From: Oscar Segarra [mailto:oscar.segarra@gmail.com]
Sent: Tuesday, February 5, 2019 1:30 PM
To: Frank Filz <ffilzlnx@mindspring.com>
Cc: Jeff Layton <jlayton@poochiereds.net>; dang@redhat.com; support@lists.nfs-ganesha.org; devel@nfs-ganesha.org
Subject: Re: [NFS-Ganesha-Support] Re: Some errors starting ganesha - ceph
Hi Frank,
Thanks a lot for your quick answer. I have tried your suggested change:
[root@vdicube_pub_ceph_nfs /]# cat /etc/ganesha/ganesha.conf
NFSV4
{
Allow_Numeric_Owners = false;
}
NFS_KRB5
{
PrincipalName = nfs;
KeytabPath = /etc/krb5.keytab;
Active_krb5 = false;
}
NFS_CORE_PARAM
{
# Enable NLM (network lock manager protocol)
Enable_NLM = false;
}
EXPORT
{
# Export Id (mandatory, each EXPORT must have a unique Export_Id)
Export_Id = 2046;
# Exported path (mandatory)
Path = /;
# Pseudo Path (for NFS v4)
Pseudo = /;
# Access control options
Access_Type = NONE;
Squash = No_Root_Squash;
Anonymous_Uid = -2;
Anonymous_Gid = -2;
# NFS protocol options
Transports = "TCP";
Protocols = "4";
SecType = "sys";
Manage_Gids = true;
CLIENT {
Clients = 192.168.100.104,192.168.100.105;
Access_Type = RO;
}
# Exporting FSAL
FSAL {
Name = CEPH;
User_Id = "admin";
}
}
LOG {
Default_Log_Level = WARN;
Components {
# ALL = DEBUG;
# SESSIONS = INFO;
}
}
[root@vdicube_pub_ceph_nfs /]#
28/01/2019 23:15:18 : epoch 5c4f7ef5 : vdicube_pub_ceph_nfs : ganesha.nfsd-
> 25[main] nfs_Init_svc :DISP :CRIT :Cannot acquire credentials for principal nfs,
This one can be made to not happen by setting:
NFS_KRB5
{
Active_krb5 = false;
}
You are right, the previous message has dissappeared!
> 28/01/2019 23:15:18 : epoch 5c4f7ef5 : vdicube_pub_ceph_nfs : ganesha.nfsd-
> 25[main] nfs_Init_admin_thread :NFS CB :EVENT :Admin thread initialized,
> 28/01/2019 23:15:18 : epoch 5c4f7ef5 : vdicube_pub_ceph_nfs : ganesha.nfsd-
> 25[main] nfs_rpc_cb_init_ccache :NFS STARTUP :EVENT :Callback creds
> directory (/var/run/ganesha) already exists,
This one perhaps should not be an EVENT, maybe just an INFO, or maybe silent (with perhaps a INFO if it IS created).
I have deleted the folder /var/run/ganesha before run ganesha and messages have disappeared too.
> 28/01/2019 23:15:20 : epoch 5c4f7ef5 : vdicube_pub_ceph_nfs : ganesha.nfsd-
> 25[main] nfs_rpc_cb_init_ccache :NFS STARTUP :WARN
> :gssd_refresh_krb5_machine_credential failed (-1765328160:0),
Hmm, the code that generates this perhaps should not be executed if Active_krb5 = false.
Unfortunately not. Messages are still in the log:
Yea, we will have to make code changes for that one.
05/02/2019 22:14:08 : epoch 5c59fc9f : vdicube_pub_ceph_nfs : ganesha.nfsd-25[main] nfs_rpc_cb_init_ccache :NFS STARTUP :WARN :gssd_refresh_krb5_machine_credential failed (-1765328160:0)
The statd daemon is not necessary for NFS v4 only, and Enable_NLM = false is just fine in that case. NLM is Network Lock Manager, the lock protocol for NFS v3.
Let me another question regarding parallel services. sssd and rpcbind ara necessary for nfsv4 too?
sssd is not necessary for NFS though I guess maybe it could be used (I really don’t know anything about it… other than knowing it doesn’t need to be part of a minimal NFS implementation…)
rpcbind is optional with NFS v4. NFS v4 clients are well prepared to communicate to the server over the default port 2049 or optionally a port specified on the mount command.
You can also set Protocols = 4 in NFS_CORE_PARAM to completely disable NFS v4 (and 9P).
I don't want to disable nfsv4... :S. Please can you clarify?
Sorry, I mistyped, Protocols = 4 will leave NFS v4 active and disable NFS v3 and 9P.
Thanks a lot.