Auth is one of those things that needs to be a bit more concrete In the scenario you describe, you already have an option to deploy the auth in piece partially during the rollout (pause halfway through) in the cluster and look for asymmetric connections, and the option to drop in a new
Dear Dinesh and Abe,
Thank you for reviewing the document on enabling Cassandra authentication.
I apologize that I didn't initially include the following failure scenarios
where this feature could be particularly beneficial (I've included them
now):
*Below are the failure scenarios:*
-
Hi Gaurav,
Thank you for the document. I read through it and wasn't entirely clear
about the problem you're trying to solve.
If you're talking about enabling authentication for the very first time on
a cluster which does not have any authentication then there are different
ways of handling it.
Hey Guarav,
Thanks for your proposal.
> disruptive, full-cluster restart, posing significant risks in live
> environments
For configuration that isn't hot-reloadable, like providing a new
IAuthenticator implementation, a rolling restart is required. But rolling
restarts are zero-downtime and
Dear Cassandra Community,
I'm excited to share a proposal for a new feature that I believe would
significantly enhance the platform's security and operational flexibility: *a
flexible authentication mechanism implemented through a feature flag *.
Currently, enforcing authentication in Cassandra
Hello everyone,
We still need a few eyes to help push the changes forward.
https://issues.apache.org/jira/browse/CASSANDRA-14572
Here's the post I prepared as a result of working on this issue (it
might help to review it):
