Project

General

Profile

Feature #10810

Want a per-zone UUID

Added by Robert Mustacchi 6 months ago. Updated 5 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
zones
Start date:
2019-04-16
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:

Description

Various pieces of software would like the ability to have a well-defined per-zone UUID. The idea is that this UUID could be used to seed various items like a DHCPv6 client. This value should be unique for a zone and it should be a consistent value. While there is existing things that are like a UUID, there are problems with these:

1. SMBIOS. While SMBIOS does have a uuid and there is a way to get at the system UUID, it's not great for a few reasons. Most importantly it's not available in a zone. However, even if it was, there are further problems. Many systems have duplicate UUIDs which are found in the field.

2. hostid. The hostid is a 32-bit value. It's entirely emulated on x86 from an /etc/hostid file which is generated by the system if one doesn't exist. Unfortunately, there's no guarantee that this is required to be unique per-zone as the hostid attribute is an optional attribute of zones.

3. IPS image uuids. These can be arbitrarily regenerated and exist on a per-publisher basis. So it also doesn't function well as the basis for this.

As a result, we should probably add a new notion of a zone uuid that gets set as part of zone creation and stays the same. This should likely become a required attribute of zones so that it will persist and can be migrated. We should allow it to be updated, to allow for migration, and we should allow it not to be set on zone creation, and then genreate it ourselves. We should likely just use a full V4 UUID rather than trying to encode other information into it. We should probably provide a means to get this that's not dissimilar to the hostid(3C) function.

I'm happy to provide mentoring to anyone interested in putting together this change.

History

#1

Updated by Ryan England 5 months ago

Robert, I'm interested in working on this project. Note, I'm new to the illumos project so any guidance you'd be able to provide will be greatly appreciated.

#2

Updated by Gordon Ross 5 months ago

In case anyone was unaware, idmap generates a UUID representing the system (because that's required for representing AD "local" accounts). This may not be directly helpful because idmap is an optionally configured item.
I bring it up to (a) show an example, and (b) ask you to consider whether this should be moved out of idmap into some one-time (set at first boot?) activity so maybe we could have just one "local system UUID" instead of two.

Also available in: Atom PDF