Re: [lvs-users] ldirectord and kerberos

To:	'LinuxVirtualServer.org users mailing list.' <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: [lvs-users] ldirectord and kerberos
From:	Mrvka Andreas <mrv@xxxxxx>
Date:	Fri, 25 Feb 2011 10:18:11 +0100

Hey,

Thanks to your responses.
Yes it should be the way to make a health check by using kerberos tickets.

Today I've got the idea that ldirectord checks each node and not my cluster 
webpage.
So I am able to create a virtual host in apache which ist name is the node's 
name.
And in this virtual hosts file I define no kerberization.

I hope this should work. :-)

If someone is good at Perl coding it would be great to implement it in 
ldirectord
with some more parameters (REALM, KDC, KRB5_FILE)

Thanks for your fast response!
Andrew


-----Ursprüngliche Nachricht-----
Von: lvs-users-bounces@xxxxxxxxxxxxxxxxxxxxxx 
[mailto:lvs-users-bounces@xxxxxxxxxxxxxxxxxxxxxx] Im Auftrag von Simon Horman
Gesendet: Freitag, 25. Februar 2011 07:53
An: Graeme Fowler
Cc: LinuxVirtualServer.org users mailing list.
Betreff: Re: [lvs-users] ldirectord and kerberos

On Thu, Feb 24, 2011 at 08:31:42PM +0000, Graeme Fowler wrote:
> On Thu, 2011-02-24 at 19:48 +0100, L.S. Keijser wrote:
> > actually, AFAIK kerberos is not 'LVS-compatible'. See:
> 
> That's missing the point slightly, Leon - what I believe Andrew is 
> after is the ability for ldirectord to use a previously obtained & 
> cached Kerberos TGT to obtain a Kerberos service ticket from a KDC and 
> use that in the healthcheck process against the realservers.
> 
> Phew, I typed all the above without taking a breath ;)
> 
> With ldirectord being written in Perl, and there being a pretty well 
> documented module Authen::Krb5 available - it's possible. But right 
> now ldirectord doesn't do that.

I'll add that patches to ldirectord are always welcome.

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx Send 
requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
[lvs-users] ldirectord and kerberos, Mrvka Andreas Re: [lvs-users] ldirectord and kerberos, L.S. Keijser Re: [lvs-users] ldirectord and kerberos, Graeme Fowler Re: [lvs-users] ldirectord and kerberos, L.S. Keijser Re: [lvs-users] ldirectord and kerberos, Simon Horman Re: [lvs-users] ldirectord and kerberos, Mrvka Andreas <=

Previous by Date:	Re: [lvs-users] ldirectord and kerberos, Simon Horman
Previous by Thread:	Re: [lvs-users] ldirectord and kerberos, Simon Horman
Indexes:	[Date] [Thread] [Top] [All Lists]