Users March 2023

users@lists.kronosnet.org

1 participants
1 discussions

Re: Migrated to corosync 3.x knet become default protocol

by Fabio M. Di Nitto

Hi Sathish, apology for the super late reply. I have been on sick leave for a long time. comments inline On 30/01/2023 08.38, S Sathish S wrote: > Hi Team, > > In our application we are currently using UDPU as transport protocol > with single ring, while migrated to corosync 3.x knet become default > protocol. > > We need to understand any maintenance overhead that any required > certificate/key management would bring in for knet transport protocol > (or) it > > will use existing authorization key /etc/corosync/authkey file for > secure communication between nodes using knet transport protocol. there is no extra maintenance. In fact, knet should make it easier. corosync will continue to use the same authkey and load it into knet. knet and corosync, in recent versions also allow runtime change of the authkey without shutting down the cluster and restart. It should be possible to update authkey and issue a config reload for corosync. This feature requires all nodes of the cluster to be online. > > https://access.redhat.com/solutions/5963941 > <https://access.redhat.com/solutions/5963941> > > https://access.redhat.com/solutions/1182463 > <https://access.redhat.com/solutions/1182463> > > We shouldn't end up in a case where Pacemaker stops working due to some > certificate/key expiry? No, that won´t be the case as knet and corosync use a different encryption method than pacemaker. Cheers Fabio > > Thanks and Regards, > > S Sathish S > > > _______________________________________________ > Users mailing list -- users(a)lists.kronosnet.org > To unsubscribe send an email to users-leave(a)lists.kronosnet.org

8 months, 2 weeks

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Users March 2023