Hey Bela! I've been thinking about Cross Site Replication using Relay protocol on Kubernetes/OpenShift. Most of the installations should use Federation [1] but I can also imagine a custom installation with two sites (let's call them X and Y) and totally separate networks. In that case, the flow through Kubernetes/OpenShift might look like the following:
Site X, Pod 1 (sending relay message) ---> sending packets ---> the Internet ---> Site Y, Ingress/Route ---> Service ---> Site Y, Pod 1 Ingress/Routes and Services are Kubernetes/OpenShift "things". The former acts as a reverse proxy and the latter as a load balancer. Unfortunately Ingress/Routes don't have good support for custom protocols using TCP (they were designed with HTTP in mind). The only way to make it work is to use TLS with SNI [2][3]. So we would need to encrypt all traffic with TLS and use Application FQDN (a fully qualified application name, so something like this: infinispan-app-2-myproject.*site-x*.com) as SNI Hostname. Note that FQDN for both sites might be slightly different - Infinispan on site X might want to use FQDN containing site Y in its name and vice versa. I was wondering if it is possible to configure JGroups this way. If not, are there any plans to do so? Thanks, Sebastian [1] https://kubernetes.io/docs/concepts/cluster-administration/federation/ [2] https://www.ietf.org/rfc/rfc3546.txt [3] Look for "Passthrough Termination" https://docs.openshift.com/enterprise/3.2/architecture/core_concepts/routes.html#secured-routes -- SEBASTIAN ĆASKAWIEC INFINISPAN DEVELOPER Red Hat EMEA <https://www.redhat.com/> <https://red.ht/sig>
_______________________________________________ infinispan-dev mailing list infinispan-dev@lists.jboss.org https://lists.jboss.org/mailman/listinfo/infinispan-dev
