Build Glusterfs From Source

https://github.com/gluster/glusterfs/tree/v3.6.1


0. CentOS (only)

-install EPEL first:

sudo yum install https://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm

-install the packages required only on CentOS:

sudo yum -y install python-webob1.0 python-paste-deploy1.5 python-sphinx10 redhat-rpm-config

1. Environment setup

To setup the build environment on an Ubuntu system, type the following command to install the required packages:

sudo apt-get -y install python-pyxattr libreadline-dev systemtap-sdt-dev tar python-pastedeploy python-simplejson python-sphinx python-webob libssl-dev pkg-config python-dev python-eventlet python-netifaces libaio-dev libibverbs-dev libtool libxml2-dev liblvm2-dev make autoconf automake bison dos2unix flex libfuse-dev librdmacm-dev libglib2.0-dev

To setup the build environment on CentOS, type the following command to install the required packages:

sudo yum -y --disablerepo=rhs* --enablerepo=*optional-rpms install git autoconf \
   automake bison cmockery2-devel dos2unix flex fuse-devel glib2-devel libaio-devel \
   libattr-devel libibverbs-devel librdmacm-devel libtool libxml2-devel lvm2-devel make \
   openssl-devel pkgconfig pyliblzma python-devel python-eventlet python-netifaces \
   python-paste-deploy python-simplejson python-sphinx python-webob pyxattr readline-devel \
   rpm-build systemtap-sdt-devel tar

2. Pull source code

clone the GlusterFS git repository

git clone https://github.com/gluster/glusterfs.git

Choose which branch to compile

cd glusterfs
git branch -a | grep release

if you want to branch other release

git checkout v3.5.3

3. Creating build environment

./autogen.sh
./configure --enable-fusermount

 
- During development it is good to enable a debug build
./configure --enable-debug

- Further configuration flags can be found

./configure --help

4. Build and install

make
sudo make install

5. close firewalls

CentOS

systemctl disable NetworkManager.service
systemctl stop NetworkManager.service

systemctl disable firewalld.service
systemctl stop firewalld.service

systemctl enable glusterd.service
systemctl start glusterd.service

 
Ubuntu
ufw disable
sudo ufw default allow

 
 

6. Hack GlusterFS!

hack-GlusterFS

 
 
 
 
 

附錄一 - error

§ install cmockery2

cmockery2.git

§ libglusterfs.so.0: cannot open shared object file

try adding '/usr/local/lib' in /etc/ld.so.conf, and run ldconfig

附錄二 - Discussion

entity version IP Linux
g server 3.7dev 192.168.168.9 CentOS 7
max server 3.7dev 192.168.168.10 Ubuntu 14.04.1
n1 server 3.7dev 192.168.168.11 Ubuntu 14.04.1
n2 server 3.7dev 192.168.168.12 Ubuntu 14.04.1
n3 server 3.7dev 192.168.168.13 Ubuntu 14.04.1
n4 server 3.7dev 192.168.168.14 Ubuntu 14.04.1
c client 3.4.2 192.168.168.15 Ubuntu 14.04.1
c1 client 3.7dev 192.168.168.20 Ubuntu 14.04.1

 

一個client分一個volume

n1 & n2做dis-vol和dis-vol2

gluster volume create dis-vol transport tcp n1:/export/sdb1/dis-vol n2:/export/sdb1/dis-vol
gluster volume create dis-vol2 transport tcp n1:/export/sdb1/dis-vol2 n2:/export/sdb1/dis-vol2

 
c & c1分別mount: dis-vol和dis-vol2
mount -t glusterfs max:/dis-vol /mnt/mydisvol  // c
mount -t glusterfs max:/dis-vol2 /mnt/mydisvol // c1

  
結論
  • 資料不會彼此看見(c和c1產生的檔案彼此獨立)
  • 但所有資料夾任何人都可以mount (就算產生的檔案獨立, 別人還是可以取得)

  

  • «PROBLEM SET»

所有資料夾任何人都可以mount

如何驗證client?SSL/TLS?

如何限制每個資料夾的權限?ACL?

 
 

POSIX ACLs

admin_ACLs.md  中翻英介紹


試用之後的感覺是

它可以讓某個client端

去管理每個user/group對檔案或資料夾的使用權限

Alternatively, if the partition is listed in the /etc/fstab file,
add the following entry for the partition to include the POSIX ACLs option:

LABEL=/work /export1 ext3 rw, acl 14

echo "/dev/sdb1 /export/sdb1 ext4 rw,acl 14" » /etc/fstab

這樣不知道有沒有成功, 但開好機df -h是有掛載成功的

xfs 格式不敷使用, 另外切成 ext3或ex4才可以

 

SSL/TLS

admin_ssl.md


-gen key

openssl genrsa -out glusterfs.key 1024
openssl req -new -x509 -key gluster.key -subj /CN=Anyone -out glusterfs.pem
Next step is to create glusterfs.ca file 
 - you do that by simply copy glusterfs.pem into glusterfs.ca

 
In GlusterFS's case, a client or server X uses the following files to contain TLS-related information:
  • /etc/ssl/glusterfs.pem X's own certificate
  • /etc/ssl/glusterfs.key X's private key
  • /etc/ssl/glusterfs.ca concatenation of others' certificates

 

在mount的時候, 出現error

無法解決 (暫時擱著)

附錄三 - questions

volume 可以同名嗎?

volume create: dis-vol: failed: Volume dis-vol already exists

 
 

可以用IP去probe一個node嗎? (without edit /etc/hosts)

peer probe: success.

 
 

除非特別註明,本頁內容採用以下授權方式: Creative Commons Attribution-ShareAlike 3.0 License