smengcl commented on PR #10483: URL: https://github.com/apache/ozone/pull/10483#issuecomment-4776635064
> * **Q-secure** — confirm secure mode is the supported production posture Yes. > (and whether the S3 Gateway ever supports intended anonymous access). When security is enabled, no, anonymous access will be rejected. (At least there is no plan for that right now, see https://issues.apache.org/jira/browse/HDDS-7961) > * **Q-ratis** — the Ratis honest-majority safety bound you stand behind, and whether there's an **independent block/container integrity check** so a single Byzantine datanode can't serve corrupted data undetected. Ratis gives standard Raft safety under an honest majority, e.g. 2 of 3 replicas for RATIS-3. It is not Byzantine fault tolerant. Ozone has checksum verification for normal reads and replica/container checks, so ordinary single-replica corruption is detected. But I would not claim a full guarantee against a Byzantine datanode that can forge both data and metadata on the path it serves -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
