On Thu, 2012-02-09 at 00:11 +0100, Floris Bos / Maxnet wrote: > > The biggest challenge is that pieces of the oVirt project require there > > to be persistent storage locally. For example, when you register a node > > with the engine, a manual step is required to approve the node. After > > this manual step, some certificates are copied locally into the node and > > stored. That way, the node can immediately identify itself with the > > engine and start working with no need to identify itself. > > > > To solve this problem, we need to either > > 1. remove the need to store stuff locally > > 2. provide some way to package up this config and store it somewhere, > > then retrieve on boot > > 3. embed some sort of key or certificate in the pxe image that allows > > the engine to know that this valid machine and automatically approve it. > > Is there a method to pre-generate a set of certificates/configuration > files for a node? > > It is not that hard to let the boot server serve the node-specific > configuration files as a cpio (initramfs) archive, based on the > MAC-address of the node. > The kernel supports having more than one initramfs file, and simply > combines the files from both archives. >
It could certainly be a possible solution. There isn't a way to do this today, but the ability to pre-generate a config bundle is certainly an interesting thought. My inclination is that this would be a V2 feature of stateless. First, we need to know everything that we need in the config bundle. Then we need a way to deploy that on boot. Having it provided through the pxe interface is something that was brought up as a way to embed some form of key, but not the config bundle. Mike _______________________________________________ Users mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/users
