20.8. Disabling Network Encryption

Follow this section to disable network encryption on clients and servers.

Procedure 20.13. Disabling I/O encryption

  1. Unmount volumes from all clients

    Run the following command on each client for any volume that should have encryption disabled. 
    # umount /mountpoint

  2. Stop encrypted volumes

    Run the following command on any server to stop volumes that should have encryption disabled. 
    # gluster volume stop volname

  3. Disable server and client SSL usage

    Run the following commands for each volume that should have encryption disabled. 
    # gluster volume set volname server.ssl off
# gluster volume set volname client.ssl off

  4. Start volumes

    # gluster volume start volname

  5. Mount volumes on clients

    The process for mounting a volume depends on the protocol your client is using. The following command mounts a volume using the native FUSE protocol. 
    # mount -t glusterfs server1:/testvolume /mnt/glusterfs

Procedure 20.14. Disabling management encryption

  1. Unmount volumes from all clients

    Run the following command on each client for any volume that should have encryption disabled. 
    # umount /mountpoint

  2. Stop glusterd on all nodes

    For Red Hat Enterprise Linux 7 based installations: 
    # systemctl stop glusterd
    For Red Hat Enterprise Linux 6 based installations: 
    # service glusterd stop

    Important

    Red Hat Gluster Storage is not supported on Red Hat Enterprise Linux 6 (RHEL 6) from 3.5 Batch Update 1 onwards. See Version Details table in section Red Hat Gluster Storage Software Components and Versions of the Installation Guide

  3. Remove the secure-access file

    Run the following command on all servers and clients to remove the secure-access file. You can just rename the file if you are only disabling encryption temporarily. 
    # rm -f /var/lib/glusterd/secure-access

  4. Start glusterd on all nodes

    For Red Hat Enterprise Linux 7 based installations: 
    # systemctl start glusterd
    For Red Hat Enterprise Linux 6 based installations: 
    # service glusterd start

    Important

    Red Hat Gluster Storage is not supported on Red Hat Enterprise Linux 6 (RHEL 6) from 3.5 Batch Update 1 onwards. See Version Details table in section Red Hat Gluster Storage Software Components and Versions of the Installation Guide

  5. Mount volumes on clients

    The process for mounting a volume depends on the protocol your client is using. The following command mounts a volume using the native FUSE protocol. 
    # mount -t glusterfs server1:/testvolume /mnt/glusterfs

Important

If you are permanently disabling network encryption, you can now delete the SSL certificate files. Do not delete these files if you are only disabling encryption temporarily.