Re: [xcat-user] Understanding xcat zones

Sat, 19 Mar 2016 09:49:42 -0700

Zone is used to separate the computes instead of forbidding compute node to access MN.
 
Generally, a new zone will create a root RSA key for all the nodes in the zone, so that only the nodes in the zone can access each other without password. The updatenode command is used to put the new RSA key to the compute node.
 
If you just want to forbid the compute node to access MN without password, remove the compute node's RSA key from /root/.ssh/authorized_keys.

Thanks
Best Regards
----------------------------------------------------------------------
Wang Xiaopeng (王晓朋)
IBM China System Technology Laboratory
Tel: 86-10-82453455
Email: [email protected]
Address: 28,ZhongGuanCun Software Park,No.8 Dong Bei Wang West Road, Haidian District Beijing P.R.China 100193
 
 
----- Original message -----
From: "Baker D.J." <[email protected]>
To: "[email protected]" <[email protected]>
Cc:
Subject: [xcat-user] Understanding xcat zones
Date: Fri, Mar 18, 2016 6:22 PM
 

Hello,

 

We would like to modify our xcat cluster so that if anyone was (fortunate/clever enough) to gain root access then they could not ssh directly in to the management and service nodes. I decided to look at this documentation -- https://sourceforge.net/p/xcat/wiki/Setting_Up_Zones/. Putting a group of nodes in a zone does the trick. I simple did the following…

 

mkzone zone2 -a phi –g

updatenode phi –k

 

These commands do have the desired effect, however I don’t have my head around the updatenode command. What exactly does this do? Presumably that command modifies an ssh key so that password-less access to the management/service nodes no longer works from the phi group. Have I got the essence of what is going on here or missed the boat? Also is that phase that updatenode requests important? Could someone please advise me.

 

Best regards,

David.

------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785231&iu=/4140
_______________________________________________
xCAT-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/xcat-user

------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785231&iu=/4140
_______________________________________________
xCAT-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/xcat-user

Reply via email to