[Lustre-discuss] Kerberos auth by lnet

Josephine Palencia josephin at psc.edu
Thu Jul 29 14:45:56 PDT 2010 

Hello,

I set up 3 lustre networks for the following:

tcp0  for kerberized connections lustre 2.0
tcp21 for no kerberos auth connections to lustre 2.0
tcp18 for no kerberos auth connections to lustre 1.83

Below are the kerb specifications by network:

  Secure RPC Config Rules:
  BEER.srpc.flavor.tcp=krb5p
  BEER.srpc.flavor.tcp21=null
  BEER.srpc.flavor.default=krb5n

The name of the lustre filesystem is /beer.

youngs.beer.psc.edu on tcp0
youngs-145.beer.psc.edu on tcp21

[root at youngs ~]# !lctl list_nids
lctl list_nids list_nids
128.182.58.125 at tcp
128.182.145.125 at tcp21

[root at youngs ~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
                       4.8G  2.0G  2.6G  43% /
/dev/hda1              99M   24M   71M  25% /boot
tmpfs                 506M     0  506M   0% /dev/shm
guinness.beer.psc.edu at tcp0:/BEER
                        99G   50G   47G  52% /beer
guinness-145.beer.psc.edu at tcp21:/BEER
                        99G   50G   47G  52% /beer-145

Problem:
--------
  I can change all kerberos flavors modifications on default and tcp0, 
tcp21 and get indication  on MDS server showing the changes. 
I don't see such confirmation  for tcp21. But I can certainly mount as 
shown above. I suspect that tcp21 is defaulting to krb5p and thus 
requiring still auth for users. /beer and /beer-145 are NFS-exported to
other systems residing in same and different kerberos realms.
Root can access the filesystems with no problem but users require 
authentication.

My modprobe is of the form
options lnet ip2nets="tcp0(eth0) 128.182.58.*; tcp21(eth1) 128.182.145.*"
routes="tcp0 128.182.145.121 at tcp21; tcp21 128.182.58.121 at tcp0"

Question:
--------
What's the interoperability between lustre 2.0* and lustre 1.83?
Officially it is not compatible and/or supported?
But unofficially, we can try it? Or absolutely not compatible.

I would appreciate any feedback/corrections.

Thanks,
josephine

Reference:
----------
Lustre version: 2.0.5 Alpha
Lustre release: 1.9.280
Kernel: 2.6.18_128.7.1

More information about the lustre-discuss mailing list