<div dir="ltr">On Wed, Mar 6, 2013 at 9:58 AM, Tim Landscheidt <span dir="ltr"><<a href="mailto:tim@tim-landscheidt.de" target="_blank">tim@tim-landscheidt.de</a>></span> wrote:<br><div class="gmail_extra"><div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Petr Bena <<a href="mailto:benapetr@gmail.com">benapetr@gmail.com</a>> wrote:<br>
<br>
> [...]<br>
<div class="im"><br>
>>> Set up a cron script that sync a local folder on bastion with<br>
>>> /public/keys so that when gluster is down or that folder isn't working<br>
>>> login to bastion's still works.<br>
<br>
>> That might be feasible. But really the solution is don't let people<br>
>> kill the bastion. idk how we do that. and idk why the past social<br>
>> restrictions aren't sufficient. maybe we need ulimit or cgroups or<br>
>> something. :-(<br>
<br>
> it weren't people who kill them it was gluster or something like that<br>
> - we need reliable storage for keys if it's only way to login<br>
<br>
</div>What's the point of allowing people to log into bastion only<br>
to find that they can't use their instances due to a gluster<br>
error? :-) Let's rephrase your request: "We need reliable<br>
storage." :-)<br>
<span class="HOEnZb"><font color="#888888"><br></font></span></blockquote><div><br></div><div style>^^ This. I don't see the point of arguing about changing authentication to fix a storage problem. The real problem here is an unreliable filesystem. Let's not make things less secure to workaround a more serious issue.</div>
<div style><br></div><div style>- Ryan</div></div></div></div>