On Thu, Feb 16, 2017 at 3:48 AM, dev <devuan.2@xxxxxxxxx> wrote: > I'm trying to setup SSL transport with glusterfs following the guide > here: http://blog.gluster.org/author/zbyszek/ > > I've copied the resulting ca, pem and key files to my server > (to /etc/ssl) as well as a copy on my gluster client. The link > above does not explain the proper mount options for mounting the > volume on the client however. > > I've tried searching for the correct options to add to the mount > command, however nothing has turned up yet. I have found some > options to place in a volume file such as: > > option transport.socket.ssl-enabled on > option transport tcp > option direct-io-mode disable > option transport.socket.ssl-own-cert /etc/ssl/glusterfs.pem > option transport.socket.ssl-private-key /etc/ssl/glusterfs.key > option transport.socket.ssl-ca-list /etc/ssl/glusterfs.ca > > but mounting with: > > glusterfs -f /etc/gluster-pm-vol /mnt/ib-data/hydra > > Only gives an error in the logfile such as: > ... > [socket.c:3594:socket_init] 0-pm1-dump: could not load our cert > ... > > I've started to investigate ACL on server, but attempting to > set auth.ssl-allow results in an error as well. > > # gluster volume info > Volume Name: pm1-dump > ... > client.ssl: on > ... > > # gluster volume set pm1-dump auth.ssl-allow foo > volume set: failed: option : auth.ssl-allow does not exist > Did you mean auth.allow? > > # gluster --version > glusterfs 3.4.2 built on Jan 14 2014 18:05:37 > > > Is this version too old (ubuntu 14.04) to use SSL on or am I missing > something? This version is just too old. You can get up to date packages for ubuntu from the gluster community ppa https://launchpad.net/~gluster . I suggest you use glusterfs-3.8, which is the latest version to have packages for trusty. > > Thanks in advance > _______________________________________________ > Gluster-users mailing list > Gluster-users@xxxxxxxxxxx > http://lists.gluster.org/mailman/listinfo/gluster-users _______________________________________________ Gluster-users mailing list Gluster-users@xxxxxxxxxxx http://lists.gluster.org/mailman/listinfo/gluster-users
