auth.allow behavior?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi All,

I have the following volume which I'm trying to mount on some cluster 
nodes for yet more testing.  The cluster nodes are running CentOS and 
the gluster 3.3b1 utilities have been self-compiled from source.

The gluster volume (g6) worked oK when enabled on other Ubuntu-based 
client nodes.

The gluster volume is being served from a Ubuntu 10.04.3 server with 6 
bricks all running the same gluster 3.3b1 release, self-compiled and 
installed.

$ gluster volume info

Volume Name: g6
Type: Distribute
Status: Started
Number of Bricks: 6
Transport-type: tcp
Bricks:
Brick1: pbs1:/data2
Brick2: pbs2:/data2
Brick3: pbs3:/data2
Brick4: pbs3:/data
Brick5: dabrick:/data2
Brick6: hef:/data2
Options Reconfigured:
auth.allow: 128.*

However, when I try to mount that same volume from these new nodes, 
mount completes as if it succeeds, but a 'df' from that node hangs on 
hitting the glusterfs entry.

The client log starts up OK and then logs failures:

[2011-11-01 14:48:52.365905] W [client-
handshake.c:836:client_setvolume_cbk] 0-g6-client-0: failed to set the 
volume (Permission denied)
[2011-11-01 14:48:52.365924] W [client-
handshake.c:862:client_setvolume_cbk] 0-g6-client-0: failed to get 
'process-uuid' from reply dict
[2011-11-01 14:48:52.365935] E [client-
handshake.c:868:client_setvolume_cbk] 0-g6-client-0: SETVOLUME on 
remote-host failed: Authentication failed
[2011-11-01 14:48:52.365947] I [client-
handshake.c:933:client_setvolume_cbk] 0-g6-client-0: sending 
CHILD_CONNECTING event
[2011-11-01 14:48:52.366095] W [client-
handshake.c:836:client_setvolume_cbk] 0-g6-client-4: failed to set the 
volume (Permission denied)
[2011-11-01 14:48:52.366109] W [client-
handshake.c:862:client_setvolume_cbk] 0-g6-client-4: failed to get 
'process-uuid' from reply dict
[2011-11-01 14:48:52.366120] E [client-
handshake.c:868:client_setvolume_cbk] 0-g6-client-4: SETVOLUME on 
remote-host failed: Authentication failed
[2011-11-01 14:48:52.366131] I [client-
handshake.c:933:client_setvolume_cbk] 0-g6-client-4: sending 
CHILD_CONNECTING event
[2011-11-01 14:48:52.366170] W [client-
handshake.c:836:client_setvolume_cbk] 0-g6-client-1: failed to set the 
volume (Permission denied)


These nodes have private IP #s (10.255.78.*, 10.255.89.*) but they're 
routable inside my domain, so I thought the auth.allow should be 
changed to reflect this:

server-side:
root at pbs3:~
509 $ gluster volume set g6 auth.allow "128.200.* 128.195.* 
10.255.89.* 10.255.78.*"

and it seems to have taken:

root at pbs3:~
511 $ gluster volume info

Volume Name: g6
Type: Distribute
Status: Started
Number of Bricks: 6
Transport-type: tcp
Bricks:
Brick1: pbs1:/data2
Brick2: pbs2:/data2
Brick3: pbs3:/data2
Brick4: pbs3:/data
Brick5: dabrick:/data2
Brick6: hef:/data2
Options Reconfigured:
auth.allow: 128.200.* 128.195.* 10.255.89.* 10.255.78.*


but the client still has the same behavior. 
[2011-11-01 15:05:44.552872] W [client-
handshake.c:836:client_setvolume_cbk] 0-g6-client-0: failed to set the 
volume (Permission denied)
[2011-11-01 15:05:44.552908] W [client-
handshake.c:862:client_setvolume_cbk] 0-g6-client-0: failed to get 
'process-uuid' from reply dict
[2011-11-01 15:05:44.552919] E [client-
handshake.c:868:client_setvolume_cbk] 0-g6-client-0: SETVOLUME on 
remote-host failed: Authentication failed
[2011-11-01 15:05:44.552930] I [client-
handshake.c:933:client_setvolume_cbk] 0-g6-client-0: sending 
CHILD_CONNECTING event
[2011-11-01 15:05:44.552978] W [client-
handshake.c:836:client_setvolume_cbk] 0-g6-client-5: failed to set the 
volume (Permission denied)
[2011-11-01 15:05:44.553008] W [client-
handshake.c:862:client_setvolume_cbk] 0-g6-client-5: failed to get 
'process-uuid' from reply dict
[2011-11-01 15:05:44.553019] E [client-
handshake.c:868:client_setvolume_cbk] 0-g6-client-5: SETVOLUME on 
remote-host failed: Authentication failed
[2011-11-01 15:05:44.553029] I [client-
handshake.c:933:client_setvolume_cbk] 0-g6-client-5: sending 
CHILD_CONNECTING event
[2011-11-01 15:05:44.553049] W [client-
handshake.c:836:client_setvolume_cbk] 0-g6-client-4: failed to set the 
volume (Permission denied)
[2011-11-01 15:05:44.553079] W [client-
handshake.c:862:client_setvolume_cbk] 0-g6-client-4: failed to get 
'process-uuid' from reply dict
[2011-11-01 15:05:44.553090] E [client-
handshake.c:868:client_setvolume_cbk] 0-g6-client-4: SETVOLUME on 
remote-host failed: Authentication failed
[2011-11-01 15:05:44.553100] I [client-
handshake.c:933:client_setvolume_cbk] 0-g6-client-4: sending 
CHILD_CONNECTING event
[2011-11-01 15:05:44.553136] W [client-
handshake.c:836:client_setvolume_cbk] 0-g6-client-1: failed to set the 
volume (Permission denied)
[2011-11-01 15:05:44.553149] W [client-
handshake.c:862:client_setvolume_cbk] 0-g6-client-1: failed to get 
'process-uuid' fro

What else sets the authentication / permission correctly?






-- 
Harry Mangalam - Research Computing, OIT, Rm 225 MSTB, UC Irvine
[ZOT 2225] / 92697  Google Voice Multiplexer: (949) 478-4487 
MSTB Lat/Long: (33.642025,-117.844414) (paste into Google Maps)
--
This signature has been OCCUPIED!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gluster.org/pipermail/gluster-users/attachments/20111101/4a47ee6b/attachment-0001.htm>


[Index of Archives]     [Gluster Development]     [Linux Filesytems Development]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux