Sorry for the delayed response. The responses are in line.
On 11/18/08 12:02 PM, "Krishna Sankar (ksankar)" <[EMAIL PROTECTED]> wrote:
> Have a couple of questions on the proposed multi-tenancy feature (pardon
> me if they are obvious, as I am slowly getting up to speed):
> a) First, good initiative. I think this will make ZK more
> pervasive. I plan to participate and contribute
thanks and we look forward to your contribution.
> b) Is there any assumption on the trust and security ? i.e. could
> we assume that the servers would be in a secure environment and so no
> need for SSL et al., could we trust the MAC Address/IP Address (this
> also raises the question of NAT et al, if they are relevant) and could
> we make an assumption that there is no need for a secure identity ?
There is an assumption to some level. We do trust the ipaddress (got via
tcp connections assuming its difficult to forge) and we use
Raw tcp (so no security in the transfer layer). We do have a authorization
layer that is pluggable at the server and the clients can identify
themselves using that.
> c) I remember seeing one of Ben's ToDo, an entry for distributed
> ZK. I couldn't find a resolution or write-up. Possible, I am missing
> something obvious. Anyway, Is it already in place or do we need to
> consider that feature in the multi-tenancy capability ?
Its still in discussions. We don't have a conrete proposal yet. For multi
tenancy we don't need to consider it.
> Cheers & thanks
> |-----Original Message-----
> |From: Benjamin Patrick Hunt <[EMAIL PROTECTED]>
> |Sent: Mon, 27 Oct 2008 20:35:37 -0700
> |To: email@example.com
> |Subject: ZooKeeper Roadmap - 3.1.0 and beyond.
> 5) (begin) multi-tenancy support. A number of users have expressed
> interest in being able to deploy ZK as a service in a cloud.
> Multi-tenancy support would be a huge benefit (quota, qos, namespace
> partitioning of nodes, billing, etc...)