[Bugs] [Bug 1283060] New: [RFE] Geo-replication support for Volumes running in docker containers

bugzilla at redhat.com bugzilla at redhat.com
Wed Nov 18 07:07:29 UTC 2015 

https://bugzilla.redhat.com/show_bug.cgi?id=1283060

            Bug ID: 1283060
           Summary: [RFE] Geo-replication support for Volumes running in
                    docker containers
           Product: GlusterFS
           Version: 3.7.6
         Component: geo-replication
          Keywords: FutureFeature
          Assignee: bugs at gluster.org
          Reporter: avishwan at redhat.com
                CC: bugs at gluster.org, chrisw at redhat.com, csaba at redhat.com,
                    gluster-bugs at redhat.com, nlevinki at redhat.com,
                    rhs-bugs at redhat.com, storage-qa-internal at redhat.com
        Depends On: 1275971, 1276028



+++ This bug was initially created as a clone of Bug #1276028 +++

+++ This bug was initially created as a clone of Bug #1275971 +++

Description of problem:
When NET=HOST is used, Unable to create Geo-replication session.

Setup:
------
CoreOS + Centos containers
RHGS 3.1 RPMs installed inside Containers.
Net=Host setup
4 containers, 2 containers for Master and 2 containers for Slave.(One brick in
each container)
Replica Volumes - Master and Slave

Issue:
--------
- Unable to create the session. Port mapping is used for ssh(Custom port is
mapped to port 22). Geo-replication all SSH commands are executed without port
option to ssh.
- After creating session Rsync was failing due to validation in gsyncd. (gsyncd
is used as shell instead of bash)


Workaround:
-----------
- Kotresh modified gverify.sh and hook script to use custom SSH port instead of
default. (https://gist.github.com/kotreshhr/dd16c5fca425b417c097)
- Geo-rep config options to use ssh options runtime.
gluster vol geo-rep<master vol> <slavehost>::<slavevol>  config ssh_command_tar
"ssh -p 50002 -oPasswordAuthentication=no -oStrictHostKeyChecking=no -i
/var/lib/glusterd/geo-replication/tar_ssh.pem"
gluster vol geo-rep<master vol> <slavehost>::<slavevol>  config ssh_command
"ssh -p 50002 -oPasswordAuthentication=no -oStrictHostKeyChecking=no -i
/var/lib/glusterd/geo-replication/secret.pem"
- Suggestion to remove "command=" from authorized_keys files of Slave nodes to
prevent executing all commands via gsyncd shell.
- Replaced /nonexistent/gsyncd with actual path of
gsyncd(/usr/libexec/glusterfs/gsyncd) in Geo-replication session config file.

--- Additional comment from Vijay Bellur on 2015-10-28 08:35:22 EDT ---

REVIEW: http://review.gluster.org/12444 (geo-rep: New Config option for
ssh_port) posted (#1) for review on master by Aravinda VK (avishwan at redhat.com)

--- Additional comment from Vijay Bellur on 2015-10-29 02:14:12 EDT ---

REVIEW: http://review.gluster.org/12444 (geo-rep: New Config option for
ssh_port) posted (#2) for review on master by Aravinda VK (avishwan at redhat.com)

--- Additional comment from Vijay Bellur on 2015-10-29 05:39:15 EDT ---

REVIEW: http://review.gluster.org/12459 (geo-rep: Make restrictive ssh keys
optional) posted (#1) for review on master by Kotresh HR (khiremat at redhat.com)

--- Additional comment from Vijay Bellur on 2015-10-30 06:44:31 EDT ---

REVIEW: http://review.gluster.org/12472 (geo-rep: Allow setting config
remote_gsyncd) posted (#1) for review on master by Aravinda VK
(avishwan at redhat.com)

--- Additional comment from Vijay Bellur on 2015-11-02 01:26:52 EST ---

REVIEW: http://review.gluster.org/12472 (geo-rep: Allow setting config
remote_gsyncd) posted (#2) for review on master by Aravinda VK
(avishwan at redhat.com)

--- Additional comment from Vijay Bellur on 2015-11-02 01:27:15 EST ---

REVIEW: http://review.gluster.org/12444 (geo-rep: New Config option for
ssh_port) posted (#3) for review on master by Aravinda VK (avishwan at redhat.com)

--- Additional comment from Vijay Bellur on 2015-11-17 00:45:31 EST ---

REVIEW: http://review.gluster.org/12472 (geo-rep: Allow setting config
remote_gsyncd) posted (#3) for review on master by Aravinda VK
(avishwan at redhat.com)

--- Additional comment from Vijay Bellur on 2015-11-17 00:45:39 EST ---

REVIEW: http://review.gluster.org/12444 (geo-rep: New Config option for
ssh_port) posted (#4) for review on master by Aravinda VK (avishwan at redhat.com)

--- Additional comment from Vijay Bellur on 2015-11-17 10:00:11 EST ---

COMMIT: http://review.gluster.org/12444 committed in master by Jeff Darcy
(jdarcy at redhat.com) 
------
commit 7d35eb5926869ed084295600502a85ce13be506f
Author: Aravinda VK <avishwan at redhat.com>
Date:   Wed Oct 28 17:56:50 2015 +0530

    geo-rep: New Config option for ssh_port

    If different port used for SSH instead of 22, Geo-replication
    was failing to establish SSH connection.

    ssh_port option can be added using config:ssh_command and
    config:ssh_command_tar, but user has to remember complete
    ssh command used with parameter to add/modify ssh port.

    This patch adds new config option for ssh_port,

    gluster volume geo-replication <MASTERVOL> <SLAVEHOST::<SLAVEVOL> \
            config ssh_port 52022

    Change-Id: I7753a09485f0b1f49d2b2a80b962c720817c96f4
    Signed-off-by: Aravinda VK <avishwan at redhat.com>
    BUG: 1276028
    Reviewed-on: http://review.gluster.org/12444
    Tested-by: NetBSD Build System <jenkins at build.gluster.org>
    Reviewed-by: Saravanakumar Arumugam <sarumuga at redhat.com>
    Tested-by: Gluster Build System <jenkins at build.gluster.com>
    Reviewed-by: Venky Shankar <vshankar at redhat.com>

--- Additional comment from Vijay Bellur on 2015-11-17 10:06:26 EST ---

COMMIT: http://review.gluster.org/12472 committed in master by Venky Shankar
(vshankar at redhat.com) 
------
commit 7de355b42dc1f8313db3ffc775a0e1708ba85243
Author: Aravinda VK <avishwan at redhat.com>
Date:   Fri Oct 30 16:09:29 2015 +0530

    geo-rep: Allow setting config remote_gsyncd

    Restrictive ssh is not used in containerized environment
    where networking configuration is "net=host". SSH Pem keys
    pushed to the slave without gsyncd path in it. (Patch #12459)

    Actual remote_gsyncd path need to be set to actual path of gsyncd.
    With this patch, remote_gsyncd is removed from reserved option list.

    Change-Id: Ia2063e4654e378b62b2414bdad21143c86ad1b9a
    Signed-off-by: Aravinda VK <avishwan at redhat.com>
    BUG: 1276028
    Reviewed-on: http://review.gluster.org/12472
    Tested-by: NetBSD Build System <jenkins at build.gluster.org>
    Tested-by: Gluster Build System <jenkins at build.gluster.com>
    Reviewed-by: Saravanakumar Arumugam <sarumuga at redhat.com>
    Reviewed-by: Venky Shankar <vshankar at redhat.com>


Referenced Bugs:

https://bugzilla.redhat.com/show_bug.cgi?id=1275971
[Bug 1275971] [RFE] Geo-replication support for Volumes running in docker
containers
https://bugzilla.redhat.com/show_bug.cgi?id=1276028
[Bug 1276028] [RFE] Geo-replication support for Volumes running in docker
containers
-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.

More information about the Bugs mailing list