Hi, I'm considering Apache Ignite for a distributed computing application. I have a question about security.
We'll have a central node which will run all the time (the application server) and a number of nodes which will join/leave the cluster in the runtime (we'll use AWS to add new computing resources on demand). I guess we'll need to use the static IP-based discovery for this scenario. As I read the configuration right now, any server in my VPC which knows the IP address of the central node will be able to connect to the Ignite cluster and accept tasks/jobs. This feels quite insecure - basically anyone in VPC would be able to get the data from the tasks/jobs. How could I make it secure? I've found the following post: http://smartkey.co.uk/development/securing-an-apache-ignite-cluster/ This is a step into the right direction. However, whitelisting IPs is not an option in case of dynamic IP addresses (which we probably have in AWS). So I'd like to ask for advice on how to secure the Ignite cluster, for instance with some pre-shared secret. Is there any support for this OOTB? Many thanks and best wishes, Alexey
