[Gluster-users] client.ssl off - brakes things?

lejeczek peljasz at yahoo.co.uk
Fri Apr 9 18:09:39 UTC 2021

Hi guys.

I'm trying TLS on my gluster, well, I'd like to think that I 
have it done, but...
If I set volume to 'client.ssl on' then stuff brakes - 
autofs cannot mount, libvirtd cannot get to the volume via 
Volume is as:

-> $ gluster volume info VMs | sort

auth.ssl-allow: one.direct,two.direct
client.ssl: on
cluster.self-heal-daemon: enable
nfs.disable: on
Number of Bricks: 1 x 2 = 2
Options Reconfigured:
performance.client-io-threads: off
server.ssl: on
Snapshot Count: 0
Status: Started
storage.fips-mode-rchecksum: on
storage.owner-gid: 107
storage.owner-uid: 107
transport.address-family: inet
Transport-type: tcp
Type: Replicate
Volume ID: 14b867bf-b523-4168-937c-cca59e202fb4
Volume Name: VMs

Since, what I'm told that is, Libvirt does not yet implement 
TLS to/off GlusterFS I presumed - okey, that would be 
'client.ssl' I can do ignore, disable and Libvirt would work.

Mine is a simple setup, only two servers which are 'clients' 
at the same time, for autofs & libvirtd operate on themselves.

Should 'client.ssl off' not allow libvirt to connect via 
What does 'client.ssl' do? What's it for?

And lastly - how to without the doubts confirm that volume 
in fact does use TLS?

many thanks, L.

More information about the Gluster-users mailing list