[gpfsug-discuss] multicluster security

Aaron Knister aaron.s.knister at nasa.gov
Tue Aug 22 04:03:35 BST 2017


Hi Everyone,

I have a theoretical question about GPFS multiclusters and security. 
Let's say I have clusters A and B. Cluster A is exporting a filesystem 
as read-only to cluster B.

Where does the authorization burden lay? Meaning, does the security rely 
on mmfsd in cluster B to behave itself and enforce the conditions of the 
multi-cluster export? Could someone using the credentials on a 
compromised node in cluster B just start sending arbitrary nsd 
read/write commands to the nsds from cluster A (or something along those 
lines)? Do the NSD servers in cluster A do any sort of sanity or 
security checking on the I/O requests coming from cluster B to the NSDs 
they're serving to exported filesystems?

I imagine any enforcement would go out the window with shared disks in a 
multi-cluster environment since a compromised node could just "dd" over 
the LUNs.

Thanks!

-Aaron

-- 
Aaron Knister
NASA Center for Climate Simulation (Code 606.2)
Goddard Space Flight Center
(301) 286-2776



More information about the gpfsug-discuss mailing list