1) Any PXE built cluster which has it running anyway.
2) Any thin-oscar cluster which MUST have it running.
3) In the future, we'll want server-side boot control of the nodes, which also requires PXE for commodity components. (I suggested this at the meeting, etc... having the option to have all nodes boot from the network, and THEN find out whether to boot from their disks or not) This is key in eliminating meat puppet use and helping scalability so we can compare with competing tools.)
What's more, any cluster with pfilter on it already has little need to worry about tftpd running. Picky as I am, that's still not good enough, since I want to support the cases which can't use pfilter for whatever reason. For those cases (might as well be all cases including pfilter protected clusters), I suggest tcp_wrappers for tftpd.
So my basic point is, security shouldn't be an issue. Any other reason not to do it? Anyone have any usage data of PXE vs floppy installed OSCAR clusters? That may also be helpful in telling us if this even matters.
Jeremy
At 04:44 PM 1/22/2003 -0500, Sean Dague wrote:
On Wed, Jan 22, 2003 at 03:18:29PM -0600, Jeremy Enos wrote: > We're brainstorming here about ways to enhance/simplify the MAC collection > step, and a question came up- Why do we have the "Setup Network Boot" > button instead of just setting it up automatically all the time? It seems > harmless enough- doesn't affect floppy booting, etc.Because it enables a service like tftp, which is the most insecure thing you can do to a box. Why do that if you are in a floppy only environment. -Sean -- _______________________________________________________________________ Sean Dague [EMAIL PROTECTED] http://dague.net There is no silver bullet. Plus, werewolves make better neighbors than zombies, and they tend to keep the vampire population down. _______________________________________________________________________
------------------------------------------------------- This SF.net email is sponsored by: Scholarships for Techies! Can't afford IT training? All 2003 ictp students receive scholarships. Get hands-on training in Microsoft, Cisco, Sun, Linux/UNIX, and more. www.ictp.com/training/sourceforge.asp _______________________________________________ Oscar-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/oscar-devel
