6.3 Setting up a Slave Nodes for Geo-replication

It is possible for the geo-replication service to connect from the master cluster to the slave cluster using the root account. However for this to happen, the SSH connections that are used to synchronize the data are required to connect to the root user. Exposing ssh access for a root user is not good practice for security reasons. On production systems, it is preferable that you create a user and group specifically for the purpose of handling these connections on each of the slave node systems.

$ sudo useradd georep

Substitute georep with a username that you intend to use for this purpose. You can choose to either rely on the group that is created for this user, or if you want to use an alternate group, you can create a separate group and add the new user to this group.

Note that on at least one slave host you should set the password for this user, so that you are able to copy an ssh key to the host later during the configuration.

You can now configure the gluster mountbroker to automatically handle mounting the volume that you intend to use for mirroring with the appropriate permissions. On any single slave node system, you can run the gluster-mountbroker command to do this:

  1. Set up the gluster mountbroker for the new account that you have created:

    $ sudo gluster-mountbroker setup /var/mountbroker-root georep

    This command sets up a root folder for all volumes handled by the mountbroker. Typically, this is set to /var/mountbroker-root, but you can set this to any location on your slave nodes. Note that the directory is created on all nodes when the command is run. Substitute georep with the group that should have permission to this folder. usually this matches the value of the username that you created for this purpose, but if more than one user may access this data, you may want to define a broader group.

  2. Add a volume on your existing slave cluster to the mountbroker.

    $ sudo gluster-mountbroker add slavevol georep

    Substitute slavevol with the name of the volume that you intend to use on your slave cluster. Substitute georep with the name of the user that you created for this purpose.

  3. Check the status of the mountbroker to determine whether everything is set up correctly:

    $ sudo gluster-mountbroker status

Once the mountbroker is configured, restart the glusterd service on all of the slave cluster nodes:

$ sudo systemctl restart glusterd

This step ensures that glusterd becomes aware of the mountbroker configuration.