[jira] [Commented] (FLINK-3931) Implement Transport Encryption (SSL/TLS)

Thu, 06 Oct 2016 09:54:04 -0700 

    [ 
https://issues.apache.org/jira/browse/FLINK-3931?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15552472#comment-15552472
 ] 

ASF GitHub Bot commented on FLINK-3931:
---------------------------------------

Github user mxm commented on a diff in the pull request:

    https://github.com/apache/flink/pull/2518#discussion_r82211062
  
    --- Diff: docs/setup/config.md ---
    @@ -181,6 +183,7 @@ The following parameters configure Flink's JobManager 
and TaskManagers.
     - `taskmanager.hostname`: The hostname of the network interface that the 
TaskManager binds to. By default, the TaskManager searches for network 
interfaces that can connect to the JobManager and other TaskManagers. This 
option can be used to define a hostname if that strategy fails for some reason. 
Because different TaskManagers need different values for this option, it 
usually is specified in an additional non-shared TaskManager-specific config 
file.
     - `taskmanager.rpc.port`: The task manager's IPC port (DEFAULT: **0**, 
which lets the OS choose a free port).
     - `taskmanager.data.port`: The task manager's port used for data exchange 
operations (DEFAULT: **0**, which lets the OS choose a free port).
    +- `taskmanager.data.ssl.enabled`: Enable SSL support for the taskmanager 
data transport. This is applicable only when the global ssl flag 
security.ssl.enabled is set to true (DEFAULT: **true**)
    --- End diff --
    
    Do we really need a switch for this? If we have `security.ssl.enabled` set 
to `true`, then this should always be enabled.


> Implement Transport Encryption (SSL/TLS)
> ----------------------------------------
>
>                 Key: FLINK-3931
>                 URL: https://issues.apache.org/jira/browse/FLINK-3931
>             Project: Flink
>          Issue Type: New Feature
>            Reporter: Eron Wright 
>            Assignee: Suresh Krishnappa
>              Labels: security
>   Original Estimate: 1,008h
>  Remaining Estimate: 1,008h
>
> _This issue is part of a series of improvements detailed in the [Secure Data 
> Access|https://docs.google.com/document/d/1-GQB6uVOyoaXGwtqwqLV8BHDxWiMO2WnVzBoJ8oPaAs/edit?usp=sharing]
>  design doc._
> To assure privacy and data integrity between Flink components, enable TLS for 
> all communication channels.  As described in the design doc:
> - Accept a configured certificate or generate a certificate.
> - Enable Akka SSL
> - Implement Data Transfer SSL
> - Implement Blob Server SSL
> - Implement Web UI HTTPS



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to