Share GlusterFS volume to a single IP address
Category : How-to
When you create a new GlusterFS Volume it is publicly available for any server on the network to read.
File servers do not generally have firewalls as they are hosted in a secure zone of a private network. Just because it’s secure doesn’t mean you should leave it wide open for anyone with access to connect to.
Using the auth.allow and auth.reject arguments in GlusterFS we can choose which IP addresses can access the volume. Access is provided at volume level, therefore you will need to alter access permissions on every new volume you create.
Run the below command on each server changing [VOLUME] to match the volume to be accessed and [IP ADDRESS] to be an IP address of the server which can connect to the current server.
gluster volume set [VOLUME] auth.allow [IP ADDRESS]
[IP ADDRESS] does not have to be a single IP address. You can also use an asterisk [*] as a wildcard, or multiple addresses separated by a comma [,]. The below example allows only servers with an IP address on the 10.1.1.x range, and 10.5.5.1 to access volume datastore.. All other servers will be denied access to the volume.
gluster volume set datastore auth.allow 10.1.1.*,10.5.5.1
3 Comments
piotrektt
23-Aug-2013 at 6:45 amHey!
Could you write something about glusterfs performance with small files? I run couple of gluster servers but the performance with small files is unbearable. Servers use teamed network adapters and share files through samba to windows. Everything is fine with big files (around 100MB) but below 100 megs it tends to slow down and with lots of 10Kb files it’s just unworkable (speed around 300KB/s when 100’s go 100MB/s). Does setting each share on different NIC would help? What is your experience with small files? Are there any other means to work around this problem? We have a lot of small files and the performance with them is crucial.
james.coyle
2-Sep-2013 at 1:17 amHi,
I am currently working on a performance post, but it will be a few days until it’s ready for publishing. I hope to have it published this week.
Cheers,
James.
francesco
16-Feb-2016 at 12:59 pmdoes the volume need to be restarted? is there any sort of mount cache? because it does not seem to work with glusterfs 3.5.7 built on Dec 15 2015 07:19:28. Do I need to upgrade?