Java NIO/SSH Tunnel/Socks

blonkel · 2015-07-07 18:16:20 UTC

Hello,

Is there any special reason why the Aerospike java client is using NIO for Java-Sockets?

We would like to access our Aerospike-Cluster from our Home-Office and normally we using a SSH-Tunnel (SOCKS) for Monitoring/Accessing our Data/Administrate our Servers. This approach has several advantages, for example we need dont need any additional Firewall-Rules / its encrypted and its faster then VPN and we dont need to install a VPN-Server/Client on all our Servers.

Java NIO forbidds using a SOCKS-Proxy, instead its using ‘native’-Sockets which skips the SOCKS-Server.

Would be awesome to have this Option, maybe just as a fall-back/client-policy?

Brian · 2015-07-15 00:41:02 UTC

We use NIO only for asynchronous commands in AsyncClient. I believe using NIO is required for asynchronous sockets in java.

Our synchronous client, AerospikeClient, uses the older standard socket library. Our understanding is this socket library is faster than using SSH tunnels (SOCKS).

Aerospike is primarily designed to run both clients and servers on the same local area network for maximum performance.

blonkel · 2015-07-21 11:11:58 UTC

Thanks Brian for the explanation. Of course our production clients run in the same LAN. We only wanted to have access from outside without opening our firewall for development and testing purposes. Today we found the ipMap in the ClientPolicy, which appears to exist exactly for that use case. We are able to access our cluster now only via a SSH tunnel, without firewall rules or a SOCKS proxy.