ClusterStorage-236-4-客户端配置挂载与授权控制（ACL&Quota）

0.实验环境图

1.客户端配置挂载

在workstation上，安装glusterfs文件客户端，创建挂载目录，编辑挂载配置文件，进行挂载，查看文件系统。

[[email protected] ~]# yum install -y glusterfs-fuse

[[email protected] ~]# mkdir /test

[[email protected] ~]# mkdir /secure

[[email protected] ~]# mkdir /production

[[email protected] ~]# echo "servera:/testvol /test glusterfs defaults,acl 0 0" >> /etc/fstab

[[email protected] ~]# echo "servera:/secvol /secure nfs defaults 0 0" >> /etc/fstab

[[email protected] ~]# echo "servera:/prodvol /production glusterfs defaults,acl 0 0" >> /etc/fstab

[[email protected] ~]# mount -a

[[email protected] ~]# df -Th

Filesystem       Type            Size  Used Avail Use% Mounted on

/dev/vda1        xfs              10G  3.1G  7.0G  31% /

devtmpfs         devtmpfs        902M     0  902M   0% /dev

tmpfs            tmpfs           920M   84K  920M   1% /dev/shm

tmpfs            tmpfs           920M   17M  904M   2% /run

tmpfs            tmpfs           920M     0  920M   0% /sys/fs/cgroup

tmpfs            tmpfs           184M   16K  184M   1% /run/user/42

tmpfs            tmpfs           184M     0  184M   0% /run/user/0

servera:/testvol fuse.glusterfs  4.0G   66M  4.0G   2% /test

servera:/secvol  nfs             2.0G   33M  2.0G   2% /secure

servera:/prodvol fuse.glusterfs  4.0G   66M  4.0G   2% /production

2.配置ACL

在workstation上，创建目录，用户组，用户，变更属主和属组，设置ACL，查看ACL。

[[email protected] ~]# mkdir /test/confidential

[[email protected] ~]# groupadd admins

[[email protected] ~]# useradd suresh

[[email protected] ~]# useradd anita

[[email protected] ~]# chown root:admins /test/confidential

[ro[email protected] ~]# setfacl -R -m u:suresh:rwX /test/confidential

[root@workstation ~]# setfacl -R -m d:u:suresh:rwX /test/confidential

[[email protected] ~]# setfacl -R -m u:anita:rX /test/confidential

[ro[email protected] ~]# setfacl -R -m d:u:anita:rX /test/confidential

[[email protected] ~]# setfacl -R -m o:- /test/confidential

[[email protected] ~]# setfacl -R -m d:o:- /test/confidential

[[email protected] ~]# getfacl /test/confidential

getfacl: Removing leading '/' from absolute path names

# file: test/confidential

# owner: root

# group: admins

user::rwx

user:suresh:rwx

user:anita:r-x

group::r-x

mask::rwx

other::---

default:user::rwx

default:user:suresh:rwx

default:user:anita:r-x

default:group::r-x

default:mask::rwx

default:other::---

3.配置Quota

在workstation上，创建使用定额的目录，更改权限。

在servera上，激活定额功能，设置定额值（这里采用的是硬限制）。

[[email protected] ~]# mkdir /production/mp4

[[email protected] ~]# chmod o+w /production/mp4

[[email protected] ~]# gluster volume quota prodvol enable

volume quota : success

[root@servera ~]# gluster volume quota prodvol limit-usage /mp4 128MB

volume quota : success