From 34899d71f21fd2b4c523b68ffb2d7c655c776641 Mon Sep 17 00:00:00 2001 From: Atin Mukherjee Date: Thu, 31 Mar 2016 11:01:53 +0530 Subject: glusterd: Allocate fresh port on brick (re)start There is no point of using the same port through the entire volume life cycle for a particular bricks process since there is no guarantee that the same port would be free and no other application wouldn't consume it in between the glusterd/volume restart. We hit a race where on glusterd restart the daemon services start followed by brick processes and the time brick process tries to bind with the port which was allocated by glusterd before a restart is been already consumed by some other client like NFS/SHD/... Note : This is a short term solution as here we reduce the race window but don't eliminate it completely. As a long term solution the port allocation has to be done by glusterfsd and the same should be communicated back to glusterd for book keeping Change-Id: Ibbd1e7ca87e51a7cd9cf216b1fe58ef7783aef24 BUG: 1322805 Signed-off-by: Atin Mukherjee Reviewed-on: http://review.gluster.org/13865 Smoke: Gluster Build System NetBSD-regression: NetBSD Build System CentOS-regression: Gluster Build System Reviewed-by: Jeff Darcy --- tests/features/ssl-ciphers.t | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'tests/features') diff --git a/tests/features/ssl-ciphers.t b/tests/features/ssl-ciphers.t index 9ee7fc6c16f..f5909f320ac 100644 --- a/tests/features/ssl-ciphers.t +++ b/tests/features/ssl-ciphers.t @@ -137,6 +137,7 @@ EXPECT "`pwd`/`dirname $0`/dh1024.pem" volume_option $V0 ssl.dh-param TEST $CLI volume stop $V0 TEST $CLI volume start $V0 EXPECT_WITHIN $CHILD_UP_TIMEOUT "1" online_brick_count +BRICK_PORT=`brick_port $V0` EXPECT "Y" openssl_connect -cipher EDH -connect $H0:$BRICK_PORT # Test the cipher-list option @@ -145,6 +146,7 @@ EXPECT AES256-SHA volume_option $V0 ssl.cipher-list TEST $CLI volume stop $V0 TEST $CLI volume start $V0 EXPECT_WITHIN $CHILD_UP_TIMEOUT "1" online_brick_count +BRICK_PORT=`brick_port $V0` EXPECT "Y" openssl_connect -cipher AES256-SHA -connect $H0:$BRICK_PORT EXPECT "N" openssl_connect -cipher AES128-SHA -connect $H0:$BRICK_PORT @@ -154,6 +156,7 @@ EXPECT EECDH:EDH:!TLSv1 volume_option $V0 ssl.cipher-list TEST $CLI volume stop $V0 TEST $CLI volume start $V0 EXPECT_WITHIN $CHILD_UP_TIMEOUT "1" online_brick_count +BRICK_PORT=`brick_port $V0` EXPECT "N" openssl_connect -cipher AES256-SHA -connect $H0:$BRICK_PORT EXPECT "Y" openssl_connect -cipher EECDH -connect $H0:$BRICK_PORT @@ -162,6 +165,7 @@ EXPECT invalid volume_option $V0 ssl.ec-curve TEST $CLI volume stop $V0 TEST $CLI volume start $V0 EXPECT_WITHIN $CHILD_UP_TIMEOUT "1" online_brick_count +BRICK_PORT=`brick_port $V0` EXPECT "N" openssl_connect -cipher EECDH -connect $H0:$BRICK_PORT TEST $CLI volume set $V0 ssl.ec-curve secp521r1 @@ -169,6 +173,7 @@ EXPECT secp521r1 volume_option $V0 ssl.ec-curve TEST $CLI volume stop $V0 TEST $CLI volume start $V0 EXPECT_WITHIN $CHILD_UP_TIMEOUT "1" online_brick_count +BRICK_PORT=`brick_port $V0` EXPECT "Y" openssl_connect -cipher EECDH -connect $H0:$BRICK_PORT # test revocation -- cgit