Tom van Leeuwen
2014-Oct-03 04:30 UTC
[Gluster-users] Export a gluster volume read-only to some clients but not all
Hi guys, First post for me! I'm running gluster 3.4.2 and have the requirement to export a glusterfs volume read-only to some hosts, but definitely not all. Is there any way to achieve this without having to introduce a frontend nfs server? Tom van Leeuwen
James
2014-Oct-03 04:39 UTC
[Gluster-users] Export a gluster volume read-only to some clients but not all
On 3 October 2014 00:30, Tom van Leeuwen <tom.van.leeuwen at saasplaza.com> wrote:> I'm running gluster 3.4.2 and have the requirement to export a glusterfs > volume read-only to some hosts, but definitely not all. > Is there any way to achieve this without having to introduce a frontend nfs > server?You should only allow hosts access to your GlusterFS servers that you trust. Firewall off the rest, and use auth.allow and auth.reject for the others. This is needed because GlusterFS doesn't have built in authentication. So the answer is that you must mount the volume readonly with standard mount 'ro' vs. 'rw' options. If there is a better solution than this, I don't know it, and maybe someone will let me know. Cheers, James
Niels de Vos
2014-Oct-03 08:02 UTC
[Gluster-users] Export a gluster volume read-only to some clients but not all
On Fri, Oct 03, 2014 at 06:30:21AM +0200, Tom van Leeuwen wrote:> Hi guys, > > First post for me! > > I'm running gluster 3.4.2 and have the requirement to export a glusterfs > volume read-only to some hosts, but definitely not all. > Is there any way to achieve this without having to introduce a frontend nfs > server?Gluster comes with its own NFS server. The nfs.volume-access option can be used to export certain volumes over NFS as read-only. I am not aware of an option to restrict write access to certain clients by only using the GlusterFS protocol, sorry. HTH, Niels