Justin Clift <jclift@xxxxxxxxxx> writes: > On 19/06/2013, at 5:21 PM, M. Mohan Kumar wrote: > <snip> >> When qemu is invoked by a non-root user with -drive >> file=gluster://server/volname/imagename option, unprivileged port is >> used for gluster rpc and by default glusterd and gluster brick process >> deny the request if the request is from a unprivileged port. The option >> "rpc-auth-allow-insecure" needs to be enabled in glusterd.vol so that >> non privileged ports can be used to access Gluster volumes. >> >> In a typical environment VDSM might want to enable rpc-auth-allow-insecure >> option and the administrator has to edit the glusterd.vol manually and >> restart glusterd process. >> >> CLI options available to enable volume specific options to work with >> unprivileged ports by using gluster volume set <volname> <option> >> <value>. For example per volume server.allow-insecure option can be >> enabled so that unprivileged users can mount a GlusterFS volume. >> >> But as of now there is no CLI option available to set glusterd.vol >> options. How about adding a gluster CLI set option to configure >> glusterd.vol options? Can following CLI command line 'gluster volume set >> all <glusterd.option> <value>" be used for setting glusterd options? >> IIUC "all" is a reserved volume name and we can use this reserved name >> for setting glusterd option. >> >> IIUC glusterd.info file can be used to store about these parameters >> similar to how volume specific options are stored in vols/<volname>/info >> file? > > > Does it help that you can add your own scripting or binaries to > /usr/lib64/glusterfs/3git/filter/ to create/modify/delete options > in generated .vol files automatically? (you might need to create that > directory first) > > With a script, you could definitely read in values from an external source > such as a filesystem location, remote database, etc, then apply them. But we wanted to provide CLI option to modify the glusterd config, so vdsm can invoke this command to enable unprivileged port access. Also I am not clear about the filter xlator, could filter approach solve our issue? > > It's not a great way to do things, but it works. > > + Justin > > -- > Open Source and Standards @ Red Hat > > twitter.com/realjustinclift