[Gluster-devel] custom ssl file locations
Jeff Darcy
jdarcy at redhat.com
Tue Feb 18 17:08:11 UTC 2014
----- Original Message -----
> On Mon, Feb 17, 2014 at 7:30 PM, Banio <aau at mncarpenters.net> wrote:
> > This thread:
> > http://lists.gnu.org/archive/html/gluster-devel/2013-05/msg00139.html makes
> > me think you can configure them at any time.
>
> I guess so, although this one: (#3)
> https://lists.gnu.org/archive/html/gluster-devel/2014-01/msg00183.html
> says otherwise :P
Unfortunately, it seems like I lied^H^H^H^H said something misleading. There
is no way to configure these *from the command line*. However, the options do
exist in the socket module.
#define SSL_OWN_CERT_OPT "transport.socket.ssl-own-cert"
#define SSL_PRIVATE_KEY_OPT "transport.socket.ssl-private-key"
#define SSL_CA_LIST_OPT "transport.socket.ssl-ca-list"
To apply these, you have to forego "mount -t glusterfs" and mount.glusterfs
in favor of running the "glusterfs" command directly with "--xlator-option"
like this:
glusterfs --volfile-server=any_server --volfile-id=fubar \
--xlator-option fubar-client-N.transport.socket.ssl-own-cert=xxx \
...
Unfortunately this gets a bit tedious, because you have to add each option
for each brick from 0 to N-1. You'll probably want to wrap that in a script,
or use Puppet (hi James). As far as I can tell, though, the option does get
through and is used to make the connections.
More information about the Gluster-devel
mailing list