[ 
https://issues.apache.org/jira/browse/CASSANDRA-14361?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16428457#comment-16428457
 ] 

Romain Hardouin commented on CASSANDRA-14361:
---------------------------------------------

{quote}Caching behavior remains the same, given operators relying on hostnames
{quote}
What I meant is that having this feature could motivate operators to use DNS. 
So they must be aware of this setting and set it explicitely. 

I've read Oracle documentation but Java security file is not very explicit:
{noformat}
# default value is forever (FOREVER). For security reasons, this
# caching is made forever when a security manager is set. When a security
# manager is not set, the default behavior in this implementation
# is to cache for 30 seconds.
#
# NOTE: setting this to anything other than the default value can have
#       serious security implications. Do not set it unless
#       you are sure you are not exposed to DNS spoofing attack.
#
#networkaddress.cache.ttl=-1
{noformat}

"{{default value is forever (FOREVER)}}" is misleading.
That's why having CASSANDRA-14364 is nice.

> Allow SimpleSeedProvider to resolve multiple IPs per DNS name
> -------------------------------------------------------------
>
>                 Key: CASSANDRA-14361
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-14361
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Configuration
>            Reporter: Ben Bromhead
>            Assignee: Ben Bromhead
>            Priority: Minor
>             Fix For: 4.0
>
>
> Currently SimpleSeedProvider can accept a comma separated string of IPs or 
> hostnames as the set of Cassandra seeds. hostnames are resolved via 
> InetAddress.getByName, which will only return the first IP associated with an 
> A, AAAA or CNAME record.
> By changing to InetAddress.getAllByName, existing behavior is preserved, but 
> now Cassandra can discover multiple IP address per record, allowing seed 
> discovery by DNS to be a little easier.
> Some examples of improved workflows with this change include: 
>  * specify the DNS name of a headless service in Kubernetes which will 
> resolve to all IP addresses of pods within that service. 
>  * seed discovery for multi-region clusters via AWS route53, AzureDNS etc
>  * Other common DNS service discovery mechanisms.
> The only behavior this is likely to impact would be where users are relying 
> on the fact that getByName only returns a single IP address.
> I can't imagine any scenario where that is a sane choice. Even when that 
> choice has been made, it only impacts the first startup of Cassandra and 
> would not be on any critical path.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org

Reply via email to