[SERVER-6953] Allow switching from unauthenticated to authenticated setup (and vice versa) without downtime. Created: 06/Sep/12 Updated: 15/Feb/13 Resolved: 11/Feb/13 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Spencer Brody (Inactive) | Assignee: | Unassigned |
| Resolution: | Duplicate | Votes: | 3 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Participants: | |||||||||
| Description |
|
Since it's currently not possible to run in a mixed deployment with some replica set members having auth and some not, to enable auth for a set for the first time requires taking some downtime. We could get around this by having a compatibility mode that authenticates all outgoing connections using the keyfile, but doesn't enforce any authentication rules on incoming requests. Then you could have a no-downtime switch by doing two rolling restarts of the set - one to provide the keyfile but start in compatibility mode, and another to remove compatibility mode and go into full authenticated mode proper. |
| Comments |
| Comment by Eric Milkie [ 11/Feb/13 ] |