The authentication scheme used for GPFS multi-clustering is similar to what other frameworks (e.g. ssh) do for private/public auth: each cluster has a private key and a public key. The key pair only needs to be generated once (unless you want to periodically regenerate it for higher security; this is different from enabling authentication for the very first time and can be done without downtime). The public key can then be exchanged with multiple remote clusters.
yuri From: Damir Krstic <[email protected]> To: gpfsug main discussion list <[email protected]>, Date: 02/17/2016 01:08 PM Subject: [gpfsug-discuss] question about remote cluster mounting Sent by: [email protected] In our current environment we have a storage gpfs cluster and a compute gpfs cluster. We use gpfs remote cluster mounting mechanism to mount storage cluster on compute cluster. So far so good. We are about to introduce 3rd storage cluster in our environment and question I have is about gpfs authorization keys. More specifically, when we initially did remote cluster mounting, we had to run mmauth command on both the storage cluster and the compute cluster and then share the keys between the clusters. With the third storage cluster, can we re-use authorization key from compute cluster and share it with the new storage cluster? The reason for this question is I am hoping to minimize downtime on our compute cluster and I remember having to shut gpfs down when issuing mmauth command so I am hoping I can re-use the compute cluster key without shutting gpfs down. Thanks, Damir _______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org http://gpfsug.org/mailman/listinfo/gpfsug-discuss
_______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org http://gpfsug.org/mailman/listinfo/gpfsug-discuss
