client.ssl off - brakes things?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi guys.

I'm trying TLS on my gluster, well, I'd like to think that I have it done, but... If I set volume to 'client.ssl on' then stuff brakes - autofs cannot mount, libvirtd cannot get to the volume via lbgfapi.
Volume is as:

-> $ gluster volume info VMs | sort

auth.ssl-allow: one.direct,two.direct
Brick1: 10.1.1.201:/devs/00.GLUSTERs/VMs
Brick2: 10.1.1.101:/devs/00.GLUSTERs/VMs
Bricks:
client.ssl: on
cluster.self-heal-daemon: enable
nfs.disable: on
Number of Bricks: 1 x 2 = 2
Options Reconfigured:
performance.client-io-threads: off
server.ssl: on
Snapshot Count: 0
Status: Started
storage.fips-mode-rchecksum: on
storage.owner-gid: 107
storage.owner-uid: 107
transport.address-family: inet
Transport-type: tcp
Type: Replicate
Volume ID: 14b867bf-b523-4168-937c-cca59e202fb4
Volume Name: VMs

Since, what I'm told that is, Libvirt does not yet implement TLS to/off GlusterFS I presumed - okey, that would be 'client.ssl' I can do ignore, disable and Libvirt would work.

Mine is a simple setup, only two servers which are 'clients' at the same time, for autofs & libvirtd operate on themselves.

Should 'client.ssl off' not allow libvirt to connect via libgfapi?
What does 'client.ssl' do? What's it for?

And lastly - how to without the doubts confirm that volume in fact does use TLS?

many thanks, L.
________



Community Meeting Calendar:

Schedule -
Every 2nd and 4th Tuesday at 14:30 IST / 09:00 UTC
Bridge: https://meet.google.com/cpu-eiue-hvk
Gluster-users mailing list
Gluster-users@xxxxxxxxxxx
https://lists.gluster.org/mailman/listinfo/gluster-users



[Index of Archives]     [Gluster Development]     [Linux Filesytems Development]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux