On Friday 25 March 2011 00:28:11 Gabi Kliot wrote:
Hi Alexandre
I am actually not familiar with CREDD deamon and do not know if this
service semantics will work correctly with the primary-backup approach of
the Condor HA solution. I also don't know how its state is maintained
(stateless, files on NFS, ...), which makes a big difference for HA.
You would need to ask Condor experts on this.
So I guess the short answer to my original question is "no, CREDD is not
supported in a HA installation". This is a pity because it leaves a single
point of failure.
On Windows at least (not my platform of choice, but I did not have my word on
this...) the CREDD data is stored in the Windows registry. The data is sent to
the CREDD by the users using the condor_store_cred command, so there seems to
be nothing which would prevent a "master" CREDD from mirroring that DB to
other "secondary" CREDDs. Now, this is still work to be done, and I'm not sure
I'll have the time to work on a patch for this in the next weeks (I have some
tight schedule on the project which needs this), so I will probably try to
work around the issue.
I nevertheless feel that supporting this out of the box in a future release
would be a great step forward for Condor.
Thanks for your taking the time to answer the question.
