cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stefan Podkowinski (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-10404) Node to Node encryption transitional mode
Date Fri, 27 Oct 2017 09:54:00 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-10404?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16222036#comment-16222036
] 

Stefan Podkowinski commented on CASSANDRA-10404:
------------------------------------------------

Latest commits look good. I like that the {{enable_legacy_ssl_storage_port}} option. Makes
things more obvious.

Although users should follow advice in NEWS.txt, I'd suggest to better add a simple config
validation in DatabaseDescriptor and throw a ConfigurationException in case cassandra.yaml
hasn't been updated correctly during the upgrade. Cassandra should not start and switch from
encrypted to unencrypted after upgrade in case you just keep your old config with {{internode_encryption}}
!= {{none}}, but the new {{enabled}} flag not specified and thus set to false by default.




> Node to Node encryption transitional mode
> -----------------------------------------
>
>                 Key: CASSANDRA-10404
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-10404
>             Project: Cassandra
>          Issue Type: New Feature
>            Reporter: Tom Lewis
>            Assignee: Jason Brown
>             Fix For: 4.x
>
>
> Create a transitional mode for encryption that allows encrypted and unencrypted traffic
node-to-node during a change over to encryption from unencrypted. This alleviates downtime
during the switch.
>  This is similar to CASSANDRA-10559 which is intended for client-to-node



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org


Mime
View raw message