On Wed, 6 Dec 2006, Eric Mei wrote:
The Kerberized Lustre is briefly described at
https://mail.clusterfs.com/wikis/lustre/KerbLustre
Interesting!
Questions (keep in mind I have little knowledge of kerberos):
- will that stuff stay in 1.8, or could it be backported to 1.6?
- given the comments on performance overhead, I suspect that krb5i-bulkn
is what most people will be asking for (good authentication and
performance, at the expense of data protection): then why not make it a
basic setting?
- is it mandatory to deploy a keytab on clients? I don't remember having
done that when testing AFS+krb5
- is it really necessary to create a principal for each server node?
- why per OST/MDT mount options? does it make sense (at least for the
common case) to have different options on differents targets?
- why does a root user *not* need kinit to access the fs?
Cheers,
--
Jean-Marc Saffroy - [EMAIL PROTECTED]
_______________________________________________
Lustre-devel mailing list
[email protected]
https://mail.clusterfs.com/mailman/listinfo/lustre-devel
