Re: [HTCondor-users] populating a pool signing key to a new HA collector/scheduler?

[Tim Theisen <tim@xxxxxxxxxxx>]

Hi Thomas,

The TOFU mechanism is not designed to work between two collectors. So, 
you'll need to populate the existing key via a different trusted mechanism.

...Tim

On 5/5/23 09:01, Thomas Hartmann wrote:
> Hi all,
>
> short question, but it is possible to populate a newly spawned central 
> manager (collector/scheduler) with a pool's signing key from an 
> existing central manager?
> I.e., when spawning a new cluster, assuming that a collector 
> initializes itself with a a fresh pool signing key, can I populate 
> another collector showing up with the same signing key with a 
> TOFU-like request auto approval?
> Or is it better to populate the new central manager with an existing 
> key via a parallel trusted path (Puppet, Ansible,...)?
>
> Cheers,
> ÂThomas
>
> _______________________________________________
> HTCondor-users mailing list
> To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
> subject: Unsubscribe
> You can also unsubscribe by visiting
> https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users
>
> The archives can be found at:
> https://lists.cs.wisc.edu/archive/htcondor-users/

--
Tim Theisen (he, him, his)
Release Manager
HTCondor & Open Science Grid
Center for High Throughput Computing
Department of Computer Sciences
University of Wisconsin - Madison
4261 Computer Sciences and Statistics
1210 W Dayton St
Madison, WI 53706-1685
+1 608 265 5736