createSharedSecret
Create shared secret for secure communication
Syntax
createSharedSecret
createSharedSecret -file <filename>
Description
createSharedSecret
creates a shared secret file used for secure
communication between job managers and workers. The file is named secret
in the current folder.
createSharedSecret -file <filename>
create a shared secret
file as the given filename.
Before passing sensitive data from one service to another (e.g., between job manager and workers), these services need to establish a trust relationship using a shared secret. This script creates a file that serves as a shared secret between the services. Each service is trusted that has access to that secret file.
Create the secret file only once per cluster on one machine, then copy it into the
location specified by SHARED_SECRET_FILE
in the
mjs_def
file on each machine before starting any job managers or
workers. In a shared file system, all nodes can point to the same file. Shared secrets can
be reused in subsequent sessions.
Examples
Create a shared secret file in a central location for all the nodes of the cluster:
cd matlabInstallDir/toolbox/parallel/bin createSharedSecret -file /share/secret
Then make sure that the nodes' shared or copied mjs_def
files set the
parameter SHARED_SECRET_FILE
to /share/secret
before
starting the mjs service on each.