...
Mom is allowed to create vnodes using the vnode def file. But mom does not have permission to create a natural node. Natural node won't get created unless that mom is explicitly added by a qmgr command. The proposed design will allow the mom to create the natural node and join herself to the cluster without needing an explicit qmgr command.
Admin needs to ensure the server and mom are in a secure environment.
The name of the natural node will be the non-canonicalized hostname returned by gethostname(). This can be changed using PBS_MOM_NODE_NAME variable in the PBS conf file.
qmgr create/delete node operation will still be honoured.
Server will accept the mom without a create node only if one of the below is used for authentication:
Munge/TLS/Kerberos or reserved port authentication with a shared secret.
Reserved port authentication with a shared secret
$PBS_HOME/server_priv/pbs_secret and $PBS_HOME/server_priv/pbs_secret are the files where user can place the key used for exchange.
This file needs to be owned by the same user ID who runs the server/mom daemons. The file permissions need to be set as 0600.
When mom communicating with the server/mom, it will send the hash of the IP address of the sender using the key provided. The receiver will verify the authenticity by generating the hash of the sender’s IP using the key it has.
...
Project Documentation Main Page
...