenant includes:

the stored platform determines whether a receiving address corresponding to the service request is a receiving address contained in the tenant service network information according to preset tenant service network information;

when the receiving address is the receiving address contained in the tenant service network information, determining whether the user sending the service request is a user in a user list of the tenant;

and when the user is a user in the user list of the tenant, determining that the user is a user corresponding to the tenant.

Optionally, the method further comprises:

and when the receiving address is not the receiving address contained in the tenant service network information, or when the user is not the user corresponding to the tenant, returning access prohibition information to the user.

Optionally, the sending, by the storage platform, the service request to a corresponding file system according to the global configuration information corresponding to the tenant includes:

the storage platform determines an access path of a file system corresponding to the tenant according to the global configuration information corresponding to the tenant;

and the storage platform sends the service request to a file system corresponding to the tenant through the access path.

A second aspect of an embodiment of the present application provides a storage platform service device, where the device includes:

the service request receiving module is used for receiving a service request sent by a user by the storage platform;

the tenant determining module is used for determining tenants corresponding to the service request according to the service request by the storage platform, wherein a plurality of tenants are pre-configured in the storage platform, and the tenants are globally configured when the storage platform is deployed so as to perform software data isolation and physical data isolation on data corresponding to the tenants;

the service request forwarding module is used for sending the service request to a corresponding file system according to global configuration information corresponding to the tenant when the user is the user corresponding to the tenant, wherein the global configuration information at least comprises the file system corresponding to the tenant and an address of a physical storage node corresponding to the tenant;

And the resource sending module is used for returning the resources corresponding to the service request to the user terminal of the user by the file system.

Optionally, the apparatus further comprises a deployment module of the storage platform, the module comprising:

the flow triggering sub-module is used for triggering a multi-tenant deployment flow in a management interface of the storage platform;

a default file system deployment sub-module, configured to deploy a default file system configured in advance in a plurality of storage nodes connected by the storage platform;

the tenant creation sub-module is used for creating a plurality of tenants in the storage platform;

a default file system binding sub-module for binding the plurality of tenants to the default file system;

a tenant attribute resource configuration sub-module, configured to configure tenant attribute resources in a tenant configuration interface of the storage platform for each of the plurality of tenants;

a namespace creation sub-module for each of the plurality of tenants creating any number of namespaces in the tenant configuration interface;

and the service sharing configuration sub-module is used for each tenant in the plurality of tenants to carry out service sharing configuration in the tenant configuration interface.

Optionally, the deployment module of the storage platform further includes:

a special file system creation sub-module, configured to create a special file system by the storage platform when the tenant designates the special file system;

a first special file system deployment sub-module for deploying the special file system into a storage node of the storage platform;

and the binding relation establishing sub-module is used for establishing the binding relation between the tenant and the special file system.

Optionally, the deployment module of the storage platform further includes:

a designated node allocation submodule, configured to allocate a designated node to the special file system when the tenant needs to physically isolate the special file system;

and the second special file system deployment sub-module is used for deploying the special file system into the designated node.

Optionally, the tenant attribute resource configuration submodule includes:

the tenant information configuration sub-module is used for configuring tenant information in the tenant configuration interface by the tenant;

the switch configuration sub-module is used for performing switch configuration on the tenant in the tenant configuration interface;

And the tenant resource configuration sub-module is used for configuring tenant resources in the tenant configuration interface by the tenant.

Optionally, the tenant information configuration submodule includes:

the tenant domain control information configuration sub-module is used for inputting tenant domain control information corresponding to the tenant in the tenant configuration interface by the tenant;

the tenant file system information configuration sub-module is used for inputting file system information corresponding to the tenant in the tenant configuration interface by the tenant;

the tenant authentication information configuration sub-module is used for inputting tenant authentication information corresponding to the tenant in the tenant configuration interface by the tenant;

and the network configuration information sub-module is used for inputting service network configuration information corresponding to the tenant in the tenant configuration interface by the tenant.

Optionally, the tenant information configuration sub-module further includes:

and the first information storage sub-module is used for storing the tenant domain control information, the file system information and the network configuration information into a global configuration by the storage platform.

Optionally, the switch configuration submodule includes:

a group user level switch configuration sub-module, configured to pick up any tenant level switch in the tenant configuration interface by the tenant;

A namespace-level switch configuration sub-module, configured to pick up an arbitrary namespace-level switch in the tenant configuration interface by the tenant;

and the file-level switch configuration sub-module is used for the tenant to select any file-level switch in the tenant configuration interface.

Optionally, the switch configuration sub-module further comprises:

and the second information storage sub-module is used for storing the switch configuration information into a working directory of a naming space of a file system corresponding to the tenant by the storage platform.

Optionally, the tenant resource configuration submodule includes:

the user information configuration sub-module is used for inputting user information included by the tenant in the tenant configuration interface by the tenant;

the file information configuration sub-module is used for inputting the unique file information of the tenant in the tenant configuration interface by the tenant.

Optionally, the tenant resource configuration sub-module further includes:

and the third information storage sub-module is used for storing the user information and the file information into a metadata pool corresponding to the file system appointed by the tenant by the storage platform.

Optionally, the namespace creation submodule includes:

A working catalog opening sub-module, configured to open a working catalog corresponding to the tenant in the tenant configuration interface;

and the name space work catalog creation submodule is used for creating a name space work catalog corresponding to the name space under the work catalog.

Optionally, the service sharing configuration submodule includes:

and the sharing setting sub-module is used for the tenant to carry out sharing setting in the name space according to a service protocol between the tenant and the service in the tenant configuration interface.

Optionally, the sharing setting submodule includes:

a first sharing setting sub-module, configured to set, when a sharing protocol between the tenant and the service is a first type of sharing protocol, a resource in a namespace corresponding to the tenant or a resource in a directory included in the namespace as a shared resource;

and the second sharing setting sub-module is used for setting all resources in the name space corresponding to the tenant as shared resources when the sharing protocol between the tenant and the service is a second type of sharing protocol.

Optionally, the tenant determination module includes:

the resource determination submodule is used for determining resources corresponding to the service request by the storage platform;

The tenant determination submodule is used for determining the tenant corresponding to the resource according to the binding relation of the resource by the storage platform.

Optionally, the apparatus further includes a user judgment module, where the module includes:

the receiving address determining sub-module is used for determining whether the receiving address corresponding to the service request is the receiving address contained in the tenant service network information or not according to the pre-configured tenant service network information by the stored platform;

a user information determining sub-module, configured to determine, when the received address is a received address included in the tenant service network information, whether a user that sends the service request is a user in a user list of the tenant;

and the user judging sub-module is used for determining that the user is the user corresponding to the tenant when the user is the user in the user list of the tenant.

Optionally, the user judgment module further includes:

and the forbidden information return sub-module is used for returning forbidden access information to the user when the receiving address is not the receiving address contained in the tenant service network information or the user is not the user corresponding to the tenant.

Optionally, the service request forwarding module includes:

an access path determining submodule, configured to determine an access path of a file system corresponding to the tenant according to the global configuration information corresponding to the tenant by using the storage platform;

and the resource sending sub-module is used for sending the service request to the file system corresponding to the tenant through the access path by the storage platform.

A third aspect of the embodiments of the present application provides a readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the method as described in the first aspect of the present application.

A fourth aspect of the present application provides an electronic device, including a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor implements the steps of the method described in the first aspect of the present application when the processor executes the computer program.

By adopting the storage platform service method provided by the application, the storage platform receives a service request sent by a user; determining tenants corresponding to the service request by the storage platform according to the service request, wherein a plurality of tenants are pre-configured in the storage platform, and globally configuring the tenants when the storage platform is deployed so as to perform software data isolation and physical data isolation on data corresponding to the tenants; when the user is a user corresponding to the tenant, the storage platform sends the service request to a corresponding file system according to global configuration information corresponding to the tenant, wherein the global configuration information at least comprises the file system corresponding to the tenant and an address of a physical storage node corresponding to the tenant; and the file system returns the resources corresponding to the service request to the user terminal of the user. In the method, a concept of a tenant is introduced, a plurality of tenants are preconfigured in a storage platform, each tenant is bound with a corresponding file system and a storage node, when the storage platform receives a service request sent by a user, the storage platform can judge the tenant corresponding to the service request, because the service request is bound with the tenant in advance, the tenant corresponding to the service request can be determined according to a preconfigured binding relation, when the user is the user corresponding to the tenant, the service request is sent to the corresponding file system according to preconfigured global configuration information, each user can only access the file system bound by the corresponding tenant, the data of each tenant is isolated in a software layer, the corresponding file system is stored in a physical layer, the data of each tenant is isolated in a physical layer, the safety of each stored data in the same storage platform is ensured, the utilization rate of the storage system can be increased, and the isolation of a software layer and the physical layer is realized between each user, so that the data of each tenant is flexibly distributed.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments of the present application will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

FIG. 1 is a flowchart of a method for servicing a storage platform according to one embodiment of the present application;

FIG. 2 is a schematic diagram of a tenant configuration flow proposed in an embodiment of the present application;

FIG. 3 is a schematic diagram of a service access isolation procedure according to an embodiment of the present application;

FIG. 4 is a schematic diagram of a multi-protocol resource access mapping process according to an embodiment of the present application;

FIG. 5 is a flowchart of a distributed unstructured storage multi-tenant system deployment proposed by an embodiment of the present application;

FIG. 6 is a schematic diagram of a storage platform service device according to an embodiment of the present application;

fig. 7 is a schematic diagram of an electronic device according to an embodiment of the present application.

Detailed Description

The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without making any inventive effort, are intended to be within the scope of the present application.

Referring to fig. 1, fig. 1 is a flowchart of a storage platform service method according to an embodiment of the present application. As shown in fig. 1, the method comprises the steps of:

s11: and the storage platform receives the service request sent by the user.

In this embodiment, the storage platform is a platform for managing a storage system, where the storage system includes a plurality of storage nodes, each storage node includes a plurality of storage devices, and a plurality of resources are stored for access and extraction by a corresponding user. The service request is a request for accessing a specific resource, which is sent to the storage platform by a user through a user terminal.

In this embodiment, when a user needs to obtain certain data in the storage platform to perform certain services, a mobile terminal sends a corresponding service request to the storage platform, and when the service request is sent, the user logs in a service interface of the storage platform on the user terminal, can log in the storage platform through a browser or a client, inputs the service request to be sent in the server interface, sends the request to the storage platform end, and the storage platform receives the service request sent by the user.

For example, when a user wants to acquire file a, a service request for file a is sent to the storage platform, with the requested content being "download file a".

S12: the storage platform determines tenants corresponding to the service request according to the service request, wherein a plurality of tenants are pre-configured in the storage platform, and the tenants are globally configured when the storage platform is deployed so as to perform software data isolation and physical data isolation on data corresponding to the tenants.

In this embodiment, the tenant is a management unit of the storage platform, the storage platform provides uniform resource management based on tenant granularity based on multi-tenant characteristics, and resources are allocated and managed by taking the tenant as a unit, so that a set of storage systems can be shared by multiple tenants, the running cost of the systems is reduced by sharing hardware resources, the resource utilization rate of the systems is improved, the resources among multiple tenants on the storage platform are isolated from each other, and the security and privacy of data of each tenant are ensured. The file system is an application program for managing files, the storage nodes are storage devices for storing data, and a plurality of storage nodes are deployed in one storage system. The global configuration is a configuration that a tenant inputs information required to be input in a platform and globally and permanently stores the information in the platform, a corresponding file system, tenant authentication information and service network information are specified when the information is input, the service network information comprises a physical storage node specified by the tenant, and after the global configuration is completed, the storage platform stores the information input by the tenant as global configuration information corresponding to the tenant.

In this embodiment, after receiving a service request sent by a user terminal, the storage platform determines, through a tenant mapping layer in the storage platform, a tenant corresponding to the service request, where the tenant mapping layer determines, according to a name space and network address information of the tenant stored in global configuration information of the tenant, the tenant corresponding to the service request, and according to a network protocol between a storage node of a service system and the tenant, a manner of acquiring the tenant is different. And a plurality of tenants are preconfigured in the storage platform, and each tenant is respectively bound with a corresponding file system and a corresponding storage node.

Illustratively, when the protocol between the tenant and the file system storage node is HDFS (Hadoop Distributed File System), the accessed tenant is determined through a pre-configured service network address and a namespace binding relationship. When the protocol between the tenant and the file system storage node is an S3 (SSS) protocol, the service request directly carries the tenant name, and the tenant is directly obtained.

S13: and under the condition that the user is the user corresponding to the tenant, the storage platform sends the service request to a corresponding file system according to the global configuration information corresponding to the tenant, wherein the global configuration information at least comprises the file system corresponding to the tenant and the address of the physical storage node corresponding to the tenant.

In this embodiment, the global configuration information is information preconfigured by the tenant when the storage platform is deployed, and includes domain control information of the tenant, file system information corresponding to the tenant, authentication configuration information of the tenant, and service network information of the tenant, where the service network information includes an address of a physical storage node corresponding to the tenant.

In this embodiment, the storage platform first determines whether the user sending the service information is the user corresponding to the tenant, and when the user sending the service information is the user corresponding to the tenant, determines the file system to be accessed according to the global configuration information corresponding to the tenant, further, according to the tenant name, the name space bound by the tenant, the resource name accessed by the tenant splices the actual service path of the actual file system, and sends the service request to the corresponding file system through the service path.

Illustratively, the composition of the actual traffic path of the file system is "tenant name/namespace name/resource name".

S14: and the file system returns the resources corresponding to the service request to the user terminal of the user.

In this embodiment, after receiving a service request, a file system on a storage node determines a resource that a user needs to access according to the service request, and sends the resource that the user requests to access to a user terminal of the user, so as to implement a corresponding service operation.

In this embodiment, in the storage platform, unified configuration management is performed on the tenants, when a user needs to access a specified resource, a service request is sent out, and according to the service request and global configuration information of the preset tenants, the storage platform sends the service request to a corresponding file system, so that information isolation among the tenants of the storage platform is realized, and under the condition that the data security of the tenants is ensured, a plurality of tenants are supported to use the same storage platform, the utilization rate of the storage resource is improved, and flexible allocation of the storage resource is realized.

In another embodiment of the present application, the deployment procedure of the storage platform includes:

s21: triggering a multi-tenant deployment flow in a management interface of the storage platform.

In this embodiment, the management interface of the storage platform is an interface on the host computer of the storage platform for managing the whole storage platform. A multi-tenant deployment flow is a flow that deploys multiple tenants on a storage platform.

In this embodiment, a developer needs to pre-deploy a multi-tenant system on a storage platform, and first triggers a multi-tenant deployment flow in a management interface of the storage platform.

S22: the storage platform deploys a pre-configured default file system in a plurality of storage nodes connected with the storage platform.

In this embodiment, the default file system is a commonly used file system configured in advance by the storage platform.

In this embodiment, after triggering the multi-tenant deployment flow, the storage platform deploys a default file system configured in advance in a plurality of connected storage nodes, sends a program file of the default file system to the plurality of connected storage nodes, and after the storage nodes acquire corresponding files, runs the files, and installs the default file system in the storage nodes.

S23: creating a plurality of tenants in the storage platform.

In this embodiment, after the deployment of the default file system is completed, a plurality of tenants are created in the storage platform.

In this embodiment, a plurality of new storage platform users are created in the storage platform, and corresponding names, i.e., tenant names, are allocated to the created storage platform users, so as to obtain a plurality of created tenants.

S24: binding the plurality of tenants to the default file system.

In this embodiment, after the tenants are created, a default file system is bound for the multiple tenants, where each created tenant binds with the default file system without specifying a special file system, and after the tenants are bound, the binding relationship is globally persisted.

Illustratively, a default file system a and a default file system B are created, and tenant 1 and tenant 2 are created, tenant 1 and tenant 2 are bound to file system a and file system B.

S25: each tenant of the plurality of tenants performs tenant attribute resource configuration in a tenant configuration interface of the storage platform.

In this year embodiment, the tenant attribute resource configuration records the unique information and attributes of the tenant in the storage platform, so that the storage platform determines the service requirement of the tenant and provides corresponding services for the tenant according to the unique attributes of the tenant. The tenant configuration interface is an interface for inputting tenant information, designating a file system and selecting functions by a tenant.

In this embodiment, after a tenant is created in a storage platform, a user logs in the storage platform at the tenant end, configures information such as a user domain, a kerberos security domain, a service network (access_zone) and the like of the tenant on the storage platform, and the storage platform performs global persistence on the information, that is, stores the information in a corresponding storage space and permanently stores the information. The user also needs to perform service sharing configuration at the tenant end, and for different services, service isolation at the namespace level or service isolation of namespaces and directories below namespaces can be set.

S26: each tenant of the plurality of tenants creates any number of namespaces in the tenant configuration interface.

In this embodiment, the namespace is a management unit that logically divides the storage resources; the "file system" of file services and the "bucket" of big data services, object services, are both concrete manifestations of namespaces.

In this embodiment, for each tenant of multiple tenants, a user creates an arbitrary number of namespaces in a tenant configuration interface, when the user creates a namespace, a subdirectory or bucket is created under the directory of the tenant working resources, in the same tenant, resources in the namespaces can be shared, and resources in the directories under the namespaces can also be shared.

Illustratively, tenant 1 creates 3 namespaces in the tenant configuration interface, namespace 1, namespace 2, and namespace 3, respectively.

S27: each tenant in the plurality of tenants performs service sharing configuration in the tenant configuration interface.

In this embodiment, the service sharing configuration is a configuration in which tenants determine resources that can be shared in storage nodes corresponding to the same tenant.

In this embodiment, tenants may perform service sharing configuration in a tenant configuration interface for different service protocols, and may perform sharing for namespaces and directories below for general services, so as to form service isolation of a space interface, that is, set namespaces or files of a directory below namespaces may be shared among users included in the tenants. For some special services, the namespaces can be shared, and at the moment, a separate service network needs to be reconfigured for the namespaces, and when the namespaces are accessed, the accessed namespaces are identified through the service networks corresponding to the service protocols of the special services.

In another embodiment of the present application, the method further comprises:

s31: in the case that the tenant specifies a special file system, the storage platform creates the special file system.

In this embodiment, the special file system is a file system different from the default file system, and is a file system specified by the tenant when the tenant puts forward the demand.

In this embodiment, when a tenant designates a special file system, the storage platform creates the special file system in the storage platform according to the file system designated by the tenant, and obtains the data of the special file system.

For example, if the default file system is a, B and the tenant 3 designates the special file system C, the storage platform creates the special file system C at the storage platform end.

S32: and deploying the special file system into a storage node of the storage platform.

In this embodiment, after the storage platform creates a special file system, the special file system is deployed into a storage node of the storage platform. The data of the special file system is sent to a plurality of storage nodes of the storage platform, and the storage nodes run the received data to complete the deployment of the special file system.

S33: and establishing a binding relation between the tenant and the special file system.

In this embodiment, after a special file system is deployed to a storage node of a storage platform, the file system is specified in global configuration information of a tenant, that is, a name of the file system is stored in the global configuration information of the tenant, and a binding relationship between the tenant and the special file system is created.

In another embodiment of the present application, the method further comprises:

s41: and in the case that the tenant needs to physically isolate the special file system, assigning a designated node to the special file system.

In this embodiment, when the tenant needs to physically isolate the special file system, a designated node is allocated to the special file system, where the designated node is an independent storage node, and the storage node only serves the special file system, and no other files are stored, so that data security of the special file system is ensured.

Illustratively, the storage nodes connected to the storage platform have storage nodes 4 that do not store data, the special file system is stored in the storage nodes 4, and the rest of the data is no longer stored in the storage nodes 4.

S42: and deploying the special file system into the designated node.

In this embodiment, after a designated node is allocated to a special file system, the special file system is deployed into the designated node.

In this embodiment, when the tenant needs to specify a special file system, the special file system is created, and when the tenant needs to physically isolate the special file system, the special file system is deployed on the specified node, so that the security of the tenant's data is ensured.

In another embodiment of the present application, each tenant of the plurality of tenants performs tenant attribute resource configuration in a tenant configuration interface of the storage platform, including:

s25-1: and the tenant performs tenant information configuration in the tenant configuration interface.

In this embodiment, the tenant information includes information such as domain control information (user domain information), authentication configuration information (kernel security domain), file system information, and service network (access_zone) of the tenant.

In this embodiment, the specific steps of performing tenant information configuration in the tenant configuration interface by the tenant include:

s25-1-1: and the tenant inputs tenant domain control information corresponding to the tenant in the tenant configuration interface.

In this embodiment, the tenant-side information is account information of the tenant and computer information used by the tenant.

In this embodiment, the tenant inputs the corresponding tenant domain control information in the tenant configuration interface, and the storage platform can identify the identity of the tenant and the computer device used by the tenant through the tenant account information and the computer information included in the domain control information.

S25-1-2, the tenant inputs file system information corresponding to the tenant in the tenant configuration interface.

In this embodiment, the file system information is information such as a name of a file system corresponding to the tenant.

In this embodiment, the tenant inputs file system information corresponding to the tenant in the tenant configuration interface.

S25-1-3: and the tenant inputs tenant authentication information corresponding to the tenant in the tenant configuration interface.

In this embodiment, the tenant authentication information is information used when security authentication of a third party is required.

In the embodiment, the tenant inputs the tenant authentication information corresponding to the tenant in the tenant configuration interface, so that the storage platform performs third party security authentication on the tenant, and reliability of the identity of the tenant is ensured.

The third party authentication protocol may be, for example, kerberos authentication.

S25-1-4: and the tenant inputs service network configuration information corresponding to the tenant in the tenant configuration interface.

In this embodiment, the service network configuration information includes a domain name of a node corresponding to the tenant, a network address of the node corresponding to the tenant, and the like.

In this embodiment, the tenant inputs network configuration information corresponding to the tenant in the tenant configuration interface, so that the storage platform can determine the domain name of the node corresponding to the tenant and the network address of the node.

In this embodiment, the method further includes:

s25-1-5: and the storage platform stores the tenant domain control information, the file system information, the tenant authentication information and the network configuration information into a global configuration.

In this embodiment, after the tenant inputs the tenant-side information, the file system information, the tenant authentication information and the network configuration information into the tenant configuration interface, the storage platform stores the input tenant-side information, the file system information, the tenant authentication information and the network configuration information into the global configuration.

S25-2: and the tenant performs switch configuration in the tenant configuration interface.

In this embodiment, the switch configuration refers to a switch configuration of functions provided by the tenant to the storage platform.

In this embodiment, the specific step of performing switch configuration by the tenant in the tenant configuration interface includes:

s25-2-1, the tenant selects any tenant-level switch in the tenant configuration interface.

In this embodiment, the group user level switch is a switch of a tenant-related function.

In this embodiment, a user performing tenant configuration checks any tenant-level switch according to requirements in a tenant configuration interface, a function selected by the user is on, and a function not checked by the user is off.

Illustratively, the tenant-level function may be a tenant name change, a tenant administrator change, or the like.

S25-2-2, the tenant selects any namespace-level switch in the tenant configuration interface.

In this embodiment, the namespace-level switch is a switch of a function of a namespace directory under a work directory of a tenant.

In this embodiment, a user performing tenant configuration checks any namespace level switch according to the requirement in a user configuration interface, and a function selected by the user is turned on and a function not checked by the user is turned off.

Illustratively, a namespace-level switch may be that the namespace is open to all users under the tenant, the namespace is hidden, and so on.

S25-2-3, the tenant selects any file level switch in the tenant configuration interface.

In this embodiment, the file-level switch is a switch for a specific file function corresponding to the tenant.

In this embodiment, a user performing tenant configuration checks an arbitrary file-level switch according to a requirement in a tenant configuration interface.

For example, the file function switch may be a function such as a file in read-only mode (cannot be modified).

In this embodiment, the method further includes:

s25-2-4: and the storage platform stores the switch configuration information into a working directory of a naming space of a file system corresponding to the tenant.

In this embodiment, the storage platform persists the obtained tenant-level switch, namespace-level switch and file-level switch configuration information to a working directory corresponding to the tenant and namespace of the tenant file system, specifically, to a working directory xattr metadata attribute, where xattr is an extension attribute of the storage file.

S25-3: and the tenant performs tenant resource configuration in the tenant configuration interface.

In this embodiment, tenant resources refer to a file system specified by a tenant, resources included under the file system, user information included under the tenant, and the like.

In this embodiment, the specific step of performing, by the tenant, tenant resource configuration in the tenant configuration interface includes:

S25-3-1: and the tenant inputs user information included by the tenant in the tenant configuration interface.

In this embodiment, each tenant includes a plurality of users, and the plurality of users may commonly use a file system corresponding to one tenant.

In this embodiment, when the tenant performs tenant resource configuration in the tenant configuration interface, user information of all users corresponding to the tenant, that is, user names of the users, etc., is input, and then information of a file system specified by the tenant and resource information specified by the tenant are input.

S25-3-2: and the tenant inputs file information unique to the tenant in the tenant configuration interface.

In this embodiment, when the user performs tenant information configuration on the tenant configuration interface, file information unique to the tenant is input into the user configuration interface. File information unique to a tenant, that is, file information of a resource that the tenant stores in a storage node and that can only be accessed by the tenant.

In this embodiment, the method further includes:

s25-3-3: and the storage platform stores the user information and the file information into a metadata pool corresponding to the file system appointed by the tenant.

In this embodiment, the storage platform stores the user information and the file information into a metadata pool corresponding to a file system specified by the tenant. Based on the characteristics of the metadata, different protocol services can realize functional intercommunication by reading information in a metadata pool.

Referring to fig. 2, fig. 2 is a schematic diagram of a tenant configuration flow provided in an embodiment of the present application, as shown in fig. 2, when a tenant performs configuration, during performing tenant attribute resource configuration, a tenant, a namespace file function level switch records in metadata xattr attributes, tenant resources such as tenant user information are stored in a self-protection specified file system metadata pool, tenant domain control information, file system information corresponding to the tenant, tenant level authentication configuration information and access_zone information are stored in a global configuration, all file system data are stored in a storage pool, and when the global configuration is not performed, only functional configuration and tenant internal resources need to be stored in the storage pool.

In this embodiment, each tenant of the plurality of tenants creates an arbitrary number of namespaces in the tenant configuration interface, including:

s26-1: and the tenant opens a work catalog corresponding to the tenant in the tenant configuration interface.

In this embodiment, the working directory corresponding to the tenant is used to collect the namespace corresponding to the tenant.

In this embodiment, when creating a namespace, a tenant first opens a working directory corresponding to the tenant in a tenant configuration interface.

S26-2: and creating a namespace work directory corresponding to the namespace under the work directory.

In this embodiment, the namespace work directory includes information such as a resource corresponding to the tenant and a name of a file system corresponding to the resource.

In this embodiment, after the tenant opens the working directory corresponding to the tenant, the tenant creates a namespace working directory corresponding to the namespace under the working directory.

In another embodiment of the present application, each tenant of the plurality of tenants performs service sharing configuration in the tenant configuration interface, including:

s27-1: and the tenant performs sharing setting in the name space according to a business protocol between the tenant and the business in the tenant configuration interface.

In this embodiment, the service protocol is a network protocol between a file system for processing a service and a tenant, and sharing settings are different based on characteristics of different protocols.

In this embodiment, the specific step of performing sharing setting in the namespace by the tenant in the tenant configuration interface according to a service protocol between the tenant and the service includes:

s27-1-1: and when the sharing protocol between the tenant and the service is a first type of sharing protocol, setting the resources in the name space corresponding to the tenant or the resources in the catalogue contained in the name space as the sharing resources.

In this embodiment, the first type of sharing protocol is a network protocol that can share resources in a specific file directory.

In this embodiment, when the sharing protocol between the tenant end and the service end is the first type sharing protocol, the resources in the namespace corresponding to the tenant or the resources in the directory included in the namespace are set as the sharing resources.

The first type of sharing protocol is exemplified by file service protocols such as nas service protocol.

S27-1-2: and when the sharing protocol between the tenant and the service is a second type sharing protocol, setting all resources in the name space corresponding to the tenant as sharing resources.

In this embodiment, the second type of sharing protocol is a protocol that can only share all resources in the namespace.

In this embodiment, when the sharing protocol between the tenant end and the service end is the second type sharing protocol, all the resources in the namespaces corresponding to the tenant are set as shared resources. At the same time, a separate service network needs to be reconfigured for the namespace, and the protocol identifies the access namespace through the separate service network when access is made.

The second type of shared protocol is, for example, the HDFS (Hadoop Distributed File System) protocol.

In another embodiment of the present application, the determining, by the storage platform, a tenant corresponding to the service request according to the service request includes:

s12-1: and the storage platform determines the resources corresponding to the service request.

In this embodiment, the service request includes the resource corresponding to the service request, that is, the file information of the file required by the user.

In this embodiment, after receiving a service request sent by a user, the storage platform determines resource information, such as a resource name, of a resource corresponding to the service request.

S12-2: and the storage platform determines the tenant corresponding to the resource according to the binding relation of the resource.

In this embodiment, each resource is in a namespace work directory of a namespace of a tenant, and the storage platform determines, according to a binding relationship between the namespace to which the resource belongs and the tenant, the tenant corresponding to the resource.

In another embodiment of the present application, the step of determining whether the user is a user corresponding to the tenant includes:

s51: and the storage platform determines whether the receiving address corresponding to the service request is the receiving address contained in the tenant service network information according to the pre-configured tenant service network information.

In this embodiment, the receiving address is an address of the storage platform that receives the service request of the tenant. The service network information is stored with a receiving address of the storage platform for receiving the service request of the tenant.

In this embodiment, when receiving a service request of a user, the storage platform determines, according to preset tenant service network information, all receiving addresses corresponding to the service request of the tenant in the tenant service network information, and further determines whether the receiving addresses corresponding to the service request are receiving addresses included in the tenant service network information.

S52: and when the receiving address is the receiving address contained in the tenant service network information, determining whether the user sending the service request is a user in a user list of the tenant.

In this embodiment, a user list corresponding to each tenant is stored in tenant information of each tenant, and user information of all users including information such as user accounts is stored in the user list. When the receiving address of the service request is the receiving address contained in the tenant service network information, determining that the receiving address of the service request sent by the user in the user list of the tenant is the receiving address contained in the tenant service network information, wherein the receiving address is used for sending the service request for the user in the user list of the tenant.

S53: and when the user is a user in the user list of the tenant, determining that the user is a user corresponding to the tenant.

In this embodiment, when it is determined that the user sending the service request is a user in the user list of the tenant, that is, when account information of the user is stored in the user list of the tenant, it is determined that the user is a user corresponding to the tenant.

In this embodiment, the method further includes:

s54: and when the receiving address is not the receiving address contained in the tenant service network information, or when the user is not the user corresponding to the tenant, returning access prohibition information to the user.

In this embodiment, when the received address is not the received address included in the tenant service network information or the account information of the user does not exist in the tenant list of the tenant, it is indicated that the user is not the user corresponding to the tenant, and access to the namespace of the tenant is not authorized, so that access prohibition information is returned to the user.

Referring to fig. 3, fig. 3 is a schematic service access isolation flow provided in an embodiment of the present application, as shown in fig. 3, when a user accesses a resource, determining a tenant to which the accessed resource belongs, determining whether a tenant network includes the service IP, that is, a receiving address of the service request, determining whether the user is under the tenant, that is, whether the user is located in a user list of the tenant, and when the tenant network includes the service IP and the user is under the tenant, allowing the user to continuously access the corresponding resource. And when the tenant network does not contain the service request IP or the user is not in the user list of the tenant, prohibiting the user from accessing the corresponding resource.

In another embodiment of the present application, the sending, by the storage platform, the service request to a corresponding file system according to global configuration information corresponding to the tenant includes:

s61: and the storage platform determines an access path of the file system corresponding to the tenant according to the global configuration information corresponding to the tenant.

In this embodiment, after determining the resources that the user needs to access and the tenant corresponding to the user, the storage platform determines, according to the pre-stored global configuration information of the tenant, an access path of the file system corresponding to the tenant.

In this embodiment, after determining the tenant corresponding to the service request, the storage platform obtains the file system to be accessed from the global configuration information of the tenant through the binding relationship of the network address and the namespace, and splices the actual service path of the actual file system, that is, the tenant name/namespace/file name, through the tenant name, the namespace and the access path.

Illustratively, the business objcte1 under the namespace of tenant 1 is accessed, and the actual access path is tenant 1/token 1/objcte1.

S62: and the storage platform sends the service request to a file system corresponding to the tenant through the access path.

In this embodiment, after determining an access path corresponding to a service request, the storage platform sends the service request to a file system corresponding to a tenant through the access path, and after receiving the service request, the file system invokes a corresponding resource according to the content of the service request and sends the resource to a user terminal.

Referring to fig. 4, fig. 4 is a schematic diagram illustrating a multi-protocol resource access mapping process according to an embodiment of the present application, and as shown in fig. 4, a mapping relationship of a tenant is stored in a global configuration. When a user accesses a service, the storage platform end tenant mapping layer determines a file system corresponding to the service access, determines a resource access path, and then sends a service access request to the corresponding file system, and the file system extracts corresponding resources from a corresponding storage pool.

Referring to fig. 5, fig. 5 is a deployment flowchart of a distributed unstructured storage multi-tenant system provided in an embodiment of the present application, as shown in fig. 5, a management platform deploys a multi-tenant storage system first, starts to deploy a default file system, creates a tenant, binds the file system, directly binds the created tenant with the default file system when the bound file system is the default file system, creates the file system when a special file system needs to be bound, binds the tenant with the special file system, logs in a storage platform after the created tenant is bound with the file system, performs user domain and kernel bros authentication configuration, creates an access_zone (service network) under the tenant, inputs user information, creates a NameSpace, the storage platform binds the load balancing policy of the HDFS protocol, creates HDFS sharing for the HDFS, creates NFS (Network File System ) sharing and CIFS (Common Internet File System) for the created file system, and common internet protocol sharing (File Transfer Protocol, file transfer) sharing for the created tenant, and can also complete sharing configuration based on any other shared configuration.

In the above embodiment of the present invention, tenant configuration management is unified, independent user environment resource information such as a file system, a service network, domain information, etc. is specified in tenant-level global configuration, the resource information in a tenant is stored in a file system metadata pool specified by the tenant, the tenant resource information is configured by a user through a management interface and a tenant configuration interface, and is uniformly stored in unstructured storage system global configuration information, and the global configuration has a cross-tenant characteristic, and when a resource of a certain tenant fails, the global configuration is not affected, and the acquisition of the configuration of the tenant is not affected. When the storage system is deployed, the software-level isolation and the hardware-level isolation are realized for the isolation level of the tenant, a plurality of tenants can use the same set of file systems to realize the isolation through software, if different file systems need to be selected, a special file system can be created before the tenant is created, and different file systems can be created into different physical hardware to realize the hardware-level isolation. For a single tenant, a plurality of namespaces can be created, each namespace is supported by an unstructured storage system, data stored in the namespaces can be accessed, and when sharing configuration is carried out, only the sharing of the namespace level is supported at most, so that data isolation among different tenants is ensured, and all users under the same tenant can share the namespaces in the namespaces. In the multi-tenant environment, the function control switch is moved downwards and moved to a metadata pool stored in a file system corresponding to the tenant, and different protocols can be communicated by reading metadata in the metadata pool. And when the storage platform receives the service request, acquiring a file system corresponding to the tenant through global configuration information, further acquiring an access path of the resource, configuring different access path acquisition modes for each different protocol, ensuring multi-protocol access and enhancing the convenience of users. When tenant resource isolation protection is carried out, logical resource isolation and network isolation are set, users under the same tenant can share a name space corresponding to the tenant, and in the configuration process of the tenant service network, only network addresses set by the service network are allowed to access tenant resources, so that the security of the resources is ensured. After the service expansion, the storage platform can also create new tenants and new nodes, complete the deployment, binding and attribute resource configuration of the file system, and can provide service access of the new tenants, thereby being convenient and quick and realizing flexible configuration of storage resources.

Based on the same inventive concept, an embodiment of the present application provides a storage platform service device. Referring to fig. 6, fig. 6 is a schematic diagram of a storage platform service device 600 according to an embodiment of the present application. As shown in fig. 6, the apparatus includes:

a service request receiving module 601, configured to receive a service request sent by a user by using a storage platform;

the tenant determining module 602 is configured to determine, according to the service request, a tenant corresponding to the service request, where multiple tenants are preconfigured in the storage platform, and the multiple tenants are globally configured when the storage platform is deployed, so as to perform software data isolation and physical data isolation on data corresponding to the multiple tenants;

the service request forwarding module 603 is configured to, when the user is a user corresponding to the tenant, send the service request to a corresponding file system according to global configuration information corresponding to the tenant, where the global configuration information at least includes the file system corresponding to the tenant and an address of a physical storage node corresponding to the tenant;

and the resource sending module 604 is configured to return, by the file system, a resource corresponding to the service request to a user terminal of the user.

Optionally, the deployment module of the storage platform further includes:

Optionally, the tenant attribute resource configuration submodule includes:

Optionally, the tenant information configuration submodule includes:

Optionally, the tenant information configuration sub-module further includes:

Optionally, the switch configuration submodule includes:

Optionally, the switch configuration sub-module further comprises:

Optionally, the tenant resource configuration submodule includes:

Optionally, the tenant resource configuration sub-module further includes:

Optionally, the namespace creation submodule includes:

Optionally, the service sharing configuration submodule includes:

Optionally, the sharing setting submodule includes:

Optionally, the tenant determination module includes:

Optionally, the user judgment module further includes:

Optionally, the resource sending module includes:

Based on the same inventive concept, another embodiment of the present application provides a readable storage medium, on which a computer program is stored, which when executed by a processor, implements the steps of the storage platform service method according to any of the embodiments of the present application.

Based on the same inventive concept, another embodiment of the present application provides an electronic device 700, as shown in fig. 7. Fig. 7 is a schematic diagram of an electronic device according to an embodiment of the present application, including a memory 702, a processor 701, and a computer program stored in the memory and executable on the processor, where the processor executes the steps in the storage platform service method according to any of the foregoing embodiments of the present application.

For the device embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments for relevant points.

In this specification, each embodiment is described in a progressive manner, and each embodiment is mainly described by differences from other embodiments, and identical and similar parts between the embodiments are all enough to be referred to each other.

It will be apparent to those skilled in the art that embodiments of the present application may be provided as a method, apparatus, or computer program product. Accordingly, the present embodiments may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present application may take the form of a computer program product on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.

Embodiments of the present application are described with reference to flowchart illustrations and/or block diagrams of methods, terminal devices (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing terminal device to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing terminal device, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

While preferred embodiments of the present embodiments have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the embodiments of the present application.

Finally, it is further noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or terminal that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or terminal. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or terminal device comprising the element.

The foregoing has described in detail the methods, apparatuses, devices and storage medium for service of a storage platform provided in the present application, and specific examples have been applied to illustrate the principles and embodiments of the present application, where the foregoing examples are only used to help understand the methods and core ideas of the present application; meanwhile, as those skilled in the art will have modifications in the specific embodiments and application scope in accordance with the ideas of the present application, the present description should not be construed as limiting the present application in view of the above.

Claims

1. A storage platform service method, the method comprising:

the storage platform receives a service request sent by a user;

the file system returns the resources corresponding to the service request to the user terminal of the user;

each tenant in the storage platform corresponds to a plurality of namespaces, each namespace corresponds to an unstructured storage system, a plurality of users corresponding to the tenant share resources in the namespaces according to sharing settings performed in advance by the tenant, or share resources under specified directories of the namespaces, and the sharing settings are configured in a tenant configuration interface by the tenant according to a corresponding service protocol.

2. The method of claim 1, wherein the deployment procedure of the storage platform comprises:

creating a plurality of tenants in the storage platform;

binding the plurality of tenants to the default file system;

3. The method according to claim 2, wherein the method further comprises:

deploying the special file system into a storage node of the storage platform;

4. A method according to claim 3, characterized in that the method further comprises:

and deploying the special file system into the designated node.

5. The method of claim 2, wherein each of the plurality of tenants performs tenant attribute resource configuration in a tenant configuration interface of the storage platform, comprising:

the tenant performs switch configuration in the tenant configuration interface;

6. The method of claim 5, wherein the tenant performs tenant information configuration in the tenant configuration interface, comprising:

7. The method of claim 6, wherein the method further comprises:

8. The method of claim 5, wherein the tenant performs a switch configuration in the tenant configuration interface, comprising:

9. The method of claim 8, wherein the method further comprises:

10. The method of claim 5, wherein the tenant performs tenant resource configuration in the tenant configuration interface, comprising:

11. The method according to claim 10, wherein the method further comprises:

12. The method of claim 2, wherein each tenant of the plurality of tenants creates any number of namespaces in the tenant configuration interface, comprising:

13. The method of claim 2, wherein each of the plurality of tenants performs a service sharing configuration in the tenant configuration interface, comprising:

14. The method of claim 13, wherein the tenant performs a sharing setting in the namespace in the tenant configuration interface according to a business agreement between the tenant and the business, comprising:

15. The method of claim 1, wherein the determining, by the storage platform, the tenant corresponding to the service request according to the service request comprises:

16. The method of claim 1, wherein the step of determining whether the user is a user corresponding to the tenant comprises:

17. The method of claim 16, wherein the method further comprises:

18. The method of claim 1, wherein the sending, by the storage platform, the service request to the corresponding file system according to the global configuration information corresponding to the tenant, includes:

19. A storage platform service device, the device comprising:

the resource sending module is used for returning the resources corresponding to the service request to the user terminal of the user by the file system;

20. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method according to any of claims 1 to 18.

21. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the steps of the method of any of claims 1 to 18 when the computer program is executed.