DownloadTranslators/protocol/server
From GlusterDocumentation
This information is out of date
and does not contain information related to the current version of Gluster
Documentation Home
Translator protocol/server
Server translator allows you to export volumes over the network. This translator implements transport modules for various interconnects.
### Add network serving capability to volumes 'brick1' and 'brick2'. volume server type protocol/server option transport-type tcp # For TCP/IP transport subvolumes brick1 brick2 option auth.addr.brick1.allow 192.168.* # Allow access to "brick1" volume option auth.addr.brick2.allow 192.168.* # Allow access to "brick2" volume end-volume
- transport-type
This option specifies the type of transport module to use. Available transport modules for server protocol are:
- tcp
This is the transport for TCP/IP socket based communication. The options which are applicable when this transport is used are:
- transport.socket.listen-port / transport.listen-port / listen-port
This is port number on which the server will listen for incoming connections. The default port for tcp is 6996.
- transport.socket.bind-address / bind-address
This is the IP address on which the server will bind and listen. By default the server listens on all interfaces (0.0.0.0).
- unix
This is the transport for UNIX domain socket based communication. The options which are applicable when this transport is used are:
- transport.socket.listen-path / listen-path
The UNIX path on which the socket is created and the server listens for incoming connections.
- ib-sdp:
This is the infiniband Sockets Direct Protocol transport interface. The options are the same as 'tcp
- ib-verbs:
This is the Infiniband Verbs transport interface. The options which are valid when using 'ib-verbs' transport are:
- transport.ib-verbs.device-name / ib-verbs-device-name
This is the name of the Infiniband device to use. The default device is the first one which gets listed in ibv_devinfo command.
- transport.ib-verbs.port
This is the physical port number to use on the device. The default port is 1.
- listen-port / transport.remote-port / transport.ib-verbs.remote-port
The TCP port to listen for incoming Infiniband handshakes. The default port is 6997.
Authenticate modules
In order to allow multiple IP addresses or subnets, specify the IP address one after the other in comma separated pattern, like shown below.
option auth.addr.brick1.allow 192.168.1.10,192.168.1.20,192.168.2.*
As security is the growing need with storing data and GlusterFS being one of the network filesystems, the need for Authenticating client before connecting is very high. Currently glusterfs supports authentication modules, which has two modes of authentication as of now.
- addr
- login
auth.addr
This module gives authentication based on the ip of the client (connecting) machine. Options provided are
option auth.addr.<VOLUMENAME>.allow <List of IP addrs> # seperated by comma ',' option auth.addr.<VOLUMENAME>.reject <List of IP addrs> # seperated by comma ','
This option is required only in protocol/server volume.
- auth.addr.*.allow
Specification for allowing access to volumes. '*' should be one of the subvolume names
- auth.addr.*.reject
Specification for rejecting access to volumes. '*' should be one of the subvolume names
auth.login
This module gives username/passwd type of authentication.
Options in protocol/server:
option auth.login.<VOLUMENAME>.allow <list of users> # seperated by comma option auth.login.<USERNAME>.password <PASSWORD>
- auth.login.*.allow
Specification for allowing access to volumes.'*' should be one of the subvolume name
- auth.login.*.password
Specification for rejecting access to volumes. '*' should be the 'username' used in above option
Corresponding options in protocol/client when auth.login is used.
option username <USERNAME> option password <PASSWORD>
