Eucalyptus implements a secure protocol for registering separate components so that
the
overall system can’t be tricked into including a component run by an unauthorized
administrator or user. You only need to register components the first time Eucalyptus
is
started after it was installed.
Most registration commands run on the CLC server. NCs, however, are registered on
each CC. You
must register each NC on every CC for the cluster on which the NC participates.
Note that each registration command will attempt an SSH as root to the remote physical
host where the registering component is assumed to be running. The registration command
also contacts the component so it must be running at the time of the command is issued.
If a password is required to allow SSH access, the command will prompt the user for
it.
Except for NCs, each registration command requires four pieces of information:
- The component (--register-XYZ) you are registering, because this affects where the commands must be executed.
- The partition (--partition) the component will belong to. The partition is the same thing as availability zone
in AWS.
- The name (--component) ascribed to the component. This is the name used to identify the component in a
human-friendly way. This name is also used when reporting system state changes which
require administrator attention. This name must be globally-unique with respect to
other component registrations. To ensure this uniqueness, we recommend using a combination
of the component type (CLC, SC, CC, etc) and system hostname or IP address when you
choose your component names. For example: clc-eucahost15 or clc-192.168.0.15.
- The IP address (--host) of the service being registered.
NCs only have two pieces of information: component name and IP address.
