[Gluster-users] Can I do SSL with Gluster v3.4.2 ?
dev
devuan.2 at gmail.com
Wed Feb 15 22:18:04 UTC 2017
I'm trying to setup SSL transport with glusterfs following the guide
here: http://blog.gluster.org/author/zbyszek/
I've copied the resulting ca, pem and key files to my server
(to /etc/ssl) as well as a copy on my gluster client. The link
above does not explain the proper mount options for mounting the
volume on the client however.
I've tried searching for the correct options to add to the mount
command, however nothing has turned up yet. I have found some
options to place in a volume file such as:
option transport.socket.ssl-enabled on
option transport tcp
option direct-io-mode disable
option transport.socket.ssl-own-cert /etc/ssl/glusterfs.pem
option transport.socket.ssl-private-key /etc/ssl/glusterfs.key
option transport.socket.ssl-ca-list /etc/ssl/glusterfs.ca
but mounting with:
glusterfs -f /etc/gluster-pm-vol /mnt/ib-data/hydra
Only gives an error in the logfile such as:
...
[socket.c:3594:socket_init] 0-pm1-dump: could not load our cert
...
I've started to investigate ACL on server, but attempting to
set auth.ssl-allow results in an error as well.
# gluster volume info
Volume Name: pm1-dump
...
client.ssl: on
...
# gluster volume set pm1-dump auth.ssl-allow foo
volume set: failed: option : auth.ssl-allow does not exist
Did you mean auth.allow?
# gluster --version
glusterfs 3.4.2 built on Jan 14 2014 18:05:37
Is this version too old (ubuntu 14.04) to use SSL on or am I missing
something?
Thanks in advance
More information about the Gluster-users
mailing list