[
https://issues.apache.org/jira/browse/CASSANDRA-21146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18057538#comment-18057538
]
Brad Schoening edited comment on CASSANDRA-21146 at 2/10/26 10:04 AM:
----------------------------------------------------------------------
[~joaoreis] for WARN level, yes, it should warn for unidentified drivers. And
if one has configured FAIL, given its a stricter level, I expect it should fail
unidentified drivers. For our environment, we would use WARN in production,
and FAIL level in non-production Dev and UAT environments. I've updated the
description to clarify this better.
Does that sound right?
was (Author: bschoeni):
[~joaoreis] for WARN level, yes, it should warn for unidentified drivers. And
if one has configured FAIL, given its a stricter level, I expect it should fail
unidentified drivers. For our environment, we would use WARN in production,
and FAIL level in non-production Dev and UAT environments. I've updated the
description to clarify this better.
> Guardrail for client driver versions
> ------------------------------------
>
> Key: CASSANDRA-21146
> URL: https://issues.apache.org/jira/browse/CASSANDRA-21146
> Project: Apache Cassandra
> Issue Type: Improvement
> Components: Feature/Guardrails
> Reporter: Brad Schoening
> Priority: Normal
>
> Many application teams lag multiple years behind on Cassandra driver
> upgrades, which increases operational risk and complicates cluster upgrades
> and support. Today, there is no native mechanism to discourage or prevent
> clients from connecting with severely outdated drivers.
> Proposed New Feature
> Introduce an optional server-side guardrail that allows operators to WARN or
> FAIL client connections using drivers older than a configured minimum version
> (for example, rejecting Java drivers earlier than 3.11.5).
> Most environments have just a couple of driver type names (e.g., Java), and
> the guardrail would apply to declared type & version pairs.
> Key Characteristics
> * Disabled by default.
> * Configurable minimum supported driver version, scoped by driver type.
> * Intended primarily for non-production environments (dev / UAT), where
> stricter enforcement can be applied ahead of production rollouts.
> * Provides a clear, early failure signal to application teams that a driver
> upgrade is required.
> Benefits
> * Forces proactive driver upgrades before cluster upgrades.
> * Reduces risk from unsupported or poorly tested legacy drivers.
> * Improves overall fleet hygiene and operational predictability.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
