gluster-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gluster-devel] custom ssl file locations

From: Banio
Subject: [Gluster-devel] custom ssl file locations
Date: Mon, 17 Feb 2014 16:35:01 -0600
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
I am trying to change the location for the three ssl files needed to setup gluster volume with ssl on.
I have the following files (these worked when I had them in the directory /etc/ssl/): 

/opt/working_ssl/glusterfs.pem
/opt/working_ssl/glusterfs.key
/opt/working_ssl/glusterfs.ca
I have created the volume testvol1 and modified it's vol file adding these lines: 

    option transport.socket.ssl-own-cert /opt/working_ssl/glusterfs.pem
    option transport.socket.ssl-private-key /opt/working_ssl/glusterfs.key
    option transport.socket.ssl-ca-list /opt/working_ssl/glusterfs.ca

file:
/var/lib/glusterd/vols/testvol1/testvol1.gluster1.int.domain.com.mnt-gluster1-testvol1.vol

contents:

volume testvol1-posix
    type storage/posix
    option volume-id d1fc37cd-6f01-4e4f-b16f-64bacf5eeece
    option directory /mnt/gluster1/testvol1
end-volume

volume testvol1-access-control
    type features/access-control
    subvolumes testvol1-posix
end-volume

volume testvol1-locks
    type features/locks
    subvolumes testvol1-access-control
end-volume

volume testvol1-io-threads
    type performance/io-threads
    subvolumes testvol1-locks
end-volume

volume testvol1-index
    type features/index
    option index-base /mnt/gluster1/testvol1/.glusterfs/indices
    subvolumes testvol1-io-threads
end-volume

volume testvol1-marker
    type features/marker
    option quota off
    option xtime off
    option timestamp-file /var/lib/glusterd/vols/testvol1/marker.tstamp
    option volume-uuid d1fc37cd-6f01-4e4f-b16f-64bacf5eeece
    subvolumes testvol1-index
end-volume

volume /mnt/gluster1/testvol1
    type debug/io-stats
    option count-fop-hits off
    option latency-measurement off
    subvolumes testvol1-marker
end-volume

volume testvol1-server
    type protocol/server
    option transport.socket.ssl-enabled on
    option transport.socket.ssl-own-cert /opt/working_ssl/glusterfs.pem
    option transport.socket.ssl-private-key /opt/working_ssl/glusterfs.key
    option transport.socket.ssl-ca-list /opt/working_ssl/glusterfs.ca
    option auth.addr./mnt/gluster1/testvol1.allow *
option auth.login.eb8806b6-223b-4a9a-96b8-cf858bfed59c.password c5230967-b38c-42b0-98ef-b59ea3140cb1 option auth.login./mnt/gluster1/testvol1.allow eb8806b6-223b-4a9a-96b8-cf858bfed59c 
    option transport-type tcp
    subvolumes /mnt/gluster1/testvol1
end-volume
When I start glusterd and start the volume I get the following in the glusterd log:
[2014-02-17 19:43:54.613346] I [glusterfsd.c:1910:main] 0-/usr/sbin/glusterfs: Started running /usr/sbin/glusterfs version 3.4.2 (/usr/sbin/glusterfs -s localhost --volfile-id gluster/glustershd -p /var/lib/glusterd/glustershd/run/glustershd.pid -l /var/log/glusterfs/glustershd.log -S /var/run/afbdc80b4837387dbe9559470b7b5fcf.socket --xlator-option *replicate*.node-uuid=4833d3fc-5a77-429b-971f-7c04b107fcfc) [2014-02-17 19:43:54.621872] I [socket.c:3480:socket_init] 0-socket.glusterfsd: SSL support is NOT enabled [2014-02-17 19:43:54.622002] I [socket.c:3495:socket_init] 0-socket.glusterfsd: using system polling thread [2014-02-17 19:43:54.622284] I [socket.c:3480:socket_init] 0-glusterfs: SSL support is NOT enabled [2014-02-17 19:43:54.622349] I [socket.c:3495:socket_init] 0-glusterfs: using system polling thread [2014-02-17 19:43:54.633901] I [graph.c:239:gf_add_cmdline_options] 0-testvol1-replicate-0: adding option 'node-uuid' for volume 'testvol1-replicate-0' with value '4833d3fc-5a77-429b-971f-7c04b107fcfc' [2014-02-17 19:43:54.641454] I [socket.c:3480:socket_init] 0-testvol1-client-1: SSL support is ENABLED [2014-02-17 19:43:54.641627] I [socket.c:3495:socket_init] 0-testvol1-client-1: using private polling thread [2014-02-17 19:43:54.644895] E [socket.c:3513:socket_init] 0-testvol1-client-1: could not load our cert [2014-02-17 19:43:54.644973] E [rpc-transport.c:320:rpc_transport_load] 0-rpc-transport: 'socket' initialization failed [2014-02-17 19:43:54.645031] W [rpc-clnt.c:972:rpc_clnt_connection_init] 0-testvol1-client-1: loading of new rpc-transport failed [2014-02-17 19:43:54.645089] I [mem-pool.c:541:mem_pool_destroy] 0-testvol1-client-1: size=2236 max=0 total=0 [2014-02-17 19:43:54.645632] I [mem-pool.c:541:mem_pool_destroy] 0-testvol1-client-1: size=124 max=0 total=0 [2014-02-17 19:43:54.645714] E [client.c:2283:client_init_rpc] 0-testvol1-client-1: failed to initialize RPC [2014-02-17 19:43:54.645770] E [xlator.c:390:xlator_init] 0-testvol1-client-1: Initialization of volume 'testvol1-client-1' failed, review your volfile again [2014-02-17 19:43:54.645821] E [graph.c:292:glusterfs_graph_init] 0-testvol1-client-1: initializing translator failed [2014-02-17 19:43:54.645871] E [graph.c:479:glusterfs_graph_activate] 0-graph: init failed [2014-02-17 19:43:54.646266] W [glusterfsd.c:1002:cleanup_and_exit] (-->/usr/lib64/libgfrpc.so.0(rpc_clnt_handle_reply+0xa5) [0x7f513f8b96f5] (-->/usr/sbin/glusterfs(mgmt_getspec_cbk+0x328) [0x40b908] (-->/usr/sbin/glusterfs(glusterfs_process_volfp+0x103) [0x4050c3]))) 0-: received signum (0), shutting down 


Any help would be much appreciated.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]