glusterfs.git/xlators/mgmt/glusterd/src/glusterd-volgen.h, branch v3.3.0beta4 mgmt/glusterd: Avoid re-starting nfs unconditionally. 2012-05-09T05:14:01+00:00 Vijay Bellur vijay@gluster.com 2012-04-29T17:38:42+00:00 53a09f49abb291625c96409627cba348f0c35e55 NFS server is restarted unconditionally when a volume option is configured through the set interface. This patch prevents restart of NFS server when operations are performed on translators that are not part of the NFS graph. This does not prevent re-start of a NFS server when an option corresponding to a translator that is part of the NFS graph is re-configured. Change-Id: Ic4b8e48e5e7e80438f230521042c267ec3b96a25 Signed-off-by: Vijay Bellur <vijay@gluster.com> Reviewed-on: http://review.gluster.com/3247 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Raghavendra Bhat <raghavendrabhat@gluster.com> Reviewed-by: Anand Avati <avati@redhat.com> 
NFS server is restarted unconditionally when a volume option is
configured through the set interface. This patch prevents restart
of NFS server when operations are performed on translators that
are not part of the NFS graph.

This does not prevent re-start of a NFS server when an option
corresponding to a translator that is part of the NFS graph is
re-configured.

Change-Id: Ic4b8e48e5e7e80438f230521042c267ec3b96a25
Signed-off-by: Vijay Bellur <vijay@gluster.com>
Reviewed-on: http://review.gluster.com/3247
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Raghavendra Bhat <raghavendrabhat@gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
glusterd: auth allow enhancements 2012-02-20T08:30:54+00:00 Rajesh Amaravathi rajesh@redhat.com 2012-02-20T07:01:10+00:00 975933a25d14cbac861e809b40c6edd01acaa28d * PROBLEM: When address-based authentication is enabled on a volume, the gNfs server, self-heal daemon (shd), and other operations such as quota, rebalance, replace-brick and geo-replication either stop working or the services are not started if all the peers' ipv{4,6} addresses or hostnames are not added in the "set auth.allow" operation, breaking the functionality of several operations. E.g: volume vol in a cluster of two peers: /mnt/brick1 in 192.168.1.4 /mnt/brick2 in 192.168.1.5 option auth.allow 192.168.1.6 (allow connection requests only from 192.168.1.6) This will disrupt the nfs servers on 192.168.1.{4,5}. brick server processes reject connection requests from both nfs servers (on 4,5), because the peer addresses are not in the auth.allow list. Same holds true for local mounts (on peer machines), self-heal daemon, and other operations which perform a glusterfs mount on one of the peers. * SOLUTION: Login-based authentication (username/password pairs, henceforth referred to as "keys") for gluster services and operations. These *per-volume* keys can be used to by-pass the addr-based authentication, provided none of the peers' addresses are put in the auth.reject list, to enable gluster services like gNfs, self-heal daemon and internal operations on volumes when auth.allow option is exercised. * IMPLEMENTATION: 1. Glusterd generates keys for each volume and stores it in memory as well as in respective volfiles. A new TRUSTED-FUSE volfile is generated which is fuse volfile + keys in protocol/client, and is named trusted-<volname>-fuse.vol. This is used by all local mounts. ANY local mount (on any peer) is granted the trusted-fuse volfile instead of fuse volfile via getspec. non-local mounts are NOT granted the trusted fuse volfile. 2. The keys generated for the volume is written to each server volfile telling servers to allow users with these keys. 3. NFS, self-heal daemon and replace-brick volfiles are updated with the volume's authentication keys. 4. The keys are NOT written to fuse volfiles for obvious reasons. 5. The ownership of volfiles and logfiles is restricted to root users. 6. Merging two identical definitions of peer_info_t in auth/addr and rpc-lib, throwing away the one in auth/addr. 7. Code cleanup in numerous places as appropriate. * IMPORTANT NOTES: 1. One SHOULD NOT put any of the peer addresses in the auth.reject list if one wants any of the glusterd services and features such as gNfs, self-heal, rebalance, geo-rep and quota. 2. If one wants to use username/password based authentication to volumes, one shall append to the server, nfs and shd volfiles, the keys one wants to use for authentication, *while_retaining those_generated_by_glusterd*. See doc/authentication.txt file for details. Change-Id: Ie0331d625ad000d63090e2d622fe1728fbfcc453 BUG: 789942 Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com> Reviewed-on: http://review.gluster.com/2733 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com> 
* PROBLEM:

  When address-based authentication is enabled on a volume,
  the gNfs server, self-heal daemon (shd), and other operations
  such as quota, rebalance, replace-brick and geo-replication
  either stop working or the services are not started if all
  the peers' ipv{4,6} addresses or hostnames are not added in
  the "set auth.allow" operation, breaking the functionality
  of several operations.

  E.g:
    volume vol in a cluster of two peers:
    /mnt/brick1 in 192.168.1.4
    /mnt/brick2 in 192.168.1.5

    option auth.allow 192.168.1.6
    (allow connection requests only from 192.168.1.6)

    This will disrupt the nfs servers on 192.168.1.{4,5}.
    brick server processes reject connection requests from both
    nfs servers (on 4,5), because the peer addresses are not in
    the auth.allow list.

    Same holds true for local mounts (on peer machines),
    self-heal daemon, and other operations which perform
    a glusterfs mount on one of the peers.

* SOLUTION:

  Login-based authentication (username/password pairs,
  henceforth referred to as "keys") for gluster services and
  operations.

  These *per-volume* keys can be used to by-pass the addr-based
  authentication, provided none of the peers' addresses are put
  in the auth.reject list, to enable gluster services like gNfs,
  self-heal daemon and internal operations on volumes when
  auth.allow option is exercised.

* IMPLEMENTATION:

  1. Glusterd generates keys for each volume and stores it in
     memory as well as in respective volfiles.
     A new TRUSTED-FUSE volfile is generated which is
     fuse volfile + keys in protocol/client,
     and is named trusted-<volname>-fuse.vol.
     This is used by all local mounts. ANY local mount (on any peer)
     is granted the trusted-fuse volfile instead of fuse volfile
     via getspec. non-local mounts are NOT granted the trusted fuse
     volfile.

  2. The keys generated for the volume is written to each server
     volfile telling servers to allow users with these keys.

  3. NFS, self-heal daemon and replace-brick volfiles are updated
     with the volume's authentication keys.

  4. The keys are NOT written to fuse volfiles for obvious reasons.

  5. The ownership of volfiles and logfiles is restricted to root users.

  6. Merging two identical definitions of peer_info_t in auth/addr
     and rpc-lib, throwing away the one in auth/addr.

  7. Code cleanup in numerous places as appropriate.

* IMPORTANT NOTES:

  1. One SHOULD NOT put any of the peer addresses in the auth.reject
     list if one wants any of the glusterd services and features
     such as gNfs, self-heal, rebalance, geo-rep and quota.

  2. If one wants to use username/password based authentication
     to volumes, one shall append to the server, nfs and shd volfiles,
     the keys one wants to use for authentication, *while_retaining
     those_generated_by_glusterd*.
     See doc/authentication.txt file for details.

Change-Id: Ie0331d625ad000d63090e2d622fe1728fbfcc453
BUG: 789942
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/2733
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
Proactive self heal process implementation 2011-09-14T12:36:24+00:00 Pranith Kumar K pranithk@gluster.com 2011-09-08T08:36:32+00:00 45f03a58a0fbfc1d5e647c764b10e37d0a9ebb26 Change-Id: I96db0d94566ceabf1649f890318363f738c06553 BUG: 2458 Reviewed-on: http://review.gluster.com/403 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com> 
Change-Id: I96db0d94566ceabf1649f890318363f738c06553
BUG: 2458
Reviewed-on: http://review.gluster.com/403
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
glusterd: free the allocated string to avoid memory leak 2011-09-12T09:31:37+00:00 Raghavendra Bhat raghavendrabhat@gluster.com 2011-09-12T06:15:37+00:00 5d03ebd31f2984614ecdc8f117bd4599ade497d1 Change-Id: I520abf3c57a15be8bb7dd1e92ad0b049ef5c8970 BUG: 3341 Reviewed-on: http://review.gluster.com/394 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com> 
Change-Id: I520abf3c57a15be8bb7dd1e92ad0b049ef5c8970
BUG: 3341
Reviewed-on: http://review.gluster.com/394
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
Change Copyright current year 2011-08-10T17:57:19+00:00 Pranith Kumar K pranithk@gluster.com 2011-08-09T07:00:19+00:00 b58dc65f2ac305056a25a2177cee9a03cd1bdca2 Change-Id: I2d10f2be44f518f496427f257988f1858e888084 BUG: 3348 Reviewed-on: http://review.gluster.com/200 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@gluster.com> 
Change-Id: I2d10f2be44f518f496427f257988f1858e888084
BUG: 3348
Reviewed-on: http://review.gluster.com/200
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
LICENSE: s/GNU Affero General Public/GNU General Public/ 2011-08-06T13:33:52+00:00 Pranith Kumar K pranithk@gluster.com 2011-08-06T08:30:03+00:00 0cf100b58c34b40eb7f35fa6913996539e0e3aa9 Change-Id: I3914467611e573cccee0d22df93920cf1b2eb79f BUG: 3348 Reviewed-on: http://review.gluster.com/182 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@gluster.com> 
Change-Id: I3914467611e573cccee0d22df93920cf1b2eb79f
BUG: 3348
Reviewed-on: http://review.gluster.com/182
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
glusterd - Removed hardcoding of transport type in replace-brick. 2011-07-24T18:44:42+00:00 Vishwanath S Bhat vishwanath@gluster.com 2011-07-21T09:49:14+00:00 b06ba047f48e92323d8dc8af7ed485d35fbbccf2 Replace-brick didn't support transport types other than tcp. Test case: replace-brick should work with tcp and rdma. Change-Id: If33f108b70247d81791d25a1a05247f49847b4d7 BUG: 3092 Reviewed-on: http://review.gluster.com/72 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Krishnan Parthasarathi <kp@gluster.com> 
Replace-brick didn't support transport types other than tcp.
Test case: replace-brick should work with tcp and rdma.

Change-Id: If33f108b70247d81791d25a1a05247f49847b4d7
BUG: 3092
Reviewed-on: http://review.gluster.com/72
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Krishnan Parthasarathi <kp@gluster.com>
mgmt/Glusterd: Implementation volume set help/help-xml 2011-07-12T16:03:03+00:00 Kaushik BV kaushikbv@gluster.com 2011-07-12T05:33:29+00:00 1d0cb953bb117689fb8381d65932ead486d13b05 Signed-off-by: Kaushik BV <kaushikbv@gluster.com> Signed-off-by: Anand Avati <avati@gluster.com> BUG: 2041 (volume set help option) URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=2041 
Signed-off-by: Kaushik BV <kaushikbv@gluster.com>
Signed-off-by: Anand Avati <avati@gluster.com>

BUG: 2041 (volume set help option)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=2041
glusterd: add upgrade/downgrade xlator options 2011-06-01T05:52:09+00:00 shishir gowda shishirng@gluster.com 2011-05-27T04:28:15+00:00 37b562b1605f900927494ec501dff4190eb26097 If started with upgrade-option, the current behavior is to recreate brick volfiles, as from 3.2 marker xlator is default. Signed-off-by: shishir gowda <shishirng@gluster.com> Signed-off-by: Anand Avati <avati@gluster.com> BUG: 2904 (glusterd should have upgrade/downgrade xlator options) URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=2904 
If started with upgrade-option, the current behavior is to recreate
brick volfiles, as from 3.2 marker xlator is default.

Signed-off-by: shishir gowda <shishirng@gluster.com>
Signed-off-by: Anand Avati <avati@gluster.com>

BUG: 2904 (glusterd should have upgrade/downgrade xlator options)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=2904
glusterd: Checked brick path length in 'staging'. 2011-05-04T12:00:11+00:00 Krishnan Parthasarathi kp@gluster.com 2011-05-03T05:04:57+00:00 e3571d4aab9b727715f0e51d12e6e0596f0111ce Added checks for brick path length in 'staging' of add/replace brick and create_volume subcommands. Signed-off-by: Krishnan Parthasarathi <kp@gluster.com> Signed-off-by: Anand Avati <avati@gluster.com> BUG: 2847 (volume creation fails if brick path is long) URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=2847 
Added checks for brick path length in 'staging' of add/replace
brick and create_volume subcommands.

Signed-off-by: Krishnan Parthasarathi <kp@gluster.com>
Signed-off-by: Anand Avati <avati@gluster.com>

BUG: 2847 (volume creation fails if brick path is long)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=2847