It is more the ITIL standards, and Commercial vendor lobbying, our
accountants are clueless :)
I have no idea what ITIL means, but would probably prefer to keep
it that way :)
a standard that forces use of specific and commercial packages
is not a standard at all...
HPC clusters are normally a horde of clones. no configuration change
is applied individually to a node, but rather applied en-mass.
reimaging nodes is not a huge big deal, for instance (and a non-event
if you use nfs-root - definitely a good idea in some cases.)
True The only frequent changes are user account modification, mounted nfs
files, and scheduler configurations files if log level need to be altered. I
none of those require any node-local changes. as I mentioned, nfs-root
solves many of them, though it's common to use ldap/nis/AD. it's uncommon
to change the NFS mounts on a compute node, but also quite easy to change
the fstab and then something like "pdsh -a mount -a"
can just write a script or use a file integrity checker to check these. The
problem is that the department that is asking us to implement configuration
change monitoring based on a security audit items want more than that, want
perhaps you should ask them what their actual goals/motives are,
and talk to them to figure out how it makes sense for a cluster.
offhand, I'd be surprised if it made any sense to do for anything
except admin nodes (ie, not compute nodes).
regards, mark hahn.
_______________________________________________
Beowulf mailing list, Beowulf@beowulf.org
To change your subscription (digest mode or unsubscribe) visit
http://www.beowulf.org/mailman/listinfo/beowulf
