Revision a5bca3e9 doc/design-2.1.rst
b/doc/design-2.1.rst | ||
---|---|---|
114 | 114 |
In order to allow fast and highly available access read-only to some |
115 | 115 |
configuration values, we'll create a new ganeti-confd daemon, which will run on |
116 | 116 |
master candidates. This daemon will talk via UDP, and authenticate messages |
117 |
using HMAC with a cluster-wide shared key. |
|
117 |
using HMAC with a cluster-wide shared key. This key will be generated at |
|
118 |
cluster init time, and stored on the clusters alongside the ganeti SSL keys, |
|
119 |
and readable only by root. |
|
118 | 120 |
|
119 | 121 |
An interested client can query a value by making a request to a subset of the |
120 | 122 |
cluster master candidates. It will then wait to get a few responses, and use |
Also available in: Unified diff