Details
-
Improvement
-
Resolution: Unresolved
-
Minor
-
None
-
Lustre 2.12.3
-
9223372036854775807
Description
One issue we had to address was that if you configured all pieces of the nodemap policy at once the system did not apply the configuration consistently across all elements of the filesystem. The script creates the nodemap and sets the network range, deny_unknown, trusted and admin policies before waiting until these are set on the other mds’s before setting the fileset and identity mapping policies.
function wait_for_sync ()
{
while :
do
sleep 1
admin=$(ssh "$PARTNER" lctl get_param -n "nodemap.${TENANT_NAME}.admin_nodemap" 2>/dev/null)
trusted=$(ssh "$PARTNER" lctl get_param -n "nodemap.${TENANT_NAME}.trusted_nodemap" 2>/dev/null)
[ "$admin" == "$ADMIN" ] && [ "$trusted" == "$TRUSTED" ] && break
done
}
function create_nodemap () {
SSH_AUTH_SOCK=""
lctl nodemap_info "${TENANT_NAME}" > /dev/null 2>&1
if [ $? -ne 0 ] ; then
lctl nodemap_add "${TENANT_NAME}"
lctl nodemap_add_range --name "${TENANT_NAME}" --range "${TENANT_RANGE}"
fi
lctl nodemap_modify --name "${TENANT_NAME}" --property deny_unknown --value "$DENY"
lctl nodemap_modify --name "${TENANT_NAME}" --property trusted --value "$TRUSTED"
lctl nodemap_modify --name "${TENANT_NAME}" --property admin --value "$ADMIN"
wait_for_sync
lctl nodemap_set_fileset --name "${TENANT_NAME}" --fileset "${TENANT_DIR}"
# and the rest
}