summaryrefslogtreecommitdiffstats
path: root/xlators
diff options
context:
space:
mode:
authorNiels de Vos <ndevos@redhat.com>2015-01-01 13:15:45 +0100
committerVijay Bellur <vbellur@redhat.com>2015-03-18 03:16:42 -0700
commit89cb6bcc7335a9b5e12febcacc27f762bdcda595 (patch)
treee8319e2a0cfd54d4db15da3ae51e79e9b8ae1740 /xlators
parent1bf69fc65d777e1bbea28619c144a9cb373b47ab (diff)
glusterd: add new NFS options for exports/netgroups and related caching
The following options for the Gluster/NFS server are added : - nfs.exports-auth-enable - nfs.auth-refresh-interval-sec - nfs.auth-cache-ttl-sec BUG: 1143880 Change-Id: I37a73966c4ed27cd0f8c77200ef68a0d12b385b8 Original-author: Shreyas Siravara <shreyas.siravara@gmail.com> CC: Richard Wareing <rwareing@fb.com> CC: Jiffin Tony Thottan <jthottan@redhat.com> Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/9364 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Diffstat (limited to 'xlators')
-rw-r--r--xlators/mgmt/glusterd/src/glusterd-volume-set.c20
-rw-r--r--xlators/nfs/server/src/nfs.c68
2 files changed, 88 insertions, 0 deletions
diff --git a/xlators/mgmt/glusterd/src/glusterd-volume-set.c b/xlators/mgmt/glusterd/src/glusterd-volume-set.c
index 891801fd755..4d9dce47a13 100644
--- a/xlators/mgmt/glusterd/src/glusterd-volume-set.c
+++ b/xlators/mgmt/glusterd/src/glusterd-volume-set.c
@@ -1527,6 +1527,26 @@ struct volopt_map_entry glusterd_volopt_map[] = {
.op_version = 3
},
+ /* Cli options for Export authentication on nfs mount */
+ { .key = "nfs.exports-auth-enable",
+ .voltype = "nfs/server",
+ .option = "nfs.exports-auth-enable",
+ .type = GLOBAL_DOC,
+ .op_version = GD_OP_VERSION_3_7_0
+ },
+ { .key = "nfs.auth-refresh-interval-sec",
+ .voltype = "nfs/server",
+ .option = "nfs.auth-refresh-interval-sec",
+ .type = GLOBAL_DOC,
+ .op_version = GD_OP_VERSION_3_7_0
+ },
+ { .key = "nfs.auth-cache-ttl-sec",
+ .voltype = "nfs/server",
+ .option = "nfs.auth-cache-ttl-sec",
+ .type = GLOBAL_DOC,
+ .op_version = GD_OP_VERSION_3_7_0
+ },
+
/* Other options which don't fit any place above */
{ .key = "features.read-only",
.voltype = "features/read-only",
diff --git a/xlators/nfs/server/src/nfs.c b/xlators/nfs/server/src/nfs.c
index 4de81769fff..27dad2221a9 100644
--- a/xlators/nfs/server/src/nfs.c
+++ b/xlators/nfs/server/src/nfs.c
@@ -875,8 +875,58 @@ nfs_init_state (xlator_t *this)
}
nfs->exports_auth = GF_NFS_DEFAULT_EXPORT_AUTH;
+ if (dict_get(this->options, "nfs.exports-auth-enable")) {
+ ret = dict_get_str (this->options, "nfs.exports-auth-enable",
+ &optstr);
+ if (ret == -1) {
+ gf_log (GF_NFS, GF_LOG_ERROR, "Failed to parse dict");
+ goto free_foppool;
+ }
+
+ ret = gf_string2boolean (optstr, &boolt);
+ if (ret < 0) {
+ gf_log (GF_NFS, GF_LOG_ERROR, "Failed to parse bool "
+ "string");
+ goto free_foppool;
+ }
+
+ if (boolt == _gf_true)
+ nfs->exports_auth = 1;
+ }
+
nfs->auth_refresh_time_secs = GF_NFS_DEFAULT_AUTH_REFRESH_INTERVAL_SEC;
+ if (dict_get (this->options, "nfs.auth-refresh-interval-sec")) {
+ ret = dict_get_str (this->options,
+ "nfs.auth-refresh-interval-sec", &optstr);
+ if (ret < 0) {
+ gf_log (GF_NFS, GF_LOG_ERROR, "Failed to parse dict");
+ goto free_foppool;
+ }
+
+ ret = gf_string2uint (optstr, &nfs->auth_refresh_time_secs);
+ if (ret < 0) {
+ gf_log (GF_NFS, GF_LOG_ERROR, "Failed to parse uint "
+ "string");
+ goto free_foppool;
+ }
+ }
+
nfs->auth_cache_ttl_sec = GF_NFS_DEFAULT_AUTH_CACHE_TTL_SEC;
+ if (dict_get (this->options, "nfs.auth-cache-ttl-sec")) {
+ ret = dict_get_str (this->options,
+ "nfs.auth-cache-ttl-sec", &optstr);
+ if (ret < 0) {
+ gf_log (GF_NFS, GF_LOG_ERROR, "Failed to parse dict");
+ goto free_foppool;
+ }
+
+ ret = gf_string2uint (optstr, &nfs->auth_cache_ttl_sec);
+ if (ret < 0) {
+ gf_log (GF_NFS, GF_LOG_ERROR, "Failed to parse uint "
+ "string");
+ goto free_foppool;
+ }
+ }
/* TODO: Make this a configurable option in case we don't want to read
* exports/netgroup files off disk when they change. */
@@ -1905,5 +1955,23 @@ struct volume_options options[] = {
.description = "Sets the number of non-idempotent "
"requests to cache in drc"
},
+ { .key = {"nfs.exports-auth-enable"},
+ .type = GF_OPTION_TYPE_BOOL,
+ .description = "Set the option to 'on' to enable exports/netgroup "
+ "authentication in the NFS server and mount daemon."
+ },
+
+ { .key = {"nfs.auth-refresh-interval-sec"},
+ .type = GF_OPTION_TYPE_INT,
+ .description = "Frequency in seconds that the daemon should check for"
+ " changes in the exports/netgroups file."
+ },
+
+ { .key = {"nfs.auth-cache-ttl-sec"},
+ .type = GF_OPTION_TYPE_INT,
+ .description = "Sets the TTL of an entry in the auth cache. Value is "
+ "in seconds."
+ },
+
{ .key = {NULL} },
};