Uploaded image for project: 'CFEngine Community'
  1. CFEngine Community
  2. CFE-1487

persistent host identity

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Open
    • Priority: High
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Environment Detection
    • Labels:
      None

      Description

      Currently CFEngine establishes a host's identity by its key SHA or MD5. A better method is needed, something that doesn't change when the key is changed and which allows keys to be shared between machines. This becomes crucial in grid systems that share keys, like what Bas is running, and for network-scale policy (orchestration).

      The identity should not change if a machine has a new IP address, a new network card or MAC address, a new CPU, or any other component. I am not aware of a standard way to do this.

      The method must scale to 50K nodes and should scale to 1 million (going higher is not realistic IMO) across a mix of network links, LAN or WAN.

      A simple method would be to generate a UUID into /etc/machine.uuid. That would persist if CFEngine was reinstalled and would be independent of the key hash.

      I am creating this in the community issue tracker because I think it merits comments and visibility from the community.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                jiraadmin Old User (Inactive)
              • Votes:
                1 Vote for this issue
                Watchers:
                12 Start watching this issue

                Dates

                • Created:
                  Updated:

                  Summary Panel