|
Gluster 4.0 : GlusterFS + NFS-Ganesha
2018/03/31 |
|
Install NFS-Ganesha and integrate with GlusterFS to mount Gluster Volume with NFS protocol.
The supported NFS protocols by NFS-Ganesha are v3, v4.0, v4.1, pNFS. |
|
| [1] | Disable NFS feature in Gluster first. The NFS feature in Gluster is officially deprecated. Also if NFS server is running, stop and disable it, too. |
|
# OK if [nfs.disable: on] (default setting) [root@node01 ~]# gluster volume get vol_distributed nfs.disable Option Value ------ ----- nfs.disable on # if [nfs.disable: off], turn to disable [root@node01 ~]# gluster volume set vol_distributed nfs.disable on volume set: success # if NFS server is running, disable it [root@node01 ~]# systemctl stop nfs-server [root@node01 ~]# systemctl disable nfs-server |
| [2] | Install and Configure NFS-Ganesha on a Node in GlusterFS Cluster. |
|
[root@node01 ~]#
[root@node01 ~]# yum --enablerepo=centos-gluster40 -y install nfs-ganesha-gluster mv /etc/ganesha/ganesha.conf /etc/ganesha/ganesha.conf.org
[root@node01 ~]#
vi /etc/ganesha/ganesha.conf # create new
NFS_CORE_PARAM {
# possible to mount with NFSv3 to NFSv4 Pseudo path
mount_path_pseudo = true;
# NFS protocol
Protocols = 3,4;
}
EXPORT_DEFAULTS {
# default access mode
Access_Type = RW;
}
EXPORT {
# uniq ID
Export_Id = 101;
# mount path of Gluster Volume
Path = "/vol_distributed";
FSAL {
# any name
name = GLUSTER;
# hostname or IP address of this Node
hostname="10.0.0.51";
# Gluster volume name
volume="vol_distributed";
}
# config for root Squash
Squash="No_root_squash";
# NFSv4 Pseudo path
Pseudo="/vfs_distributed";
# allowed security options
SecType = "sys";
}
LOG {
# default log level
Default_Log_Level = WARN;
}
# verify mount [root@node01 ~]# showmount -e localhost Export list for localhost: /vfs_distributed (everyone) |
| [3] | If SELinux is enabled, change policy. |
|
[root@node01 ~]#
vi ganeshanfsd.te # create new
module ganeshanfsd 1.0;
require {
type random_device_t;
type portmap_port_t;
type reserved_port_t;
type ganesha_t;
class capability dac_override;
class tcp_socket name_connect;
class chr_file getattr;
}
#============= ganesha_t ==============
allow ganesha_t portmap_port_t:tcp_socket name_connect;
allow ganesha_t random_device_t:chr_file getattr;
allow ganesha_t reserved_port_t:tcp_socket name_connect;
allow ganesha_t self:capability dac_override;
checkmodule -m -M -o ganeshanfsd.mod ganeshanfsd.te checkmodule: loading policy configuration from ganeshanfsd.te checkmodule: policy configuration loaded checkmodule: writing binary representation (version 17) to ganeshanfsd.mod [root@node01 ~]# semodule_package --outfile ganeshanfsd.pp --module ganeshanfsd.mod [root@node01 ~]# semodule -i ganeshanfsd.pp |
| [4] | If Firewalld is running, allow NFS service. |
|
[root@node01 ~]# firewall-cmd --add-service=nfs --permanent success [root@node01 ~]# firewall-cmd --reload success |
| [5] | Verify NFS mounting on a Client. |
|
[root@client ~]#
yum -y install nfs-utils specify Pseudo path set on [Pseudo=***] in ganesha.conf [root@client ~]# mount -t nfs4 node01.srv.world:/vfs_distributed /mnt [root@client ~]# df -hT Filesystem Type Size Used Avail Use% Mounted on /dev/mapper/cl-root xfs 26G 1.4G 25G 6% / devtmpfs devtmpfs 2.0G 0 2.0G 0% /dev tmpfs tmpfs 2.0G 0 2.0G 0% /dev/shm tmpfs tmpfs 2.0G 8.4M 2.0G 1% /run tmpfs tmpfs 2.0G 0 2.0G 0% /sys/fs/cgroup /dev/vda1 xfs 1014M 234M 781M 24% /boot tmpfs tmpfs 396M 0 396M 0% /run/user/0 node01.srv.world:/vfs_distributed nfs4 52G 3.3G 49G 7% /mnt |