[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Vrs-development] Cluster image security/privacy question
From: |
Chris Smith |
Subject: |
Re: [Vrs-development] Cluster image security/privacy question |
Date: |
Thu, 2 May 2002 12:11:47 +0100 |
On Thursday 02 May 2002 08:28, address@hidden wrote:
> Each LDS gets a node id when joining the VRS. If any LDS requires
> information from any other LDS, it will use the node id to request
> information. The LDS which needs the information will use some thing
> similiar to ARP and the LDS providing the info will use RARP for
> authentication.
>
> Does this make sense
Yes it does, but it goes against the architecture I've been working on.
Why is the IP address of an LDS node regarded as 'sensitive' ?
The way I've been putting the Cluster together is through Goldwater Domains,
because they inherrently form clusters - and Goldwater internally holds the
IP addresses of the other domains in internal tables. It provides
transparent message routing and automatic failover (if configured that way),
so it needs the IP addresses.
Each domain (ie an LDS node) is namespaced (like the ID you talk about, but
assigned by the owner of the LDS to be something unique such as
'BillsLDS.somewhere.bill.has.his.machine.com'), so when one LDS sends a
message or requests a resource from another LDS, it does so through
namespacing. ie Sending the data request
'BillsLDS.<snip>.com:/LDS/CM/GetSomeResource' causes Goldwater to route that
straight to whatever LDS is identified by the BillsLDS namespace.... and you
can even send messages to '*:/LDS/CM/WhoWantsThisMsg' (which is the same as
sending to '/LDS/CM/WhoWantsThisMsg') - there are no IP addresses involved,
Goldwater does it all in the background - but it has to maintain an IP <->
namespace table at each node.
Is this going to be a problem? It really stuffs things up if it is as I was
kind of hoping that the whole Goldwater Domain concept would allow us to
build the cluster without ever having to think about the network, and be
comfortable that if Goldwater says that an LDS is present, then it IS
present, because of all the sanity checks and polling that Goldwater does in
the background.
I suppose I could get Goldwater to 'hide' the IP addresses (so they can't be
viewed through the administration tool), or even look them up on demand - but
they've got to be stored 'somewhere' ultimately.
Thoughts guys?
Chris
--
Chris Smith
Technical Architect - netFluid Technology Limited.
"Internet Technologies, Distributed Systems and Tuxedo Consultancy"
E: address@hidden W: http://www.nfluid.co.uk