We've solved this before a few ways (to give some concrete examples):
1. On EC2 behind an ELB (which is inherently public on the internet) we
ran HAProxy on each Riak node, proxying some other port to Riak's port 8098.
The ELB's public port was 8098, but it translated that to the port for
HAProxy. HAProxy was then running HTTP basic auth in our case, but there
are plenty of options for you from there.
2. In our own hardware, we ran Riak through our own load balancer and
just restricted access to only inside our LAN and our static office IP.
On Mon, Oct 24, 2011 at 11:25 AM, Alexander Sicular <[email protected]>wrote:
> you have to put something in front of riak, like haproxy, that will act as
> a gateway into and out of your riak cluster. also block ports/access on your
> riak node itself via a firewall or something like that.
>
>
>
> -Alexander Sicular
>
> @siculars
> http://siculars.posterous.com
>
> On Oct 24, 2011, at 10:54 AM, Anoop Thomas Mathew wrote:
>
> Hi All,
>
> I'm relatively new to Riak and just loving it. :)
>
> I have a query about Riak that, why is there no user auth mechanisms? Is it
> the part of the design or a future candidate?
> Or else, how can I make a Riak based app protect files from unauthorized
> access.
> I searched the mailing list history, but didn't get a good answer.
> Some pointers would be greatly appreciated.
>
> Thanks,
> Anoop
>
> atm
> ___
> Life is short, Live it hard.
>
>
> _______________________________________________
> riak-users mailing list
> [email protected]
> http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
>
>
>
> _______________________________________________
> riak-users mailing list
> [email protected]
> http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
>
>
_______________________________________________
riak-users mailing list
[email protected]
http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
