Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add close stale connections and strict cluster member check flags to ClusterClientOptions #109

Closed
mp911de opened this issue Jul 31, 2015 · 1 comment
Labels
type: feature A new feature
Milestone

Comments

@mp911de
Copy link
Collaborator

mp911de commented Jul 31, 2015

Add two flags to ClusterClientOptions:

  • closeStaleConnections: Close stale connections when refreshing the cluster topology
    Motivation: Connections to nodes, which do not belong to the cluster (anymore) are closed as soon as the cluster topology changes. If one node is no longer part of the cluster, the connections to the node can be closed. One might want to prevent that behavior because one might want still to communicate with the other nodes that come into play when using validateClusterNodeMembership = false
  • validateClusterNodeMembership: Validate the cluster node membership before allowing connections to that node
    Motivation: The current implementation performs redirects using MOVED and ASK and allows obtaining connections to the particular cluster nodes. The validation was introduced during the development of version 3.3 to prevent security breaches and only allow connections to the known hosts of the CLUSTER NODES output. There are some scenarios, where the strict validation is an obstruction:
    • MOVED/ASK redirection but the cluster topology view is stale
    • Connecting to cluster nodes using different IP's/hostnames (e.g. private/public IP's)
    • Connecting to non-cluster members to reconfigure those while using the RedisClusterClient connection.
@mp911de mp911de added the type: feature A new feature label Jul 31, 2015
@mp911de mp911de added this to the Lettuce 3.3 milestone Jul 31, 2015
mp911de added a commit that referenced this issue Jul 31, 2015
…ClusterClientOptions #109

Add two flags to ClusterClientOptions:

closeStaleConnections: Close stale connections when refreshing the cluster topology
Motivation: Connections to nodes, which do not belong to the cluster (anymore) are closed as soon as the cluster topology changes. If one node is no longer part of the cluster, the connections to the node can be closed. One might want to prevent that behavior because one might want still to communicate with the other nodes that come into play when using validateClusterNodeMembership = false
validateClusterNodeMembership: Validate the cluster node membership before allowing connections to that node Motivation: The current implementation performs redirects using MOVED and ASK and allows obtaining connections to the particular cluster nodes. The validation was introduced during the development of version 3.3 to prevent security breaches and only allow connections to the known hosts of the CLUSTER NODES output. There are some scenarios, where the strict validation is an obstruction:
MOVED/ASK redirection but the cluster topology view is stale
Connecting to cluster nodes using different IP's/hostnames (e.g. private/public IP's)
Connecting to non-cluster members to reconfigure those while using the RedisClusterClient connection.
mp911de added a commit that referenced this issue Jul 31, 2015
@mp911de
Copy link
Collaborator Author

mp911de commented Jul 31, 2015

Implemented.

@mp911de mp911de closed this as completed Jul 31, 2015
mp911de added a commit that referenced this issue Aug 2, 2015
…ClusterClientOptions #109

Add two flags to ClusterClientOptions:

closeStaleConnections: Close stale connections when refreshing the cluster topology
Motivation: Connections to nodes, which do not belong to the cluster (anymore) are closed as soon as the cluster topology changes. If one node is no longer part of the cluster, the connections to the node can be closed. One might want to prevent that behavior because one might want still to communicate with the other nodes that come into play when using validateClusterNodeMembership = false
validateClusterNodeMembership: Validate the cluster node membership before allowing connections to that node Motivation: The current implementation performs redirects using MOVED and ASK and allows obtaining connections to the particular cluster nodes. The validation was introduced during the development of version 3.3 to prevent security breaches and only allow connections to the known hosts of the CLUSTER NODES output. There are some scenarios, where the strict validation is an obstruction:
MOVED/ASK redirection but the cluster topology view is stale
Connecting to cluster nodes using different IP's/hostnames (e.g. private/public IP's)
Connecting to non-cluster members to reconfigure those while using the RedisClusterClient connection.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type: feature A new feature
Projects
None yet
Development

No branches or pull requests

1 participant