Re: [Testbed-admins] Minibosses

[Robert P Ricci <ricci@cs.utah.edu>]

Thus spake Pat Gunn on Tue, May 05, 2009 at 06:08:03PM -0400:
> So perhaps our code path could look like this:
> 
> 1) Client boots into maintenance image, things happen, it is ready to be
> 	imaged
> 2) Client asks boss what to do
> 3)
> 	a) If there's a miniboss for the client, boss hands an URL to that.
> 	b) If the client is otherwise a widearea node, boss provides an URL
> 		telling it to fetch the image from ops/fs via FTP/HTTPS
> 	c) If the client is local, boss tells the client to run frisbee via
> 		a swam managed by ops/fs
> 4) Client starts the request
> 5(a/b) ops/fs gets the request, and passes credentials to boss to ask if it 
> can
> 	proceed. Boss presumably says yes
> 6) Client gets image from ops/fs/frisbee swarm

Another possibility: we're not using it in production, but we do have
support for encryption in imagezip and imageunzip (and I think adding it
to frisbee should be easy, since frisbee uses imageunzip as a library).
I wonder if this is the time to dust it off and use it. Then, all the
client has to do is get the decryption key from boss via tcmd, and
nobody else has to worry about permissions at all.

-- 
/-----------------------------------------------------------
| Robert P Ricci <ricci@cs.utah.edu> | <ricci@flux.utah.edu>
| Research Associate, University of Utah Flux Group
| www.flux.utah.edu | www.emulab.net
\-----------------------------------------------------------