[Gluster-devel] Glusterfs SSL capability

James purpleidea at gmail.com
Thu Jan 23 23:59:32 UTC 2014


Hi there,

Just saw these notes on Gluster+SSL:

https://lists.gnu.org/archive/html/gluster-devel/2013-05/msg00139.html

Questions:

1) How permanent are these interfaces? Is this expected to be unchanged
(and will it be the recommended method) for future GlusterFS versions ?
What about in 4.0 ?

I ask because if so, this looks like something which would be elegant to
add to Puppet-Gluster, and I'm pretty sure all the user would have to do
is say ssl => true.

2) Can you give me the _exact and full_ openssl command line that you'd
recommend someone run. This way I won't make mistakes or hurt my brain.

Can you also be more specific about which files to concatenate to
produce the glusterfs.ca file, and if it's a literal cat * > or if you
need to use a special program to merge them.

3) Are the /etc/ssl/glusterfs.* paths configurable (without re-compile)
somehow?

4) Does this change any of the ports that are used anywhere?

5) Anything else you think I should know?

Thanks!
James

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://supercolony.gluster.org/pipermail/gluster-devel/attachments/20140123/b493297a/attachment-0001.sig>


More information about the Gluster-devel mailing list