From ecb5c63d41daf98c3bca73d2ab24aa77e1b34886 Mon Sep 17 00:00:00 2001 From: Sunny Kumar Date: Mon, 17 Dec 2018 12:56:33 +0530 Subject: [PATCH 480/493] geo-rep: Make slave volume read-only (by default) Added a command to set "features.read-only" option to a default value "on" for slave volume. Changes are made in: $SRC//extras/hook-scripts/S56glusterd-geo-rep-create-post.sh for root geo-rep and $SRC/geo-replication/src/set_geo_rep_pem_keys.sh for non-root geo-rep. Upstream patch : https://review.gluster.org/#/c/glusterfs/+/21739 >Fixes: bz#1654187 >Signed-off-by: Harpreet Kaur Change-Id: I15beeae3506f3f6b1dcba0a5c50b6344fd468c7c BUG: 1643370 Signed-off-by: Sunny Kumar Reviewed-on: https://code.engineering.redhat.com/gerrit/158790 Tested-by: RHGS Build Bot Reviewed-by: Kotresh Hiremath Ravishankar Reviewed-by: Sunil Kumar Heggodu Gopala Acharya --- extras/hook-scripts/S56glusterd-geo-rep-create-post.sh | 1 + geo-replication/src/set_geo_rep_pem_keys.sh | 1 + tests/geo-rep.rc | 7 +++++++ tests/geo-rep/georep-basic-dr-rsync.t | 3 +++ tests/geo-rep/georep-basic-dr-tarssh.t | 3 +++ 5 files changed, 15 insertions(+) diff --git a/extras/hook-scripts/S56glusterd-geo-rep-create-post.sh b/extras/hook-scripts/S56glusterd-geo-rep-create-post.sh index a5e472e..589c263 100755 --- a/extras/hook-scripts/S56glusterd-geo-rep-create-post.sh +++ b/extras/hook-scripts/S56glusterd-geo-rep-create-post.sh @@ -90,5 +90,6 @@ if [ -f $pub_file ]; then ssh -p ${SSH_PORT} $slave_ip "mv $pub_file_tmp ${pub_file_dname}/${mastervol}_${slavevol}_${pub_file_bname}" ssh -p ${SSH_PORT} $slave_ip "gluster system:: copy file /geo-replication/${mastervol}_${slavevol}_common_secret.pem.pub > /dev/null" ssh -p ${SSH_PORT} $slave_ip "gluster system:: execute add_secret_pub root geo-replication/${mastervol}_${slavevol}_common_secret.pem.pub > /dev/null" + ssh -p ${SSH_PORT} $slave_ip "gluster vol set ${slavevol} features.read-only on" fi fi diff --git a/geo-replication/src/set_geo_rep_pem_keys.sh b/geo-replication/src/set_geo_rep_pem_keys.sh index ae23f4f..8a43fa3 100755 --- a/geo-replication/src/set_geo_rep_pem_keys.sh +++ b/geo-replication/src/set_geo_rep_pem_keys.sh @@ -47,6 +47,7 @@ function main() cp $home_dir/${COMMON_SECRET_PEM_PUB} ${GLUSTERD_WORKDIR}/geo-replication/ gluster system:: copy file /geo-replication/${COMMON_SECRET_PEM_PUB} gluster system:: execute add_secret_pub $user geo-replication/${master_vol}_${slave_vol}_common_secret.pem.pub + gluster vol set ${slave_vol} features.read-only on else echo "$home_dir/common_secret.pem.pub not present. Please run geo-replication command on master with push-pem option to generate the file" exit 1; diff --git a/tests/geo-rep.rc b/tests/geo-rep.rc index 1a44b4a..f9ab3fc 100644 --- a/tests/geo-rep.rc +++ b/tests/geo-rep.rc @@ -230,3 +230,10 @@ function hardlink_rename_ok() fi return 0 } + +function check_slave_read_only() +{ + volum=$1 + gluster volume info $1 | grep 'features.read-only: on' + echo $? +} diff --git a/tests/geo-rep/georep-basic-dr-rsync.t b/tests/geo-rep/georep-basic-dr-rsync.t index 39da524..fd0c4aa 100644 --- a/tests/geo-rep/georep-basic-dr-rsync.t +++ b/tests/geo-rep/georep-basic-dr-rsync.t @@ -57,6 +57,9 @@ EXPECT 4 check_status_num_rows "Created" #15 #Enable_metavolume TEST $GEOREP_CLI $master $slave config use_meta_volume true +#Verify "features.read-only" Option +EXPECT_WITHIN $GEO_REP_TIMEOUT 0 check_slave_read_only $GSV0 + #Start_georep TEST $GEOREP_CLI $master $slave start diff --git a/tests/geo-rep/georep-basic-dr-tarssh.t b/tests/geo-rep/georep-basic-dr-tarssh.t index 5f879db..5331df9 100644 --- a/tests/geo-rep/georep-basic-dr-tarssh.t +++ b/tests/geo-rep/georep-basic-dr-tarssh.t @@ -62,6 +62,9 @@ TEST $GEOREP_CLI $master $slave config use_meta_volume true #Config tarssh as sync-engine TEST $GEOREP_CLI $master $slave config use_tarssh true +#Verify "features.read-only" Option +EXPECT_WITHIN $GEO_REP_TIMEOUT 0 check_slave_read_only $GSV0 + #Start_georep TEST $GEOREP_CLI $master $slave start -- 1.8.3.1