Authentication

[Stu Hood <st...@rackspace.com>]

Hello out there,

If you are running Cassandra 0.6.*, and are using Cassandra's authentication (IAuthenticator/SimpleAuthenticator), I'd love to hear about it!

Thanks,

Stu Hood
@stuhood
Architecture Software Developer
Rackspace Hosting

Re: Authentication

[Jonathan Ellis <jb...@gmail.com>]

Sounds good to me.

On Wed, Jul 14, 2010 at 12:25 AM, Mike Malone <mi...@simplegeo.com> wrote:
> Yep, as Ben said, we're not asking for anyone to write this for us.
> We've been playing with some ideas around encryption between EC2
> data-centers/regions (intra-region is already secure enough for us -- it's
> all switches / dedicate lines) and the easiest solution seems to be to wrap
> the inter-Cassandra-node RPC protocol with SSL and simply deploy SSL certs
> along with the clients via some out-of-band mechanism (in our case, probably
> Puppet).
> Honestly, I think this should be a pretty trivial patch. It's just a matter
> of (optionally) wrapping the sockets for RPC connections with SSL. I'm
> guessing there are facilities that make this pretty easy in Java that we can
> leverage. We're mostly interested in getting feedback and buy-in from the
> rest of the community before writing the code. If anyone has any better
> ideas in terms of pay-off / lines of code we're _definitely_ all ears. But
> for our use cases this seems like a big win.
> Mike
> On Tue, Jul 13, 2010 at 10:14 PM, Ben Standefer <be...@simplegeo.com> wrote:
>>
>> Yes, possibly.  We haven't written it yet, and I was putting some feelers
>> out there to see if there's any interest or buy-in from committers if we did
>> contribute it.
>> -Ben
>>
>> On Tue, Jul 13, 2010 at 3:23 PM, Jonathan Ellis <jb...@gmail.com> wrote:
>>>
>>> Are you interested in contributing this?
>>>
>>> On Tue, Jul 13, 2010 at 4:22 PM, Ben Standefer <be...@simplegeo.com> wrote:
>>> > Many apps would find it realistic or feasible to failover database
>>> > connections across the country (going from <1ms latency to ~90ms
>>> > latency).
>>> >  The scheme of failing over client database connections across the
>>> > country
>>> > is probably the minority case.  SSL between Cassandra nodes, even
>>> > without
>>> > encryption in the clients connecting to a Cassandra node, would still
>>> > be
>>> > very useful if you want to mirror infrastructure in different parts of
>>> > the
>>> > world to provide users with localized low-latency access.
>>
>
>



-- 
Jonathan Ellis
Project Chair, Apache Cassandra
co-founder of Riptano, the source for professional Cassandra support
http://riptano.com

Re: Authentication

[Mike Malone <mi...@simplegeo.com>]

Yep, as Ben said, we're not asking for anyone to write this for us.

We've been playing with some ideas around encryption between EC2
data-centers/regions (intra-region is already secure enough for us -- it's
all switches / dedicate lines) and the easiest solution seems to be to wrap
the inter-Cassandra-node RPC protocol with SSL and simply deploy SSL certs
along with the clients via some out-of-band mechanism (in our case, probably
Puppet).

Honestly, I think this should be a pretty trivial patch. It's just a matter
of (optionally) wrapping the sockets for RPC connections with SSL. I'm
guessing there are facilities that make this pretty easy in Java that we can
leverage. We're mostly interested in getting feedback and buy-in from the
rest of the community before writing the code. If anyone has any better
ideas in terms of pay-off / lines of code we're _definitely_ all ears. But
for our use cases this seems like a big win.

Mike

On Tue, Jul 13, 2010 at 10:14 PM, Ben Standefer <be...@simplegeo.com> wrote:

> Yes, possibly.  We haven't written it yet, and I was putting some feelers
> out there to see if there's any interest or buy-in from committers if we did
> contribute it.
>
> -Ben
>
>
> On Tue, Jul 13, 2010 at 3:23 PM, Jonathan Ellis <jb...@gmail.com> wrote:
>
>> Are you interested in contributing this?
>>
>> On Tue, Jul 13, 2010 at 4:22 PM, Ben Standefer <be...@simplegeo.com> wrote:
>> > Many apps would find it realistic or feasible to failover database
>> > connections across the country (going from <1ms latency to ~90ms
>> latency).
>> >  The scheme of failing over client database connections across the
>> country
>> > is probably the minority case.  SSL between Cassandra nodes, even
>> without
>> > encryption in the clients connecting to a Cassandra node, would still be
>> > very useful if you want to mirror infrastructure in different parts of
>> the
>> > world to provide users with localized low-latency access.
>>
>
>

Re: Authentication

[Ben Standefer <be...@simplegeo.com>]

Yes, possibly.  We haven't written it yet, and I was putting some feelers
out there to see if there's any interest or buy-in from committers if we did
contribute it.

-Ben


On Tue, Jul 13, 2010 at 3:23 PM, Jonathan Ellis <jb...@gmail.com> wrote:

> Are you interested in contributing this?
>
> On Tue, Jul 13, 2010 at 4:22 PM, Ben Standefer <be...@simplegeo.com> wrote:
> > Many apps would find it realistic or feasible to failover database
> > connections across the country (going from <1ms latency to ~90ms
> latency).
> >  The scheme of failing over client database connections across the
> country
> > is probably the minority case.  SSL between Cassandra nodes, even without
> > encryption in the clients connecting to a Cassandra node, would still be
> > very useful if you want to mirror infrastructure in different parts of
> the
> > world to provide users with localized low-latency access.
>

Re: Authentication

[Jonathan Ellis <jb...@gmail.com>]

Are you interested in contributing this?

On Tue, Jul 13, 2010 at 4:22 PM, Ben Standefer <be...@simplegeo.com> wrote:
> Many apps would find it realistic or feasible to failover database
> connections across the country (going from <1ms latency to ~90ms latency).
>  The scheme of failing over client database connections across the country
> is probably the minority case.  SSL between Cassandra nodes, even without
> encryption in the clients connecting to a Cassandra node, would still be
> very useful if you want to mirror infrastructure in different parts of the
> world to provide users with localized low-latency access.

Re: Authentication

[Ben Standefer <be...@simplegeo.com>]

Err, find it *unrealistic*

-Ben


On Tue, Jul 13, 2010 at 2:22 PM, Ben Standefer <be...@simplegeo.com> wrote:

> Many apps would find it realistic or feasible to failover database
> connections across the country (going from <1ms latency to ~90ms latency).
>  The scheme of failing over client database connections across the country
> is probably the minority case.  SSL between Cassandra nodes, even without
> encryption in the clients connecting to a Cassandra node, would still be
> very useful if you want to mirror infrastructure in different parts of the
> world to provide users with localized low-latency access.  Failover for end
> users would happen at the data center level with DNS-based load balancing (
> http://dyn.com/dynect-traffic-management).  If a client could not connect
> to a node in it's data center, it is probably indicative of the whole data
> center having issues.  We're fine with client connections to Cassandra not
> being encrypted, because our Cassandra clients are located in the same data
> centers as the nodes being queried.  It would be very valuable for internal
> Cassandra communication across the country to be encrypted.
>
> VPN solutions and their failure scenarios do not scale horizontally with
> Cassandra.  Cassandra's eventually consistent design affords it powerful
> worldwide replication use cases, and having to setup a VPN overlay network
> just to get the data transmitted securely within Cassandra seems silly when
> the nodes could handle SSL on an end-to-end basis.
>
> -Ben
>
>
> On Tue, Jul 13, 2010 at 1:28 PM, Jonathan Ellis <jb...@gmail.com> wrote:
>
>> It's been suggested, but it's not very useful w/o having encryption
>> for Thrift as well (in case a client has to fail over to the
>> cross-country Cassandra nodes).  So using a secure VPN makes the most
>> sense to me.
>>
>> On Tue, Jul 13, 2010 at 12:02 PM, Ben Standefer <be...@simplegeo.com>
>> wrote:
>> > Are there any plans or talks of adding SSL/encryption support between
>> > Cassandra nodes?  This would make setting up secure cross-country
>> Cassandra
>> > clusters much easier, without having to setup a secure overlay network.
>> >  MySQL supports this in it's replication.
>> >
>> > -Ben
>> >
>> >
>> > On Mon, Jul 12, 2010 at 11:23 PM, Michael Pearson <mj...@gmail.com>
>> > wrote:
>> >>
>> >> Hey Stu,
>> >>
>> >>  I've been using 0.6.3's SimpleAuthenticator without a hitch (just
>> >> had to figure out the daemon args
>> >> -Dpasswd.properties=conf/passwd.properties
>> >> -Daccess.properties=conf/access.properties) - why do you ask?
>> >>
>> >> -michael
>> >>
>> >> --
>> >> http://www.github.com/mjpearson
>> >> http://www.linkedin.com/in/mjpearson
>> >>
>> >>
>> >> On Mon, Jul 12, 2010 at 2:32 PM, Stu Hood <st...@rackspace.com>
>> wrote:
>> >> > Hello out there,
>> >> >
>> >> > If you are running Cassandra 0.6.*, and are using Cassandra's
>> >> > authentication (IAuthenticator/SimpleAuthenticator), I'd love to hear
>> about
>> >> > it!
>> >> >
>> >> > Thanks,
>> >> >
>> >> > Stu Hood
>> >> > @stuhood
>> >> > Architecture Software Developer
>> >> > Rackspace Hosting
>> >> >
>> >> >
>> >
>> >
>>
>>
>>
>> --
>> Jonathan Ellis
>> Project Chair, Apache Cassandra
>> co-founder of Riptano, the source for professional Cassandra support
>> http://riptano.com
>>
>
>

Re: Authentication

[Ben Standefer <be...@simplegeo.com>]

Many apps would find it realistic or feasible to failover database
connections across the country (going from <1ms latency to ~90ms latency).
 The scheme of failing over client database connections across the country
is probably the minority case.  SSL between Cassandra nodes, even without
encryption in the clients connecting to a Cassandra node, would still be
very useful if you want to mirror infrastructure in different parts of the
world to provide users with localized low-latency access.  Failover for end
users would happen at the data center level with DNS-based load balancing (
http://dyn.com/dynect-traffic-management).  If a client could not connect to
a node in it's data center, it is probably indicative of the whole data
center having issues.  We're fine with client connections to Cassandra not
being encrypted, because our Cassandra clients are located in the same data
centers as the nodes being queried.  It would be very valuable for internal
Cassandra communication across the country to be encrypted.

VPN solutions and their failure scenarios do not scale horizontally with
Cassandra.  Cassandra's eventually consistent design affords it powerful
worldwide replication use cases, and having to setup a VPN overlay network
just to get the data transmitted securely within Cassandra seems silly when
the nodes could handle SSL on an end-to-end basis.

-Ben


On Tue, Jul 13, 2010 at 1:28 PM, Jonathan Ellis <jb...@gmail.com> wrote:

> It's been suggested, but it's not very useful w/o having encryption
> for Thrift as well (in case a client has to fail over to the
> cross-country Cassandra nodes).  So using a secure VPN makes the most
> sense to me.
>
> On Tue, Jul 13, 2010 at 12:02 PM, Ben Standefer <be...@simplegeo.com> wrote:
> > Are there any plans or talks of adding SSL/encryption support between
> > Cassandra nodes?  This would make setting up secure cross-country
> Cassandra
> > clusters much easier, without having to setup a secure overlay network.
> >  MySQL supports this in it's replication.
> >
> > -Ben
> >
> >
> > On Mon, Jul 12, 2010 at 11:23 PM, Michael Pearson <mj...@gmail.com>
> > wrote:
> >>
> >> Hey Stu,
> >>
> >>  I've been using 0.6.3's SimpleAuthenticator without a hitch (just
> >> had to figure out the daemon args
> >> -Dpasswd.properties=conf/passwd.properties
> >> -Daccess.properties=conf/access.properties) - why do you ask?
> >>
> >> -michael
> >>
> >> --
> >> http://www.github.com/mjpearson
> >> http://www.linkedin.com/in/mjpearson
> >>
> >>
> >> On Mon, Jul 12, 2010 at 2:32 PM, Stu Hood <st...@rackspace.com>
> wrote:
> >> > Hello out there,
> >> >
> >> > If you are running Cassandra 0.6.*, and are using Cassandra's
> >> > authentication (IAuthenticator/SimpleAuthenticator), I'd love to hear
> about
> >> > it!
> >> >
> >> > Thanks,
> >> >
> >> > Stu Hood
> >> > @stuhood
> >> > Architecture Software Developer
> >> > Rackspace Hosting
> >> >
> >> >
> >
> >
>
>
>
> --
> Jonathan Ellis
> Project Chair, Apache Cassandra
> co-founder of Riptano, the source for professional Cassandra support
> http://riptano.com
>

Re: Authentication

[Jonathan Ellis <jb...@gmail.com>]

It's been suggested, but it's not very useful w/o having encryption
for Thrift as well (in case a client has to fail over to the
cross-country Cassandra nodes).  So using a secure VPN makes the most
sense to me.

On Tue, Jul 13, 2010 at 12:02 PM, Ben Standefer <be...@simplegeo.com> wrote:
> Are there any plans or talks of adding SSL/encryption support between
> Cassandra nodes?  This would make setting up secure cross-country Cassandra
> clusters much easier, without having to setup a secure overlay network.
>  MySQL supports this in it's replication.
>
> -Ben
>
>
> On Mon, Jul 12, 2010 at 11:23 PM, Michael Pearson <mj...@gmail.com>
> wrote:
>>
>> Hey Stu,
>>
>>  I've been using 0.6.3's SimpleAuthenticator without a hitch (just
>> had to figure out the daemon args
>> -Dpasswd.properties=conf/passwd.properties
>> -Daccess.properties=conf/access.properties) - why do you ask?
>>
>> -michael
>>
>> --
>> http://www.github.com/mjpearson
>> http://www.linkedin.com/in/mjpearson
>>
>>
>> On Mon, Jul 12, 2010 at 2:32 PM, Stu Hood <st...@rackspace.com> wrote:
>> > Hello out there,
>> >
>> > If you are running Cassandra 0.6.*, and are using Cassandra's
>> > authentication (IAuthenticator/SimpleAuthenticator), I'd love to hear about
>> > it!
>> >
>> > Thanks,
>> >
>> > Stu Hood
>> > @stuhood
>> > Architecture Software Developer
>> > Rackspace Hosting
>> >
>> >
>
>



-- 
Jonathan Ellis
Project Chair, Apache Cassandra
co-founder of Riptano, the source for professional Cassandra support
http://riptano.com

Re: Authentication

[Ben Standefer <be...@simplegeo.com>]

Are there any plans or talks of adding SSL/encryption support between
Cassandra nodes?  This would make setting up secure cross-country Cassandra
clusters much easier, without having to setup a secure overlay network.
 MySQL supports this in it's replication.

-Ben


On Mon, Jul 12, 2010 at 11:23 PM, Michael Pearson <mj...@gmail.com>wrote:

> Hey Stu,
>
>  I've been using 0.6.3's SimpleAuthenticator without a hitch (just
> had to figure out the daemon args
> -Dpasswd.properties=conf/passwd.properties
> -Daccess.properties=conf/access.properties) - why do you ask?
>
> -michael
>
> --
> http://www.github.com/mjpearson
> http://www.linkedin.com/in/mjpearson
>
>
> On Mon, Jul 12, 2010 at 2:32 PM, Stu Hood <st...@rackspace.com> wrote:
> > Hello out there,
> >
> > If you are running Cassandra 0.6.*, and are using Cassandra's
> authentication (IAuthenticator/SimpleAuthenticator), I'd love to hear about
> it!
> >
> > Thanks,
> >
> > Stu Hood
> > @stuhood
> > Architecture Software Developer
> > Rackspace Hosting
> >
> >
>

Re: Authentication

[Michael Pearson <mj...@gmail.com>]

Hey Stu,

  I've been using 0.6.3's SimpleAuthenticator without a hitch (just
had to figure out the daemon args
-Dpasswd.properties=conf/passwd.properties
-Daccess.properties=conf/access.properties) - why do you ask?

-michael

-- 
http://www.github.com/mjpearson
http://www.linkedin.com/in/mjpearson


On Mon, Jul 12, 2010 at 2:32 PM, Stu Hood <st...@rackspace.com> wrote:
> Hello out there,
>
> If you are running Cassandra 0.6.*, and are using Cassandra's authentication (IAuthenticator/SimpleAuthenticator), I'd love to hear about it!
>
> Thanks,
>
> Stu Hood
> @stuhood
> Architecture Software Developer
> Rackspace Hosting
>
>