Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Setup ScyllaDB with mTLS for node to node communication #1217

Open
3 tasks
Tracked by #1761
tnozicka opened this issue Apr 17, 2023 · 0 comments
Open
3 tasks
Tracked by #1761

Setup ScyllaDB with mTLS for node to node communication #1217

tnozicka opened this issue Apr 17, 2023 · 0 comments
Labels
kind/epic Categorizes issue as an epic. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. triage/accepted Indicates an issue or PR is ready to be actively worked on.

Comments

@tnozicka
Copy link
Member

tnozicka commented Apr 17, 2023
edited
Loading

Is this a bug report or feature request?

  • Feature Request

What should the feature do:
We need to setup ScyllaDB with node to node mTLS to make sure the node communication on our shared platform is encrypted and authenticated.

This also prevents nodes to accidentally join a different cluster which can happen when there is no authentication and IPs are eventually reused. (If dc name matches.)

We should enable node-to-node encryption by default and only have fallback option to use insecure one instead.

https://docs.scylladb.com/stable/operating-scylla/security/node-node-encryption.html

Tasks
Beta Give feedback
  1. Create enhancment proposal for node to node mTLS #1374
    kind/design priority/important-soon
  2. Implement automatic node to node mTLS to secure the communication #1375
    kind/feature priority/important-soon triage/accepted
  3. Benchmark performance with node-to-node mTLS enabled #1376
    kind/epic priority/important-longterm triage/accepted
@tnozicka tnozicka added kind/feature Categorizes issue or PR as related to a new feature. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. triage/accepted Indicates an issue or PR is ready to be actively worked on. labels Apr 17, 2023
@tnozicka tnozicka mentioned this issue Apr 17, 2023
Closed
@tnozicka tnozicka added kind/epic Categorizes issue as an epic. and removed kind/feature Categorizes issue or PR as related to a new feature. labels Aug 31, 2023
@tnozicka tnozicka mentioned this issue Feb 28, 2024
Open
@tnozicka tnozicka self-assigned this Mar 11, 2024
@tnozicka tnozicka mentioned this issue Jun 24, 2024
Closed
@tnozicka tnozicka removed their assignment Nov 25, 2024
@tnozicka tnozicka mentioned this issue Dec 13, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/epic Categorizes issue as an epic. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tnozicka