[
https://issues.apache.org/jira/browse/IGNITE-19077?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mikhail Pochatkin updated IGNITE-19077:
---------------------------------------
Summary: Apply cutom cluster config on cluster init (was: Investigation:
Apply cutom cluster config on cluster init)
> Apply cutom cluster config on cluster init
> ------------------------------------------
>
> Key: IGNITE-19077
> URL: https://issues.apache.org/jira/browse/IGNITE-19077
> Project: Ignite
> Issue Type: Task
> Components: rest
> Reporter: Aleksandr
> Priority: Major
> Labels: ignite-3
>
> After IGNITE-18576 its possible to provide Authentication cluster
> configuration on cluster init.
> Looking at ClusterManagementGroupManager#onElectedAsLeader we can see that
> REST authentication configuration is applied to the distributed configuration
> on leader election. This happens because there is no any other way to put any
> values to the cluster configuration on init.
> -This leads to the following situation:-
> - -cluster init in progress, some REST endpoints are blocked
> (cluster/configuration for example)-
> - -cluster initialized, REST is available without auth *anybody can use the
> REST*-
> - -authentication configuration is applied to the distributed configuration
> and REST is secured-
> After IGNITE-18943 this is not possible because configuration REST endpoints
> are disabled until cluter initialization will successfuly finished.
> It is proposed to extend this approach to whole cluster configration. Instead
> of cluster authentication configuration init endpoint should accept whole
> cluster configuration in HOCON format and apply it as it currently.
> CLI should have option to provide HOCON file. This file should be readed and
> provided tgo init REST endpoint.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
