[LU-8229] SSK: allow multiple keys on a single nodemap Created: 01/Jun/16 Updated: 05/Dec/22 |
|
| Status: | Open |
| Project: | Lustre |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Minor |
| Reporter: | Andreas Dilger | Assignee: | WC Triage |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | SSK | ||
| Issue Links: |
|
||||||||
| Rank (Obsolete): | 9223372036854775807 | ||||||||
| Description |
|
The current Shared Secret Key implementation only allows a single key to be set for any nodemap. However, this makes it complex to update the secret key and expire the old key because the key on all the clients and servers need to be updated at the same time. It would be better to allow multiple keys to be active on a single nodemap at one time, so that a new key can be added on the servers, the key can be updated on the clients for their next remount/reconnect, and then the old key can be removed when all clients have been reconnected. |
| Comments |
| Comment by Andreas Dilger [ 02/Jun/16 ] |
|
This is not a necessarily a requirement for SSK functionality, but it is something that was discussed early on that would simplify administration of SSK in a real-world environment. |