Commit 4a1821de authored by Guido Trotter's avatar Guido Trotter

design-2.1: clarify confd usage of serial numbers

Signed-off-by: default avatarGuido Trotter <ultrotter@google.com>
Reviewed-by: default avatarIustin Pop <iustin@google.com>
parent 9b739173
......@@ -118,10 +118,11 @@ using HMAC with a cluster-wide shared key.
An interested client can query a value by making a request to a subset of the
cluster master candidates. It will then wait to get a few responses, and use
the one with the highest configuration serial number (which will be always
included in the answer). If some candidates are stale, or we are in the middle
of a configuration update, various master candidates may return different
values, and this should make sure the most recent information is used.
the one with the highest configuration serial number. Since the configuration
serial number is increased each time the ganeti config is updated, and the
serial number is included in all answers, this can be used to make sure to use
the most recent answer, in case some master candidates are stale or in the
middle of a configuration update.
In order to prevent replay attacks queries will contain the current unix
timestamp according to the client, and the server will verify that its
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment