"Stateless Linux" project

[John Hearns]

On Tue, 2004-09-14 at 16:20, Steve Coleman wrote:

> 
> Another suggestion I have is to have a long term objective of 
> incorporating OpenMosix like capabilities in order to add application 
> migration and interprocess communication through network shared IPC. 
Speaking as someone who looks after a Mosix cluster,
from what I've read I doubt Mosix will ever make it into the official 
Linux kernel. A downside for Stateless Linux is that you have to have
the same kernel running on all nodes. As I say, I like Mosix, and look
after it.


> It would also be nice to have some form of a VPN used during the boot 
> process and subsequent distribution of runtime images. Make it easy to 
> boot secure and the rest of the security will fall into place.
I don't see what you are trying to achieve here.
Given a bare-metal machine, the only unique thing on it is the MAC
address on the NIC. That is of course used to allocate DHCP addresses
etc. We, and many other cluster vendors, use the MAC address as the
unique aspect of a node.

Yes, you can generate host keys and have the central server retrieve
them, but that's in the firstboot stage.
Early in the boot/install process you only have the MAC address.
I suspect your concept is 'only securely identifiable machines get
access to the VPN to then get their PXE download, DHCP, image
download...'.  My contention is that the MAC is the only 'key' at this
stage. And swapping machines out for new in a MAC based environment is
easy. If you are considering some physical way to distribute keys
to a VPN then it won't scale - either in the data centre environment 
with 1000's or nodes in a cluster, or in the corporate environment where
a tech would have to deliver a floppy/USB stick/dongle...

I'm happy to be proved wrong. Maybe there's a scheme to allocate keys
over the network.