GlusterFS
Installation
1 |
|
1 |
|
Start the GlusterFS daemon.
1 |
|
Firewall
Before starting to set up GlusterFS, access should be allowed among all participating systems where the GlusterFS server is running1.
Peer
A peer is a server used by GlusterFS.
Add peer
1 |
|
Hint
The command can be executed on any server who runs GlusterFS.
Show peer status
Shows the current status of all peers.
1 |
|
Remove peer
1 |
|
List peers
1 |
|
Volume
A volume is a virtual collection of multiple bricks.
Add volume
1 |
|
Examples
1 |
|
1 |
|
Number of peers
The number of peers have to be lower or equal like the amount of servers, but must be higher than 1 to provide redundancy.
Start volume
After a volume is created, it must be started before it can be used.
1 |
|
Show volume status
Shows the current status of all volumes.
1 |
|
Shows the current status the given volume.
1 |
|
Show volume info
1 |
|
Volume details
To get more detailed information about a specific volume run the following two commands.
1 |
|
1 |
|
List volumes
1 |
|
Access
Allow the volume access only for a specific IP or FQDN.
1 |
|
Allow the volume access for multiple specific IP's or FQDN's.
1 |
|
Allow the access for everyone.
1 |
|
Allow the access for everyone on encrypted connections.
1 |
|
Volume restart
A volume restart may be required for the changes to take effect.
Delete volume
The volume must be stopped first.
1 |
|
1 |
|
Brick
A brick is a directory where the volume data is stored.
Add brick
1 |
|
Add brick to an existing volume.
1 |
|
Remove brick
1 |
|
Adjust replicas
To adjust the replicas when expanding or reducing the cluster, the new number of peers can be specified when adding or removing the Brick.
Encryption
Between server
To use encryption between the servers, a private key and certificate are needed. The private key must be stored like /etc/ssl/glusterfs.key
and the certificate must be stored like /etc/ssl/glusterfs.pem
.
Private key and certificate
See TLS to create a private key and certificate.
Additional a third file is needed to combine the certificates of all servers and must be stored like /etc/ssl/glusterfs.ca
. The order of the certificates does not matter.
To enable encryption between the servers the following file must be created, and the daemon restarted.
1 |
|
1 |
|
To clients
Server instructions
To encrypt the client communication all instructions for the servers must be executed too.
Enable client and server side encryption for a volume. Both commands must be executed, because they are only working together.
1 |
|
1 |
|
Volume restart
The volume must be stopped and started afterwards, otherwise it cannot be mounted2.
Heal
Volume
Enter the following command to get healing information about the volume.
1 |
|
If everything is OK, an output similar to this one will be displayed.
1 2 3 4 5 6 7 |
|
A possible problem would look like this3.
1 2 |
|
Log
The logfiles are located at /var/log/glusterfs
.
Name | File | Description |
---|---|---|
Glusterd | glusterd.log |
One glusterd log file per server. This log file also contains the snapshot and user logs. |
Gluster cli command | cli.log |
Gluster commands executed on a node in a GlusterFS. |
Bricks | bricks/[brick path].log |
One log file per brick on the server. |
Rebalance | [volume]-rebalance.log |
One log file per volume on the server. |
Self heal deamon | glustershd.log |
One log file per server. |
Quota | quotad.log |
The quota daemons running on each node. |
Client
Mount
1 |
|
-
The port 24007 for the GlusterFS daemon, as well as for each created volume, must be released a port ascending from 49152. The first volume uses port 49152, the second volume uses port 49153, the third volume 49154, and so on. ↩
-
The volume heal command could be display an error like at the volume section under Heal. ↩
-
This problem could mean that encryption was enabled, but the volume was not restarted. See Client. ↩