FAQ - Is a cluster shutdown required to enable Aerospike Security?

#1

FAQ - Is a cluster shutdown required to enable Aerospike Security?

Detail

The Aerospike Enterprise edition has an optional security feature that allows username and password based authentication. Does it require a full cluster shutdown to implement this?

Answer

At first glance the answer to this question is no. The enable-security parameter is static, meaning it requires a node restart but not unanimous which would imply it is possible to have some nodes with security enabled within a cluster and some nodes without. In a practical sense, however, the situation is more complex. Though it is possible to enable security via a rolling restart, the effect on the client should be considered. With security enabled the clients must send authentication credentials, when some nodes require these and some do not, the effect will be that client calls will fail.

There are two potential options. The first option would be to pause client traffic, do a rolling restart on the cluster to enable security and then allow client traffic once more. Another option would be to pause client traffic, do a full cluster restart to enable security and then restart client traffic (remembering to send security credentials).

At this point, it is not possible to enable security without some downtime, even though the enable-security parameter is not unanimous.

Notes

  • A feature for client libraries to be able to support a transition mode while nodes are gradually enabled for ACL is tracked under PROD-711.

Keywords

ENABLE SECURITY UNANIMOUS AUTHENTICATION

Timestamp

04/17/2019