ignite-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aleksei Valikov <aleksei.vali...@gmail.com>
Subject Securing Ignite
Date Thu, 30 Jul 2015 14:37:16 GMT
Hi,

I'm considering Apache Ignite for a distributed computing application. I
have a question about security.

We'll have a central node which will run all the time (the application
server) and a number of nodes which will join/leave the cluster in the
runtime (we'll use AWS to add new computing resources on demand). I guess
we'll need to use the static IP-based discovery for this scenario.

As I read the configuration right now, any server in my VPC which knows the
IP address of the central node will be able to connect to the Ignite
cluster and accept tasks/jobs. This feels quite insecure - basically anyone
in VPC would be able to get the data from the tasks/jobs.

How could I make it secure?

I've found the following post:

http://smartkey.co.uk/development/securing-an-apache-ignite-cluster/

This is a step into the right direction. However, whitelisting IPs is not
an option in case of dynamic IP addresses (which we probably have in AWS).

So I'd like to ask for advice on how to secure the Ignite cluster, for
instance with some pre-shared secret. Is there any support for this OOTB?

Many thanks and best wishes,
Alexey

Mime
View raw message