[Gluster-devel] custom ssl file locations

Jeff Darcy jdarcy at redhat.com
Tue Feb 18 17:08:11 UTC 2014

----- Original Message -----
> On Mon, Feb 17, 2014 at 7:30 PM, Banio <aau at mncarpenters.net> wrote:
> > This thread:
> > http://lists.gnu.org/archive/html/gluster-devel/2013-05/msg00139.html makes
> > me think you can configure them at any time.
> I guess so, although this one: (#3)
> https://lists.gnu.org/archive/html/gluster-devel/2014-01/msg00183.html
> says otherwise :P

Unfortunately, it seems like I lied^H^H^H^H said something misleading.  There
is no way to configure these *from the command line*.  However, the options do
exist in the socket module.

#define SSL_OWN_CERT_OPT    "transport.socket.ssl-own-cert"
#define SSL_PRIVATE_KEY_OPT "transport.socket.ssl-private-key"
#define SSL_CA_LIST_OPT     "transport.socket.ssl-ca-list"

To apply these, you have to forego "mount -t glusterfs" and mount.glusterfs
in favor of running the "glusterfs" command directly with "--xlator-option"
like this:

   glusterfs --volfile-server=any_server --volfile-id=fubar \
      --xlator-option fubar-client-N.transport.socket.ssl-own-cert=xxx \

Unfortunately this gets a bit tedious, because you have to add each option
for each brick from 0 to N-1.  You'll probably want to wrap that in a script,
or use Puppet (hi James).  As far as I can tell, though, the option does get
through and is used to make the connections.

More information about the Gluster-devel mailing list