[CentOS] redundant networked secure file system recommendation

Wed Jul 21 20:03:58 UTC 2010
Devin Reade <gdr at gno.org>

Boris Epstein <borepstein at gmail.com> wrote:

> We are currently running a NFS-based server centric setup. I would
> like to set up something where I can easily have more than one
> redundant server, security/authentication

Have you considered an NFS cluster based on pacemaker/openais/corosync?
See <http://www.clusterlabs.org/>.  One possible config is an active/passive
cluster using NFS on top of DRBD.  I've never clustered samba, but it
looks like others have done it:
<http://dev.gentoo.org/~wschlich/src/sys-cluster/heartbeat-scripts-4/ocf-ra/samba>

Google will show you various problems with active/active clusters related to
both GFS2 and samba.  Don't try to have your NFS servers also be NFS
clients.

For reasonable security/authentication, you'd probably want to integrate
with kerberos.

Devin