[
https://issues.apache.org/jira/browse/CASSANDRA-16555?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17738372#comment-17738372
]
Thomas Steinmaurer commented on CASSANDRA-16555:
------------------------------------------------
Thanks a lot for driving that forward!
Quick question though, without having the 3.11 PR checked (in detail): In case
IMDSv2 fails (and v2 being the new default, as it seems), for whatever reason,
e.g. also while refreshing the token, will there be a silent fallback to v1
(old behavior) + e.g. a log entry in cassandra.log, to remain Cassandra
operational? Just a thought, as the default going forward from pre 3.11.16 to
3.11.16 has changed. Thanks a lot.
> Add support for AWS Ec2 IMDSv2
> -------------------------------
>
> Key: CASSANDRA-16555
> URL: https://issues.apache.org/jira/browse/CASSANDRA-16555
> Project: Cassandra
> Issue Type: New Feature
> Components: Consistency/Coordination
> Reporter: Paul Rütter (BlueConic)
> Assignee: Stefan Miklosovic
> Priority: Normal
> Fix For: 3.0.30, 3.11.16, 4.0.11, 4.1.3, 5.0
>
> Time Spent: 5h 40m
> Remaining Estimate: 0h
>
> In order to patch a vulnerability, Amazon came up with a new version of their
> metadata service.
> It's no longer unrestricted but now requires a token (in a header), in order
> to access the metadata service.
> See
> [https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html]
> for more information.
> Cassandra currently doesn't offer an out-of-the-box snitch class to support
> this.
> See
> [https://cassandra.apache.org/doc/latest/operating/snitch.html#snitch-classes]
> This issue asks to add support for this as a separate snitch class.
> We'll probably do a PR for this, as we are in the process of developing one.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
