Allow $site_path/etc/peer_keys to authenticate peer daemons
The peer_keys file is the standard OpenSSH authorized_keys file
format, one SSH key per line. Blank lines and any lines starting
with # are ignored.
The file is scanned each time it is modified, allowing hosts to be
added or removed from a cluster configuration without needing to
restart the current node.
I'm choosing to put the peer keys into a local disk file rather
than into the database, because we might run into a catch-22 case
where the peers need to authenticate to each other before they can
read the database. E.g. this could happen if we figure out how to
embed Apache Cassandra, tunnel its swarm traffic over our own SSH
channels, and require a quorum read to bring the server up.
The use of this file is experimental. I'm not documenting it yet
because I don't know if we'll be supporting it long-term.
Change-Id: I6e9b8ae5cd1bb3643688a3ee657055aab73e6a87
Signed-off-by: Shawn O. Pearce <sop@google.com>
2 files changed
