[lustre-devel] Using root squashing on lustre

Ravi Theja Reddy ravithejareddy99 at gmail.com
Wed Nov 13 15:56:45 PST 2024


Hi,

I am looking to have rootsquashing feature on lustre. As part of it, I
noticed we have 2 potential ways of doing it.
1. Setting the root_squash params for all MDTs (Can be done using lctl
conf_param). We also have the nosuash_nids param too which we can set
to provide root access to desired clients.
2. Using  nodemap feature to enforce root squash and as part of it,
creating a trustedSystems node map_group for all the lustre server_nids
and set the admin and trusted properties. And later removing the admin and
trusted properties for default nodemap group and squash the UID and GIDs.

When checked on latest lustre manual, it recommends the nodemap way, Can
someone help understand what are the pros and cons of these 2 ways ?

Also have a question around nodemap, As part of node map feature, we
need to add all the lustre server_nids. what would be the
consequences/behaviour of FS if we do not add all
the lustre server_nids into trustedSystems group ?


Thanks,
Theja
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lustre.org/pipermail/lustre-devel-lustre.org/attachments/20241113/9db1ad89/attachment.htm>


More information about the lustre-devel mailing list