[ClusterLabs] Migrated to corosync 3.x knet become default protocol
Jan Friesse
jfriesse at redhat.com
Mon Jan 30 04:16:49 EST 2023
Hi,
On 30/01/2023 07:14, S Sathish S via Users wrote:
> Hi Team,
>
> In our application we are currently using UDPU as transport protocol with single ring, while migrated to corosync 3.x knet become default protocol.
>
> We need to understand any maintenance overhead that any required certificate/key management would bring in for knet transport protocol (or) it will use existing authorization key /etc/corosync/authkey file for secure communication between nodes using
yes, as long as secauth or crypto_cipher/crypto_hash is configured,
corosync 3.x will happily use existing /etc/corosync/authkey. Eventho I
would recommend to generate new one because new one is longer by default
(2024 bits vs old 1024).
knet transport protocol.
>
>
>
> https://access.redhat.com/solutions/5963941
>
> https://access.redhat.com/solutions/1182463
>
>
> We shouldn't end up in a case where Pacemaker stops working due to some certificate/key expiry?
It's symmetric key so there is no key expiration.
Regards,
Honza
>
> Thanks and Regards,
> S Sathish S
>
>
> _______________________________________________
> Manage your subscription:
> https://lists.clusterlabs.org/mailman/listinfo/users
>
> ClusterLabs home: https://www.clusterlabs.org/
>
More information about the Users
mailing list