2016-11-10 Meeting Notes

Attendees:

• Charan Reddy Guttapalem

• Enrico Olivelli
• Rithin Shetty
• Sijie Guo
  
• JV Jujjuri
• Yiming Zang

Discuss

BP-3 - Security support

NOTES

• • ACL

    • Leverage zookeeper metadata for ACL manage

    • It might be worth thinking of a common ACL for bookkeeper (both data and metadata) and map the bookkeeper ACL back to zookeeper ACL for the metadata part. (Sijie Guo)

  • SASL - Bookie & Auditor? Can we share the entry?

    • Rakesh Radhakrishnan recommeded having a separated entry for Auditor.

  • Authentication

    • Leverage the authentication framework in 4.4.0

    • However it is using a shaded protobuf for the public interface. There is a pull request to change it.

  • Rolling upgrade

  • Discussed the rolling restart sequence.

  • How to handle eertification expiry??

  • Background check the certification periodically

  • Rolling upgrade with certification

  • StartTLS

    • Plain communication

    • StartTLS

    • Enrico send points

    • Leverage Ivan Kelly's patch and Salesforce's patch

  • JV shares the work that Salesforce did in TLS/SSL part.

  • share the same connection