gluster-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gluster-devel] custom ssl file locations

From: Jeff Darcy
Subject: Re: [Gluster-devel] custom ssl file locations
Date: Tue, 18 Feb 2014 12:08:11 -0500 (EST) 

----- Original Message -----
> On Mon, Feb 17, 2014 at 7:30 PM, Banio <address@hidden> wrote:
> > This thread:
> > http://lists.gnu.org/archive/html/gluster-devel/2013-05/msg00139.html makes
> > me think you can configure them at any time.
> 
> I guess so, although this one: (#3)
> https://lists.gnu.org/archive/html/gluster-devel/2014-01/msg00183.html
> says otherwise :P


Unfortunately, it seems like I lied^H^H^H^H said something misleading.  There
is no way to configure these *from the command line*.  However, the options do
exist in the socket module.

#define SSL_OWN_CERT_OPT    "transport.socket.ssl-own-cert"
#define SSL_PRIVATE_KEY_OPT "transport.socket.ssl-private-key"
#define SSL_CA_LIST_OPT     "transport.socket.ssl-ca-list"

To apply these, you have to forego "mount -t glusterfs" and mount.glusterfs
in favor of running the "glusterfs" command directly with "--xlator-option"
like this:

   glusterfs --volfile-server=any_server --volfile-id=fubar \
      --xlator-option fubar-client-N.transport.socket.ssl-own-cert=xxx \
      ...

Unfortunately this gets a bit tedious, because you have to add each option
for each brick from 0 to N-1.  You'll probably want to wrap that in a script,
or use Puppet (hi James).  As far as I can tell, though, the option does get
through and is used to make the connections.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]