On Jan 30, 2018, at 01:39, Ekaterina Popova <[email protected]> wrote: > > Hello! > > I would be very appreciated if you cleared things up to me. > > If we use NFS we can export policies to restrict NFS access to volumes to > clients that match specific parameters. Can I do it on Lustre? Are there any > built-in mechanisms in Lustre filesystem for client access restriction? > > Thank you very much for your assistance in advance!
Since Lustre 2.9 it is possible to use the "nodemap" feature to limit the access client nodes with specific NIDs. If you want stronger authentication than just the client addresses, then you can also use Shared Secret Key or Kerberos to identify the clients from their crypto key or Kerberos ticket. Unidentified clients can be blocked from accessing the filesystem. Cheers, Andreas -- Andreas Dilger Lustre Principal Architect Intel Corporation _______________________________________________ lustre-discuss mailing list [email protected] http://lists.lustre.org/listinfo.cgi/lustre-discuss-lustre.org
