if a restauth key is missing in config
file or if restauth is set to true,
glusterd2 will do token authentication.
Authentication can be disabled by
by setting restauth key in the configuration
to false.
updated test cases to use authentication
if auth file is present
added default rest authentication in glustercli
Signed-off-by: Madhu Rajanna <mrajanna@redhat.com>
For all practical purposes, in real usage and in tests, the configurable
paths `workdir` and `localstatedir` are set to the same directory which
defaults to `/var/lib/glusterd2` or `/user/local/var/lib/glusterd2`
Unlike glusterd1, glusterd2 does not daemonize itself. The working
directory of the process can be meaningfully set to either current
working directory from where glusterd2 process is started or to
`localstatedir` where glusterd2 stores all its data. We choose the
latter.
This change also reduces ambiguity for users and one less thing to
configure.
Signed-off-by: Prashanth Pai <ppai@redhat.com>
If `PREFIX` is `/usr` then `logdir`, `rundir` and `localstatedir`
should not contain the prefix.
**Global default configuration**: Based on the `--prefix` used during
installation/make global config should be installed in
`$PREFIX/etc/glusterfs/glusterd2.toml`. All the default values from
code should be moved to this file.
**Removed logic to pick config file from current directory**: Since
Glusterd2 will be run as daemon or background process, automatically
picking config file from current directory will add confusion to
users. For development, if global config file not exists then it loads
config file from the current directory.
**Config file as argument**: Glusterd2 applies global configurations
first and then applies this configuration to overwrite the values
if any.
Signed-off-by: Aravinda VK <avishwan@redhat.com>
Previously, e2e tests were hard-coding the base workdir in
the main_test.go file and in the config toml files. This change
centralizes the base path in a top-level variable and makes
it possible to specify custom values for the workdir. This
can be useful if /tmp is inappropriate for this task on a
particular system or if multiple e2e tests are to be run in
parallel so that the caller may specify unique paths for
each test.
The toml files are adjusted to contain relative paths.
Signed-off-by: John Mulligan <jmulligan@redhat.com>
...except for the tests.
Rundir should be in a place like /var/run which doesn't persist across
reboots. Further some socket files and pid files were in '/var/run' and
few others in '/var/run/gluster'. With this change, everything goes into
the same rundir.
See this bug and fix for some historical context:
https://bugzilla.redhat.com/show_bug.cgi?id=1258561
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Added REST API authentication middleware. On Glusterd2 start, it
generates `$WORKDIR/auth` file with random string if not exists.
Local CLI/Curl can use that auth file and add Authorization request.
Note: User management is not covered in this patch. Limited to local
consumers only who can access `$WORKDIR/auth`. Auth is disabled by
default which can be enabled using config file option `restauth=true`
CLI needs new flag `--auth-file` to accept path for auth file similar
to Glusterd1 CLI flag `glusterd-sock`
Updates: #252
Signed-off-by: Aravinda VK <avishwan@redhat.com>
