couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joey Samonte <csharpdevelo...@hotmail.com>
Subject RE: Can clustering be setup between nodes that only accept SSL connections?
Date Mon, 29 Aug 2016 22:22:19 GMT
Thank you very much. :)
 
> Subject: Re: Can clustering be setup between nodes that only accept SSL connections?
> From: rnewson@apache.org
> Date: Mon, 29 Aug 2016 12:39:50 +0100
> To: dev@couchdb.apache.org
> 
> A fully encrypted demo is on my TODO list, hopefully will get to it this week.
> 
> B.
> 
> > On 25 Aug 2016, at 11:15, Joey Samonte <csharpdeveloper@hotmail.com> wrote:
> > 
> > We are currently using nginx sir as reverse proxy in front of CouchDB
> > 
> >> From: rnewson@apache.org
> >> Subject: Re: Can clustering be setup between nodes that only accept SSL connections?
> >> Date: Thu, 25 Aug 2016 11:07:29 +0100
> >> To: dev@couchdb.apache.org
> >> 
> >> Yes, couchdb can be configured that way but my recommendation is to put something
like haproxy in front instead. The native ssl support in Erlang has a buggy history in my
experience, though I believe 18.x is working quite nicely. Further, with couchdb 2.0, you'll
want a round-robin loss balancer in front of them to fully enjoy the clustered fault tolerance.

> >> 
> >> For < 2.0, you just need to configure the httpsd daemon and comment out the
httpsd one. For 2.0, I'll have to research a little as I'm not sure the chttpd service is
as rainy disabled. 
> >> 
> >> Sent from my iPhone
> >> 
> >>> On 24 Aug 2016, at 21:08, Joey Samonte <csharpdeveloper@hotmail.com>
wrote:
> >>> 
> >>> Good day,
> >>> 
> >>> SSL is a must for us to secure our data. Can the CouchDB nodes in the cluster
only allow https, for example, on port 6984?
> >>> 
> >> 
> > 		 	   		  
> 
 		 	   		  
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message