Red Hat Bugzilla – Bug 206661
Conga needs a method of re-authenticating nodes
Last modified: 2009-04-16 18:24:12 EDT
If a cluster is added to the management interface while at least one node cannot
be authenticated, or if conga is no longer authenticated to the ricci agent on a
node (f.e., because the node was reimaged and has new ssl keys, or a new node
was added to the cluster via a method other than using luci), conga needs a way
to allow users to reauthenticate to those nodes.
Devel ACK for RHEL 5.0.0 Beta2
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux release. Product Management has requested further review
of this request by Red Hat Engineering. This request is not yet committed for
inclusion in release.
QE ack for RHEL5B2 according to section 21a of the release criteria.
Unless someone objects vehemently, am moving this to be a RC blocker rather than
a Beta 2 blocker. There is a documentable workaround for now. Jim or Ryan,
please update the bugzilla with the workaround.
If you were to uninstall and then re-install ricci on a system, ricci would lose
its luci cert, and there is no simple pushbutton in luci that says,
re-authenticate with this ricci agent.
It is possible, however, to delete the system from the luci database and then
add it back in. The process of re-adding it will re-authenticate luci with that
system. Because there is a work around for this issue, I think we should remove
its blocker status and include this description in the user manual.
Note that this bugzilla is marked FutureFeature and features must be complete by
RHEL 5 Beta 2 Feature Freeze on Oct 16.
However, it seems that this bugzilla will be resolved via documentation and thus
would not be a FutureFeature.
If you agree, please clear the Keyword and change the component to rh-cs-en and
assign to component owner.
Moving this to RHEL5.1 release request. Workaround is adequate for first
release. Not sure this will be a major problem in the field, more of an issue
in our development environments. Also, work around should be sufficient for the
There is (better) support for this in the 0.20 build that will be in the beta.
In that version, Luci should automatically identify which nodes need
reauthentication (or initial auth in the case of adding a cluster with one or
more nodes down/hosed at the time of addition to the management interface), and
there's a form in the "Manage Systems" portal item under the "Homebase" tab
where you can authenticate these hosts and add more, if you wish.
closing this out. the functionality exists in the 0.8-20 release.