Menu
▾
▴
Re: [Moosefs-users] MooseFS behind a firewall
|
From: Travis H. <tra...@tr...> - 2012-05-25 21:44:14
|
No, it is not possible to have the master server "proxy" the communications to all of the chunk servers thru a single public IP address connection on the master. This is by design of the cluster nature of the file system. I have found in practice the "chatter" between the mfsmount client, master server, and chunk servers do not perform as well as What works well to achieve this kind of "single node" / IP address point of access is to use a different network file share protocol, such as CIFS (Samba) or AFP (netatalk) services, or SSHFS ( a FUSE based file system mount over SSH). I have had good success with the latter as it works well with my existing SSH access to the site. Where by you create a gateway machine that runs these service(s), having both public and internal IP address segments, so this gateway machine mounts the moose file system. I guess for simple or small deployments you could put these services on the same machine as the moosefs master, but from a security stand point it might make sense to have them separate. Additionally for CIFS and AFP there are considerations needed to secure these protocols, such as firewall rules or tunneling them thru SSH. On 12-05-25 3:45 PM, Boris Epstein wrote: > Hello all, > > I am trying to run a MooseFS installation in such a way as to control > access to the servers involved. For instance, all my servers are on a > private network and only the master server is intended to have an > external interface. But it looks like the clients need to communicate > to the chunk servers directly - and that was the sort of thing I was > trying to avoid, if at all possible. Is that possible? Can the master > server manage all the traffic to and from the clients? > > Thanks. > > Boris. > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > > _______________________________________________ > moosefs-users mailing list > moo...@li... > https://lists.sourceforge.net/lists/listinfo/moosefs-users |
