mohammadjkhan commented on a change in pull request #6972: Support LDAP
authentication/authorization
URL: https://github.com/apache/incubator-druid/pull/6972#discussion_r271401599
##########
File path: docs/content/development/extensions-core/druid-basic-security.md
##########
@@ -155,6 +189,27 @@ Example request body:
}
```
+`GET(/druid-ext/basic-security/authentication/db/{authenticatorName}/config)`
+Return the authenticator current set of updatable configuration.
+
+`POST(/druid-ext/basic-security/authentication/db/{authenticatorName}/config)`
Review comment:
I understand the concern for introducing additional complexity, and I’m open
to removing this feature if that’s what everyone here seems to agree on. But to
provide some perspective we have pretty large, and growing, cluster. We have
about 70 historical nodes and with the number of segments we have on each
historical node, our experience with restarting our historical cluster alone
one node at a time is that it takes about 2 business days. Each of our
historical node reads from SSD at max throughput of 2GB/s for about 2TB, so it
takes about 16 minutes per node, at least, to restart that we spread over 2
business days. I agree this feature adds additional complexity but unless
there’s a faster way of doing rolling updates, wouldn’t it make sense to be
able to address any security related compromises within a cluster of
significant size quickly that doesn’t involve rolling restarts?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@druid.apache.org
For additional commands, e-mail: commits-h...@druid.apache.org
