Re: Bootstrapping

From: Luke A. Kanies
Subject: Re: Bootstrapping
Date: Mon, 16 Feb 2004 10:49:39 -0600 (CST)

I forgot something WRT allowing IP addresses:

There are also problems on hosts with multiple IP addresses.  I'm pretty
sure you can tell cfservd to only listen on a given IP address, but
cfagent always connects out of the "default" IP, and I don't think that's

This is particularly problematic on certain clusters -- HACMP (IBM's
clustering for AIX), for instance, changes the hostname when the cluster
fails over, so you'll suddenly have a different host with different keys
connecting under the same hostname.  The only way I know for this to work
is to copy the same key pair to each member of the cluster.  This is kind
of unfortunate, but unless I can tell cfagent to connect as a specific
host through a specific IP address, I don't see a way around this.

As to how to go about automating this sharing of keys, I don't know of a
good way.  I have not yet done so (although I need to).




