Hi, Using GlusterFS 3.7.15 on Debian 8 I'm trying to limit access using auth.allow on my volume. I have 3 nodes in replication with both a public interface and a private interface on each. Gluster uses the private IPs to communicate, but I noticed it was possible to mount the volume from the internet (that's bad ..) so I googled a bit. auth.allow, if I understand it correctly, should allow me to limit access of the volume to a list of IPs, is that correct ? I ran gluster volume set VMs auth.allow 10.10.0.* and it said success (it does appear in the info), but I can still mount the volume from the internet. It works only using NFS because using fuse it's trying to use the private adresses, which won't work on the internet, but it still gets the volume config and the nodes names anyway. Should I do something specific after setting auth.allow ? Here is the volume info : Volume Name: VMs Type: Replicate Volume ID: d0ee13f2-055c-4f37-9c75-527d5e86b78d Status: Started Number of Bricks: 1 x 3 = 3 Transport-type: tcp Bricks: Brick1: ips1adm.clientname:/mnt/storage/VMs Brick2: ips2adm.clientname:/mnt/storage/VMs Brick3: ips3adm.clientname:/mnt/storage/VMs Options Reconfigured: auth.allow: 10.10.0.* network.ping-timeout: 15 cluster.data-self-heal-algorithm: full features.shard-block-size: 64MB features.shard: on performance.stat-prefetch: off performance.io-cache: off performance.read-ahead: off performance.quick-read: off cluster.eager-lock: enable network.remote-dio: enable cluster.server-quorum-type: server cluster.quorum-type: auto performance.readdir-ahead: on -- Kevin Lemonnier PGP Fingerprint : 89A5 2283 04A0 E6E9 0111
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Gluster-users mailing list Gluster-users@xxxxxxxxxxx http://www.gluster.org/mailman/listinfo/gluster-users