[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Linux-cluster] nfs4 kerberos



I've done some work on clustering NFSv4 using Kerberos at a previous job.... I probably did this completely wrong, but I did get it working. The big gotcha that I had was that all cluster members need the same keytab for the NFS service. I also had to have the active node change its hostname to match the keytab before it started up NFS. There are the usual NFS4 specific stuff you need to do like /etc/exports and building the pseudo filesystem. I did a few bind mounts to get everything under the pseudo-fs. Obviously I'm assuming that you have NFS4 working on a single-node environment and therefore know what to do to get that working (ie, keytabs for the clients).

The cluster I had built was hosting NFS4 and Samba, with a shared GFS filesystem on an iSCSI backend. It ran pretty decent for secondhand test equipment. I was actually able to benchmark the GFS performance while I tuned the GFS with a little script that wrote out randomly sized files.

I did some extensive build documentation of how to build a Kerberized NFS4 cluster, but I doubt my old employer would be willing to release them. But like Henry Jones, Sr., I wrote them down so I wouldn't have to remember them.

On Wed, Apr 6, 2011 at 3:42 PM, Daniel R. Gore <danielgore yaktech com> wrote:
I am trying to get Kerberos authenticated high available NFS service
running.  I have looked at the cookbook, but it does not cover this.

Any ideas?

Thank you

Dan


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

--
Linux-cluster mailing list
Linux-cluster redhat com
https://www.redhat.com/mailman/listinfo/linux-cluster


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]