James Pan wrote:
Hi,
For the moment, in the CIM model, the cluster is represented by the HA_Cluster class, Most attributes of this class is the heartbeat config options. I am thinking how to bootstrap heartbeat in a cluster. This may be done by creating a HA_Cluster instance, which was also metioned in
Robert Wipfel's email.

But because the CIM server may be running on all the cluster nodes. The CIM client may connect to any of these nodes for performing the monitor and control tasks. So there are two different choices:

1, Centralized.
The users just need to connect to only one node in the cluster. And the users can control the whole cluster
via this node.

In this case, if a user want to create a ha.cf and start up the heartbeat on a node, what he need to do is to connect the CIM client to any of the nodes in the cluster, and create an HA_Cluster instance via the CIM client. And then the CIM provider will create a ha.cf on this node, and distribute it to other ondes. finally the CIM provider on this node will try to start heartbeat one bye one on each
node in the cluster.

For the specific case of bootstrapping, there is no secure way to do this. Once you're bootstrapped, you can do anything you like, because you can have already set up whatever "back doors" you need to do cluster administration. For example, the cluster management daemon is exactly such a "back door".

2. Distributed
The users need to connect to the node on which they want to start up heartbeat. In this case, if a user want to create a ha.cf and startup the heartbeat on a node, he must connect
the CIM client to _this_ node before he is able to do any operations.
Therefor there will be many HA_Cluster instances visible to the users, for example, an instance on Node A,
an instance on Node B, ...


I think the first one is prefered. But in this method, the CIM provider on Node A must have the capability to distribute the ha.cf to Node B and startup heartbeat on Node B. We need a communication mechanism.

More specifically, you need a _secure_ communications mechanism which allows you to connect to arbitrary machines that aren't part of a cluster, run things as root, and not damage anyone's idea of security.

This sounds like an "oxymoron" - that is a self-contradictory statement.

But, once you're bootstrapped - that is, you've already opened up whatever needs to be opened up to give you those permissions - for example, you've started heartbeat and the cluster management daemon.

--
    Alan Robertson <[EMAIL PROTECTED]>

"Openness is the foundation and preservative of friendship... Let me claim from you at all times your undisguised opinions." - William Wilberforce
_______________________________________________________
Linux-HA-Dev: [email protected]
http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev
Home Page: http://linux-ha.org/

Reply via email to