Hi Kaleb,

It indeed concerns the RHGS 3.4 version (not the opensource version).
When mounting an NFS share from a random client, and the client does not specify vers=4.0 (or vers=4,minorversion=0 for RH6) it will still make a NFSv4.1 connection.
This is why we want to restrict it server-side to prevent issues (we even have a RH case about this since Nov 2017, still open since it will also be discussed with a RH solution architect soon, I was hoping someone from the community would have a solution ready to restrict the NFS version server-side).

Regards,
Nico van Roijen (ING)



----- Oorspronkelijk bericht -----
Van: "Kaleb S. KEITHLEY" <***@redhat.com>
Aan: "gluster-users" <gluster-***@gluster.org>
Verzonden: Zaterdag 24 november 2018 00:20:14
Onderwerp: Re: [Gluster-users] Restricting NFS-Ganesha to use NFSv4.0 only
Who is telling you that 4.1 and 4.2 aren't supported?

Because NFS-Ganesha does, in fact, support NFSv4.1, NFSv4.2, and pNFS.

(Maybe you're thinking of the nfs-ganesha server in Red Hat's RHGS (Red
Hat Gluster Storage) or RHCS (Red Hat Ceph Storage), where 4.1 and 4.2
are not supported.)
_______________________________________________
Gluster-users mailing list
Gluster-***@gluster.org
https://lists.gluster.org/mailman/listinfo/gluster-users

Hi Jiffin ,

Will try that first thing tomorrow!
If that indeed works on the RHGS version a long overdue story on our backlog solved :)

Regards,
Nico van Roijen

----- Oorspronkelijk bericht -----
Van: "Jiffin Thottan" <***@redhat.com>
Aan: "Nico van Royen" <***@van-royen.nl>
Cc: "gluster-users" <gluster-***@gluster.org>
Verzonden: Maandag 26 november 2018 05:50:34
Onderwerp: Re: [Gluster-users] Restricting NFS-Ganesha to use NFSv4.0 only

Hi Nico,

The option is ganesha-server specific option(not per export). U need to mention it in ganesha.conf in the following block
NFSv4 {
minor_versions = 1;
}

Not inside the block of block of volume configuration file



----- Original Message -----
From: "Nico van Royen" <***@van-royen.nl>
To: "gluster-users" <gluster-***@gluster.org>
Sent: Saturday, November 24, 2018 12:12:19 AM
Subject: [Gluster-users] Restricting NFS-Ganesha to use NFSv4.0 only

Hi All,

In a bugzilla ( https://bugzilla.redhat.com/show_bug.cgi?id=1546713 ) I was reading it showed that it should be possible to restrict the NFSv4 usage to only use 4.0 (since 4.1/4.2 is not supported).
To try that, I modified an existing share so it reads :

EXPORT{
Export_Id = 2;
Path = "/DATA";
FSAL {
name = GLUSTER;
hostname="localhost";
volume="DATA";
}
Access_type = RW;
Disable_ACL = true;
Squash="No_root_squash";
Pseudo="/DATA";
Protocols = "4" ;
Transports = "UDP","TCP";
SecType = "sys";
NFSv4 {
minor_versions = 0;
}
}

And restarted the nfs- ganesha service. Seemed to start fine and mounted the share from a client and specifying the mount option "-o vers=4.1" and indeed it mounted it with NFSv4.1 (I was expecting/hoping it would refuse to mount).

What is (or should be) the way to only allow NFSv4.0 exports (if possible at all) ?

Running GlusterFS 3.12 / RHGS 3.4 with packages :
bash-4.2# rpm -qa | grep ganesha
glusterfs- ganesha -3.12.2-18.el7rhgs.x86_64
nfs- ganesha -2.5.5-10.el7rhgs.x86_64
nfs- ganesha -gluster-2.5.5-10.el7rhgs.x86_64

bash-4.2# rpm -qa | grep ^glusterfs
glusterfs-libs-3.12.2-18.el7rhgs.x86_64
glusterfs- ganesha -3.12.2-18.el7rhgs.x86_64
glusterfs-client-xlators-3.12.2-18.el7rhgs.x86_64
glusterfs-fuse-3.12.2-18.el7rhgs.x86_64
glusterfs-cli-3.12.2-18.el7rhgs.x86_64
glusterfs-api-3.12.2-18.el7rhgs.x86_64
glusterfs-server-3.12.2-18.el7rhgs.x86_64
glusterfs-3.12.2-18.el7rhgs.x86_64

Thanks in advance,
Nico van Roijen