[Ovirt-devel] [PATCH]: Fix ovirt-identify-node to work at boot time
Darryl Pierce
dpierce at redhat.com
Wed Jun 4 21:10:39 UTC 2008
Daniel P. Berrange wrote:
>> However, in practice oVirt may be deployed on machines with 0 local
>> storage and no TPM. And in these cases the keytab needs to be retrieved
>> on every boot. So our design is to use the local keytab if present, if
>> not, ask for it.
>
> That's fine - I still think the two steps should be separated as you show
> above, with libvirt in the middle :-) Other things which are kerberos
> enabled can potentially be dependant on the keytab setup besides libvirt/
> ovirt, so it makes sense to allow that to be completed as early in boot
> as possible.
So, to be clear, we're talking about the following steps:
1. managed node pings the keytab service
2. keytab service generates (if necessary) a keytab and returns the filename
3. managed node retrieves the keytab if it does not have one
4. managed node starts libvirt
5. managed node collects hardware details and pings the hardware service
6. hardware service grabs the info and updates the Host table
Is that right?
--
Darryl L. Pierce, Sr. Software Engineer
Red Hat, Inc. - http://www.redhat.com/
oVirt - Virtual Machine Management - http://www.ovirt.org/
"What do you care what other people think, Mr. Feynman?"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dpierce.vcf
Type: text/x-vcard
Size: 145 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/ovirt-devel/attachments/20080604/98a1e534/attachment.vcf>
More information about the ovirt-devel
mailing list