ClusterStorage-236-4-用戶端配置挂載與授權控制（ACL&Quota）

0.實驗環境圖

1.用戶端配置挂載

在workstation上，安裝glusterfs檔案用戶端，建立挂載目錄，編輯挂載配置檔案，進行挂載，檢視檔案系統。

[[email protected] ~]# yum install -y glusterfs-fuse

[[email protected] ~]# mkdir /test

[[email protected] ~]# mkdir /secure

[[email protected] ~]# mkdir /production

[[email protected] ~]# echo "servera:/testvol /test glusterfs defaults,acl 0 0" >> /etc/fstab

[[email protected] ~]# echo "servera:/secvol /secure nfs defaults 0 0" >> /etc/fstab

[[email protected] ~]# echo "servera:/prodvol /production glusterfs defaults,acl 0 0" >> /etc/fstab

[[email protected] ~]# mount -a

[[email protected] ~]# df -Th

Filesystem       Type            Size  Used Avail Use% Mounted on

/dev/vda1        xfs              10G  3.1G  7.0G  31% /

devtmpfs         devtmpfs        902M     0  902M   0% /dev

tmpfs            tmpfs           920M   84K  920M   1% /dev/shm

tmpfs            tmpfs           920M   17M  904M   2% /run

tmpfs            tmpfs           920M     0  920M   0% /sys/fs/cgroup

tmpfs            tmpfs           184M   16K  184M   1% /run/user/42

tmpfs            tmpfs           184M     0  184M   0% /run/user/0

servera:/testvol fuse.glusterfs  4.0G   66M  4.0G   2% /test

servera:/secvol  nfs             2.0G   33M  2.0G   2% /secure

servera:/prodvol fuse.glusterfs  4.0G   66M  4.0G   2% /production

2.配置ACL

在workstation上，建立目錄，使用者組，使用者，變更屬主和屬組，設定ACL，檢視ACL。

[[email protected] ~]# mkdir /test/confidential

[[email protected] ~]# groupadd admins

[[email protected] ~]# useradd suresh

[[email protected] ~]# useradd anita

[[email protected] ~]# chown root:admins /test/confidential

[ro[email protected] ~]# setfacl -R -m u:suresh:rwX /test/confidential

[root@workstation ~]# setfacl -R -m d:u:suresh:rwX /test/confidential

[[email protected] ~]# setfacl -R -m u:anita:rX /test/confidential

[ro[email protected] ~]# setfacl -R -m d:u:anita:rX /test/confidential

[[email protected] ~]# setfacl -R -m o:- /test/confidential

[[email protected] ~]# setfacl -R -m d:o:- /test/confidential

[[email protected] ~]# getfacl /test/confidential

getfacl: Removing leading '/' from absolute path names

# file: test/confidential

# owner: root

# group: admins

user::rwx

user:suresh:rwx

user:anita:r-x

group::r-x

mask::rwx

other::---

default:user::rwx

default:user:suresh:rwx

default:user:anita:r-x

default:group::r-x

default:mask::rwx

default:other::---

3.配置Quota

在workstation上，建立使用定額的目錄，更改權限。

在servera上，激活定額功能，設定定額值（這裡采用的是硬限制）。

[[email protected] ~]# mkdir /production/mp4

[[email protected] ~]# chmod o+w /production/mp4

[[email protected] ~]# gluster volume quota prodvol enable

volume quota : success

[root@servera ~]# gluster volume quota prodvol limit-usage /mp4 128MB

volume quota : success