Hi,
I was working on subdir mount for fuse clients [1], and was able to handle pieces just fine in filesystem part of gluster. [2]What is pending is, how will we handle the authentication options for this at each subdir level?
I propose to keep the current option and extending it to handle new feature with proper backward compatibility.
Currently, the option auth.allow (and auth.reject) are of the type GF_OPTION_TYPE_INTERNET_ADDRESS_LIST. Which expects valid internet addresses with comma separation.
For example the current option looks likes this:
'option auth.addr.brick-name.allow *' OR 'option auth.addr.brick-name.allow "192.168.*.* ,10.10.*.*"'.
In future, it may look like:
`option auth.addr.brick-name.allow "10.0.1.13;192.168.1.* =/subdir1;192.168.10.* ,192.168.11.104 =/subdir2"`
so each entries will be separated by ';'. And in each entry, first part (" =") is address list and second part is directory. If directory is empty, its assumed as '/'. (Handles the backward compatibility). And if there is no entry for a $subdir here, that $subdir won't be mountable.
(The above format is handled properly already at [2] in addr.c, the pending thing is to handle the option properly in options.c's validate).
If everyone agrees to this, I guess we can pull it off before absolute feature freeze date for 3.12 branch.
Let me know the feedback. (I am updating the same content in github, so feel free to comment there too).
NOTE: I thought of using ':' (colon) as field separator between addr_list and subdir entry, but with IPv6 ':' is valid character in string. Hence using ' ='.
--
Amar Tumballi (amarts)
_______________________________________________ Gluster-devel mailing list Gluster-devel@xxxxxxxxxxx http://lists.gluster.org/mailman/listinfo/gluster-devel
