[Linux-cluster] nfs4 kerberos

Thu Apr 7 10:44:00 UTC 2011

That's interesting about making the portmapper dependant on the IP, was
this for the same reason I'm seeing just now. I used the method from NFS
cookbook where I pseudo load balancing by distributing my NFS exports
across my nodes. Sadly the RHEL 6 portmapper replacement (rpcbind)
replies on the node IP and not the service IP, and this breaks NFSv3
mounts from RHEL5 clients with iptables stateful firewalls.

I opened a bug on this one and have a call open with RH (via Dell) on
this:
https://bugzilla.redhat.com/show_bug.cgi?id=689589

But I too would like a good clean method of doing kerberized NFSv4 on a
RHEL6 cluster. I thought NFSv4 being so central to RHEL6 this would be
easy on a RHEL6 cluster (without using XEN)? Can the cookbook be
updated?

Which brings up another point. The RHEL cluster documentation is good,
however it doesn't really help you implement a working cluster too
easily (beyond the apache example), it's a bit reference orientated. I
found myself googling around for examples of different RA types. Is
there a more hands on set of docs around (or book)? It could almost do
with a cookbook for every RA!

Thanks

Colin

On Thu, 2011-04-07 at 02:52 +0100, Ian Hayes wrote:
> Shouldnt have to recompile rpc.gssd. On failover I migrated the ip
> address first, made portmapper a depend on the ip, rpc.gssd depend on
> portmap and nfsd depend on rpc. As for the hostname, I went with the
> inelegant solution of putting a 'hostname' command in the start
> functions of the portmapper script since that fires first in my
> config.
> 
> > On Apr 6, 2011 6:06 PM, "Daniel R. Gore" <danielgore at yaktech.com>
> > wrote:
> > 
> > I also found this thread, after many searches.
> > http://linux-nfs.org/pipermail/nfsv4/2009-April/010583.html
> > 
> > As I read through it, there appears to be a patch for rpc.gssd which
> > allows for the daemon to be started and associated with multiple
> > hosts.
> > I do not want to compile rpc.gssd and it appears the patch is from
> > over
> > two years ago.  I would hope that RHEL6 would have rpc.gssd patched
> > to
> > meet this requirement, but no documentation appear to exist for how
> > to
> > use it.
> > 
> > 
> > 
> > 
> > 
> > On Wed, 2011-04-06 at 20:23 -0400, Daniel R. Gore wrote:
> > > Ian,
> > > 
> > > Thanks for the info. 
> > > 
> > >...
> > 
> 
> plain text document attachment (ATT114553.txt)
> --
> Linux-cluster mailing list
> Linux-cluster at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-cluster

This email and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed.  If you are not the original recipient or the person responsible for delivering the email to the intended recipient, be advised that you have received this email in error, and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited. If you received this email in error, please immediately notify the sender and delete the original.