On Mon, 2013-09-09 at 21:30 +0200, Lennart Poettering wrote: > On Wed, 21.08.13 18:45, Jóhann B. Guðmundsson (johannbg@xxxxxxxxx) wrote: > > > And I have come across a bit of scalability issue due to us > > defaulting to using short hostnames in login and command prompt when > > creating OS containers in any real numbers. > > I am pretty sure we should continue to default to "short" hostnames, > i.e. not fqdns. > > The thing is simply that in today's world hosts might appear on multiple > networks and domains at the same time, and that dynamically, and not > necessarily using IP or exposed via DNS. The domain suffix hence is > frequently something that is more interface or state dependent rather > than strictly host dependent. For example, the same host might have an > mdns hostname in .local as well as one ISP assigned hostname on ppp0 and > a hand chosen name on the LAN interface eth0. They might all share the > same non-qualified name, but are hightly like to have different > suffixes. Extending on that: sometimes a machine might be entirely > disconnected, an fqdn then makes very little sense, because it suggests > a world-wide reachable name which is misleading. > > Enforcing a fixed fqdn for a a machine for its entire lifetime is > like enforcing a single fixed IP address for it -- i.e. a setup that > certainly makes sense but is probably not the common case for the vast > majority of modern systems. > > Also, the hostname of the system is not only used for IP purposes. For > example bluetooth uses it too, and the shell displays it and whatnot. > > In systemd's hostname support (as exposed via /etc/hostname, hostnamed, > hostnamectl, ...) we hence generally prefer non-fqdn names, however do > accept fqdns too. Server centric software like IPA requires FQDNs > though (which I personally think is a poor choice, but whatever...) > > If an ISP wants to set up multiple containers he should probably make > sure on his own that the hostnames are unique on the container host, he > can manually choose fqdns for that, or even use his own scheme, for > example "customer23-host47" or whatever works for him... > > We try to find good defaults that work for everybody, not just specific > ISP setups. ISP setups tend to be fairly static, and hence > simple. However, static setups are generally just a boring special case > of dynamic setups, hence we generally implement things to cover that > well... Kerberos and x509 both require FQDNs. It makes no sense to stick to short names for servers, and having a FQDN on a laptop does not hurt anything (a FreeIPA enrolled laptop must have a FQDN anyway as it uses the keytab to do validation). If you want pretty names, it is just FINE, just *show* pretty name to the desktop, but the underlying system needs a fqdn, and you have no issue using it, and you know it because you wrote a nss module that can return automagically always 127.0.0.x for the machine hostname, regardless of DNS or /etc/hosts, so we do not really have an issue with resolving the machine own host name. So can you please stop breaking servers just to show 'pretty' names ? Simo. -- Simo Sorce * Red Hat, Inc * New York -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
