cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stefan Podkowinski (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-10404) Node to Node encryption transitional mode
Date Thu, 10 Nov 2016 10:21:58 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-10404?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15653670#comment-15653670
] 

Stefan Podkowinski commented on CASSANDRA-10404:
------------------------------------------------

Looks like with CASSANDRA-8457 it's rather trivial to implement both encrypted and unencrypted
messaging on the same port based on the implementation that we added in CASSANDRA-10559 for
client-to-node. See my version of [NettyFactory|https://github.com/spodkowinski/cassandra/commit/66b9b5bfbe7b525ebb50bd6d9c3f6148a1fa19d9].


But how would we handle such transition when it comes to used storage_ports? I think CASSANDRA-7544
would be really nice to have here, as we could simply stick to a single port with optional
encryption for ssl nodes, without having to worry how outgoing connections can determine which
port to connect to, depending whether the target node would already have been switched to
ssl or not.

> Node to Node encryption transitional mode
> -----------------------------------------
>
>                 Key: CASSANDRA-10404
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-10404
>             Project: Cassandra
>          Issue Type: New Feature
>            Reporter: Tom Lewis
>            Assignee: Jason Brown
>
> Create a transitional mode for encryption that allows encrypted and unencrypted traffic
node-to-node during a change over to encryption from unencrypted. This alleviates downtime
during the switch.
>  This is similar to https://issues.apache.org/jira/browse/CASSANDRA-8803 which is intended
for client-to-node



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message