Re: Re : Recommended procedure for enabling SSL on a live production cluster

Wed, 20 Jul 2016 08:03:47 -0700 

hi ;
         if possible could someone shed some light on this. I followed a
post from the lastpickle which was very informative, but we had some
concerns when it came to enabling SSL on a live production cluster.

http://thelastpickle.com/blog/2015/09/30/hardening-cassandra-step-by-step-part-1-server-to-server.html

1 : We generally remove application traffic from a DC which has ongoing
changes, just not to affect end customers if things go south during the
update.

2 : So once DC-A has been restarted after enabling SSL, this would be
missing writes during that period, as the DC-A would be shown as down by
the other DC's. We will not be able to put back application traffic on DC-A
until we run inter-dc repairs, which will happen only  when SSL has been
enabled on all DC's.

3 : Repeating the procedure for every DC will lead to some missed writes
across all DC's.

4 : We could do the rolling restart of a DC-A with application traffic on,
but we are concerned if for any infrastructure related reason we have an
issue, we will have to serve traffic from another DC-B, which might be
missing on writes to the DC-A during that period.

We have 4 DC's which 50 nodes each.


thanks
Sai

---------- Forwarded message ----------
From: sai krishnam raju potturi <pskraj...@gmail.com>
Date: Mon, Jul 18, 2016 at 11:06 AM
Subject: Re : Recommended procedure for enabling SSL on a live production
cluster
To: user@cassandra.apache.org


Hi;
  We have a Cassandra cluster ( version 2.0.14 ) spanning across 4
datacenters with 50 nodes each. We are planning to enable SSL between the
datacenters. We are following the standard procedure for enabling SSL (
http://thelastpickle.com/blog/2015/09/30/hardening-cassandra-step-by-step-part-1-server-to-server.html)
. We were planning to enable SSL for each datacenter at a time.

        During the rolling restart, it's expected that the nodes in the
datacenter that had the service restarted, will show as down by the nodes
in other datacenters that have not restarted the service. This would lead
to missed writes among various nodes during this procedure.

What would be the recommended procedure for enabling SSL on a live
production cluster without the chaos.

thanks
Sai

Reply via email to