Skip to content

[BACKPORT] Consistent Secure Settings (#40416) #43786

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 29, 2019
Merged

[BACKPORT] Consistent Secure Settings (#40416) #43786

merged 3 commits into from
Jun 29, 2019

Conversation

@albertzaharovits
Copy link
Contributor

@albertzaharovits albertzaharovits commented Jun 29, 2019

Backport of #40416

Introduces a new ConsistentSecureSettingsValidatorService service that exposes
a single public method, namely allSecureSettingsConsistent. The method returns
true if the local node's secure settings (inside the keystore) are equal to the
master's, and false otherwise. Technically, the local node has to have exactly
the same secure settings - setting names should not be missing or in surplus -
for all SecureSetting instances that are flagged with the newly introduced
Property.Consistent. It is worth highlighting that the allSecureSettingsConsistent
is not a consensus view across the cluster, but rather the local node's perspective
in relation to the master.

@albertzaharovits
Consistent Secure Settings (elastic#40416)
7523434 
Introduces a new `ConsistentSecureSettingsValidatorService` service that exposes
a single public method, namely `allSecureSettingsConsistent`. The method returns
`true` if the local node's secure settings (inside the keystore) are equal to the
master's, and `false` otherwise. Technically, the local node has to have exactly
the same secure settings - setting names should not be missing or in surplus
- for all `SecureSetting` instances that are flagged with the newly introduced
`Property.Consistent`. It is worth highlighting that the `allSecureSettingsConsistent`
is not a consensus view across the cluster, but rather the local node's perspective
in relation to the master.
@albertzaharovits albertzaharovits self-assigned this Jun 29, 2019
@elasticmachine
Copy link
Collaborator

elasticmachine commented Jun 29, 2019

Pinging @elastic/es-core-infra

@albertzaharovits
Copy link
Contributor Author

albertzaharovits commented Jun 29, 2019

@elasticmachine run elasticsearch-ci/packaging-sample

@albertzaharovits albertzaharovits merged commit 5e17bc5 into elastic:7.x Jun 29, 2019
@albertzaharovits albertzaharovits deleted the 7x_consistent_settings branch June 29, 2019 20:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@albertzaharovits albertzaharovits

Labels

backport :Core/Infra/Settings Settings infrastructure and APIs >feature v7.3.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@albertzaharovits @elasticmachine