[Linux-cluster] nfs4 kerberos
danielgore at yaktech.com
danielgore at yaktech.com
Thu Apr 7 18:58:16 UTC 2011
Ian,
You can find it here;
http://sourceware.org/cluster/doc/nfscookbook.pdf
> I had written up a rather large set of build documentation for many common
> clustered services. NFS4, Samba, Postfix/Cyrus, Squid and some other
> stuff.
> But those docs stayed with my employer, so.... I don't think I've seen
> this
> cookbook, is it some wiki-type thing where new docs can be contributed?
>
> On Thu, Apr 7, 2011 at 5:08 AM, Daniel R. Gore
> <danielgore at yaktech.com>wrote:
>
>> A better solution for NFSv4 in a cluster is really required.
>>
>>
>> A better cookbook with more real life likely scenarios for clustering
>> solutions would be really helpful. How many people actually setup the
>> complex three layered solutions depicted, as compared to people setting
>> up simple two/three node servers to for authorization, authentication,
>> file and license serving. It appears that the small business applicable
>> system is completely ignored.
>>
>>
>> On Thu, 2011-04-07 at 11:44 +0100, Colin Simpson wrote:
>> > That's interesting about making the portmapper dependant on the IP,
>> was
>> > this for the same reason I'm seeing just now. I used the method from
>> NFS
>> > cookbook where I pseudo load balancing by distributing my NFS exports
>> > across my nodes. Sadly the RHEL 6 portmapper replacement (rpcbind)
>> > replies on the node IP and not the service IP, and this breaks NFSv3
>> > mounts from RHEL5 clients with iptables stateful firewalls.
>> >
>> > I opened a bug on this one and have a call open with RH (via Dell) on
>> > this:
>> > https://bugzilla.redhat.com/show_bug.cgi?id=689589
>> >
>> > But I too would like a good clean method of doing kerberized NFSv4 on
>> a
>> > RHEL6 cluster. I thought NFSv4 being so central to RHEL6 this would be
>> > easy on a RHEL6 cluster (without using XEN)? Can the cookbook be
>> > updated?
>> >
>> > Which brings up another point. The RHEL cluster documentation is good,
>> > however it doesn't really help you implement a working cluster too
>> > easily (beyond the apache example), it's a bit reference orientated. I
>> > found myself googling around for examples of different RA types. Is
>> > there a more hands on set of docs around (or book)? It could almost do
>> > with a cookbook for every RA!
>> >
>> > Thanks
>> >
>> > Colin
>> >
>> > On Thu, 2011-04-07 at 02:52 +0100, Ian Hayes wrote:
>> > > Shouldnt have to recompile rpc.gssd. On failover I migrated the ip
>> > > address first, made portmapper a depend on the ip, rpc.gssd depend
>> on
>> > > portmap and nfsd depend on rpc. As for the hostname, I went with the
>> > > inelegant solution of putting a 'hostname' command in the start
>> > > functions of the portmapper script since that fires first in my
>> > > config.
>> > >
>> > > > On Apr 6, 2011 6:06 PM, "Daniel R. Gore" <danielgore at yaktech.com>
>> > > > wrote:
>> > > >
>> > > > I also found this thread, after many searches.
>> > > > http://linux-nfs.org/pipermail/nfsv4/2009-April/010583.html
>> > > >
>> > > > As I read through it, there appears to be a patch for rpc.gssd
>> which
>> > > > allows for the daemon to be started and associated with multiple
>> > > > hosts.
>> > > > I do not want to compile rpc.gssd and it appears the patch is from
>> > > > over
>> > > > two years ago. I would hope that RHEL6 would have rpc.gssd
>> patched
>> > > > to
>> > > > meet this requirement, but no documentation appear to exist for
>> how
>> > > > to
>> > > > use it.
>> > > >
>> > > >
>> > > >
>> > > >
>> > > >
>> > > > On Wed, 2011-04-06 at 20:23 -0400, Daniel R. Gore wrote:
>> > > > > Ian,
>> > > > >
>> > > > > Thanks for the info.
>> > > > >
>> > > > >...
>> > > >
>> > >
>> > > plain text document attachment (ATT114553.txt)
>> > > --
>> > > Linux-cluster mailing list
>> > > Linux-cluster at redhat.com
>> > > https://www.redhat.com/mailman/listinfo/linux-cluster
>> >
>> > This email and any files transmitted with it are confidential and are
>> intended solely for the use of the individual or entity to whom they are
>> addressed. If you are not the original recipient or the person
>> responsible
>> for delivering the email to the intended recipient, be advised that you
>> have
>> received this email in error, and that any use, dissemination,
>> forwarding,
>> printing, or copying of this email is strictly prohibited. If you
>> received
>> this email in error, please immediately notify the sender and delete the
>> original.
>> >
>> >
>> >
>> > --
>> > Linux-cluster mailing list
>> > Linux-cluster at redhat.com
>> > https://www.redhat.com/mailman/listinfo/linux-cluster
>> >
>>
>>
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
>> --
>> Linux-cluster mailing list
>> Linux-cluster at redhat.com
>> https://www.redhat.com/mailman/listinfo/linux-cluster
>>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> --
> Linux-cluster mailing list
> Linux-cluster at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-cluster
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Linux-cluster
mailing list