Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ability to add a new sled to the lrtq cluster #3757

Closed
andrewjstone opened this issue Jul 24, 2023 · 3 comments
Closed

Ability to add a new sled to the lrtq cluster #3757

andrewjstone opened this issue Jul 24, 2023 · 3 comments
Assignees
@andrewjstone
Labels
api Related to the API. Sled Agent Related to the Per-Sled Configuration and Management trust quorum Trust Quorum related
Milestone
MVP

Comments

@andrewjstone
Copy link
Contributor

A sled that is plugged into an existing initialized rack needs to be told it is a learner node so that it can learn its key share. The bootstrap agent has access to a NodeHandle that can be used for this purpose.

Once the learner has learned its share it can ask for other peers' shares so that it can recompute the rack secret. This initialization happens in request_sled_agent, which is triggered via RSS or having an already ledger persisted SledAgentRequest on cold boot. However, new sleds will not have this, and it is likely we need to plumb a sled addition request all the way from the UI to perform this initialization.
@andrewjstone andrewjstone added api Related to the API. Sled Agent Related to the Per-Sled Configuration and Management trust quorum Trust Quorum related labels Jul 24, 2023
@andrewjstone andrewjstone added this to the MVP milestone Jul 24, 2023
@andrewjstone andrewjstone self-assigned this Jul 24, 2023
@jmpesp
Copy link
Contributor

jmpesp commented Jul 28, 2023

Related to #2545?

@andrewjstone
Copy link
Contributor Author

Related to #2545?

Indeed! LRTQ is very unsophisticated in that if a new sled learns a share, you can't really revert that without wiping its cluster directories on the M.2s, which I suppose could be the undo part of that saga action. You also have the relatively minor issue that the sled's baseboard will be permanently marked as using a share that was handed out by a sled. There's no way to revoke that. This is all temporary though, until a trust quorum protocol supporting reconfigurations and rekeying is implemented.

@andrewjstone andrewjstone mentioned this issue Aug 2, 2023
Open
@andrewjstone
Copy link
Contributor Author

This was completed in #4545

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@andrewjstone andrewjstone

Labels
api Related to the API. Sled Agent Related to the Per-Sled Configuration and Management trust quorum Trust Quorum related
Projects
None yet
Milestone
MVP
Development

No branches or pull requests
2 participants
@andrewjstone @jmpesp