From 4aa96a832c5f366efd65cc71504db82c75d176cf Mon Sep 17 00:00:00 2001 From: Andy McCrae Date: Mon, 7 Nov 2016 14:43:18 +0000 Subject: [PATCH] Set rsync to not perform reverse lookups We don't setup hosts entries for replication addresses on storage hosts, by default. Rsync is performing a reverse lookup on each rsync, and failing. We should turn this reverse lookup off by default, but allow this to be set to True. This PR adds the "swift_rsync_reverse_lookup" boolean which is defaulted to false. Change-Id: Ie98113fd71a70ce9c74c3812046be6959b9a353f --- defaults/main.yml | 3 +++ .../notes/rsync_reverse_lookup-609fb68be712a5e4.yaml | 11 +++++++++++ templates/rsyncd.conf.j2 | 1 + 3 files changed, 15 insertions(+) create mode 100644 releasenotes/notes/rsync_reverse_lookup-609fb68be712a5e4.yaml diff --git a/defaults/main.yml b/defaults/main.yml index 2e832cea..fad8c811 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -240,6 +240,9 @@ swift_object_max_rsync_connections: "{{ swift_max_rsync_connections }}" # Set Swift to use rsync module per object server drive swift_rsync_module_per_drive: False +# Set Swift to use reverse lookup - requires name resolution or hosts entries +swift_rsync_reverse_lookup: False + # Set the managed regions as a list of swift regions to manage # Use for global clusters, default when not set is all regions. # swift_managed_regions: diff --git a/releasenotes/notes/rsync_reverse_lookup-609fb68be712a5e4.yaml b/releasenotes/notes/rsync_reverse_lookup-609fb68be712a5e4.yaml new file mode 100644 index 00000000..3210ca37 --- /dev/null +++ b/releasenotes/notes/rsync_reverse_lookup-609fb68be712a5e4.yaml @@ -0,0 +1,11 @@ +--- +features: + - The ``swift_rsync_reverse_lookup`` option has been added. This setting + will handle whether rsync performs reverse lookups on client IP + addresses, and will default to ``False``. We recommend leaving this + option at ``False``, unless DNS or host entries exist for each swift + host's replication address. +upgrade: + - The default behaviour of rsync, to perform reverse lookups, has + been changed to ``False``. This can be set to ``True`` by + setting the ``swift_rsync_reverse_lookup`` variable to ``True``. diff --git a/templates/rsyncd.conf.j2 b/templates/rsyncd.conf.j2 index 5ea2e46b..db6c8852 100644 --- a/templates/rsyncd.conf.j2 +++ b/templates/rsyncd.conf.j2 @@ -4,6 +4,7 @@ uid = {{ swift_system_user_name }} gid = {{ swift_system_group_name }} log file = /var/log/rsyncd.log pid file = /var/run/rsyncd.pid +reverse lookup = {{ swift_rsync_reverse_lookup | bool }} address = {{ swift_replication_address }} [account]