James Pan wrote:
Hi,
For the moment, in the CIM model, the cluster is represented by the
HA_Cluster class,
Most attributes of this class is the heartbeat config options. I am
thinking how to bootstrap heartbeat
in a cluster. This may be done by creating a HA_Cluster instance, which
was also metioned in
Robert Wipfel's email.
But because the CIM server may be running on all the cluster nodes. The
CIM client may connect
to any of these nodes for performing the monitor and control tasks. So
there are two different choices:
1, Centralized.
The users just need to connect to only one node in the cluster. And the
users can control the whole cluster
via this node.
In this case, if a user want to create a ha.cf and start up the
heartbeat on a node, what he need to do
is to connect the CIM client to any of the nodes in the cluster, and
create an HA_Cluster instance via
the CIM client. And then the CIM provider will create a ha.cf on this
node, and distribute it to other
ondes. finally the CIM provider on this node will try to start heartbeat
one bye one on each
node in the cluster.
For the specific case of bootstrapping, there is no secure way to do
this. Once you're bootstrapped, you can do anything you like, because
you can have already set up whatever "back doors" you need to do cluster
administration. For example, the cluster management daemon is exactly
such a "back door".
2. Distributed
The users need to connect to the node on which they want to start up
heartbeat.
In this case, if a user want to create a ha.cf and startup the heartbeat
on a node, he must connect
the CIM client to _this_ node before he is able to do any operations.
Therefor there will be many HA_Cluster instances visible to the users,
for example, an instance on Node A,
an instance on Node B, ...
I think the first one is prefered. But in this method, the CIM provider
on Node A must have the capability to
distribute the ha.cf to Node B and startup heartbeat on Node B. We need
a communication mechanism.
More specifically, you need a _secure_ communications mechanism which
allows you to connect to arbitrary machines that aren't part of a
cluster, run things as root, and not damage anyone's idea of security.
This sounds like an "oxymoron" - that is a self-contradictory statement.
But, once you're bootstrapped - that is, you've already opened up
whatever needs to be opened up to give you those permissions - for
example, you've started heartbeat and the cluster management daemon.
--
Alan Robertson <[EMAIL PROTECTED]>
"Openness is the foundation and preservative of friendship... Let me
claim from you at all times your undisguised opinions." - William
Wilberforce
_______________________________________________________
Linux-HA-Dev: [email protected]
http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev
Home Page: http://linux-ha.org/
