New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support encryption of inter-node communication #93
Comments
+1 must have for production setups. |
@mainframe --- correct, a new node joining the cluster is not authenticated by default though you can user-level permissions to exercise some control over this process: https://github.com/rqlite/rqlite/blob/master/doc/SECURITY.md#user-level-permissions You can therefore pass a password to node when it starts up, which is required by other nodes before accepting the join request. There are many other ways to lock down your cluster too. As for using serf, I don't have that much experience with it, and anyway one of the main points of rqlite is simplicity -- a single binary, that clusters easily. Requiring a second system like serf would be a major complication. |
Top of tree now supports node-to-node encryption, and it will be part of the 4.0 release. |
The TCP connections between each node -- the Raft connections -- should support encryption. This means support TLS encryption between nodes.
The text was updated successfully, but these errors were encountered: