[Users] Pxeboot
Mike Burns
mburns at redhat.com
Thu Feb 9 03:01:04 UTC 2012
On Thu, 2012-02-09 at 00:11 +0100, Floris Bos / Maxnet wrote:
> > The biggest challenge is that pieces of the oVirt project require there
> > to be persistent storage locally. For example, when you register a node
> > with the engine, a manual step is required to approve the node. After
> > this manual step, some certificates are copied locally into the node and
> > stored. That way, the node can immediately identify itself with the
> > engine and start working with no need to identify itself.
> >
> > To solve this problem, we need to either
> > 1. remove the need to store stuff locally
> > 2. provide some way to package up this config and store it somewhere,
> > then retrieve on boot
> > 3. embed some sort of key or certificate in the pxe image that allows
> > the engine to know that this valid machine and automatically approve it.
>
> Is there a method to pre-generate a set of certificates/configuration
> files for a node?
>
> It is not that hard to let the boot server serve the node-specific
> configuration files as a cpio (initramfs) archive, based on the
> MAC-address of the node.
> The kernel supports having more than one initramfs file, and simply
> combines the files from both archives.
>
It could certainly be a possible solution. There isn't a way to do this
today, but the ability to pre-generate a config bundle is certainly an
interesting thought. My inclination is that this would be a V2 feature
of stateless. First, we need to know everything that we need in the
config bundle. Then we need a way to deploy that on boot. Having it
provided through the pxe interface is something that was brought up as a
way to embed some form of key, but not the config bundle.
Mike
More information about the Users
mailing list