Hello, is there any consensus on how to secure client/cluster communications???
I'm running an 8 node cluster across EC2 regions. I'm running inter-node encryption and I want to encrypt the traffic from the clients as well. My options seem to be: Have the client connect to only one node and encrypt that one connection with OpenVPN/stunnel (or something similar). Or, set up an encrypted tunnel from the client to each node. Is there a client library that could take care of this for me?? Setting up tunnels to each node is a major pain, but pointing the client to only one node is going to kill my performance. I'm running 4 nodes in each EC2 region with one client in each. Maybe I could connect the client only to the local nodes, which should simplify things a bit, but I was wondering if anyone had any experience with this or could suggest something that might be better. Please let me know. Thanks. CM
