Detailing SSH part of 'desing-node-security'
This patch elaborates the node security design wrt to SSHkey handling to make sure it is feasible before startingthe implementation.In this updated design the first and more simple proposalof simply removing the private root key from normal nodes...
Update style guide with respect to Haskell imports
With the number of imports increasing, our style hasevolved over time.
- We don't distinguish between standard and non-standard non-Ganeti libraries any more.
- To help the reader identify which library a function is...
Merge branch 'stable-2.11' into master
Add luxid group to 'users-setup'
The creation of the luxid group was missing in the'users-setup' script. Ganeti will refuse to startif this group does not exist on a node when usingsplit-user mode.
Signed-off-by: Helga Velroyen <helgav@google.com>Reviewed-by: Jose Lopes <jabolopes@google.com>
design: keep WConfD's protocols stateless
To simplify the setup, keep all protocols of WConfD stateless. This impliesthat the job id has to be sent with every resource request. Also clarify thatthe owner of a resource is the pair of the job id and the file for job death...
hsqueeze also partially implemented in 2.11
Signed-off-by: Klaus Aehlig <aehlig@google.com>Reviewed-by: Helga Velroyen <helgav@google.com>
Add default arguments for WConfd to scripts
In particular, this enables debug logging for WConfd on our testenvironment.
Signed-off-by: Petr Pudlak <pudlak@google.com>Reviewed-by: Klaus Aehlig <aehlig@google.com>
Updating security doc wrt to SSL security
This patch updates the security document with respect tothe recent changes in RPC security. For details seedesign-node-security.
Signed-off-by: Helga Velroyen <helgav@google.com>Reviewed-by: Klaus Aehlig <aehlig@google.com>
Update design docs for 2.11
Updating the status of the design docs in 2.11.
View revisions
Also available in: Atom