[CentOS-devel] NFS Ganesha on EL8 needs redesign

Mon Nov 9 15:29:08 UTC 2020
Strahil Nikolov <hunter86_bg at yahoo.com>

Hello All,

I have been playing around with Ganesha on CentOS 8 and I have noticed some issues so far. Could you assist me in pinpointing the correct location for tracking the issues:
- 'gluster nfs-ganesha enable' builds pacemaker groups that use 'ocf:heartbeat:portblock', but that resource is relying on IPTABLES, while EL8 is using NFTABLES.
- nfs-ganesha.service is starting the process via "/bin/bash -c" which SELINUX hates and of course blocks. Custom selinux policies were needed.
- the glusterfs-ganesha.x86_64 rpm is deploying the following boolean 'semanage boolean -m ganesha_use_fusefs --on' but it seems that something disables it. Manual setting of 'setsebool -P ganesha_use_fusefs 1' is necessary
- rpcbind is blocked by selinux, I had to enable 'rpcd_use_fusefs'
- nfs-ganesha.service is starting before the shared volume is mounted locally, dependency is needed like this one:
[root at glustera ~]# cat /etc/systemd/system/nfs-ganesha.service.d/01-debug.conf                                      
[Unit]
After=run-gluster-shared_storage.mount
Requires=run-gluster-shared_storage.mount

I will rebuild my cluster to find out if I missed something.
Any feedback is appreciated.

P.S.: If anyone is interested , I can share the deployment procedure.


Best Regards,
Strahil Nikolov