mirrors/scylladb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8b80ef32905dd6cf8a2dd558ada7d2dff10d2db1
scylladb/message
History
Calle Wilund 390b9759b6 messaging_service: Add "transitional" internode encryptipn mode 
Fixes #18903

Adds a "transitional" internode encryption mode, under which all
_outgoing_ RPC connections will use TLS, but we will still accept
any incoming non-tls connection.

This allows an operator to perform a move to TLS RPC without cluster
downtime:

1. For each server, add certificate etc options to
   server_encryption_options
   + internode_encryption=none
   + set ssl_storage_port
   + restart (rolling)

2. For each server, set internode_encryption=transitional + RR
3. For each server, set internode_encryption=all + RR
2024-10-13 23:54:06 +00:00
..
CMakeLists.txt
build: bring abseil submodule back
2024-05-05 23:31:09 +03:00
messaging_service_fwd.hh
treewide: use Software Package Data Exchange (SPDX) license identifiers
2022-01-18 12:15:18 +01:00
messaging_service.cc
messaging_service: Add "transitional" internode encryptipn mode
2024-10-13 23:54:06 +00:00
messaging_service.hh
messaging_service: Add "transitional" internode encryptipn mode
2024-10-13 23:54:06 +00:00
msg_addr.hh
gms: inet_address: make constructors explicit
2024-02-11 15:44:13 +02:00
rpc_protocol_impl.hh
treewide: replace std::result_of_t with std::invoke_result_t
2024-05-26 16:45:42 +03:00