How to Secure Apache Ignite cluster?

Image credit https://pixabay.com/illustrations/hacker-hacking-cyber-security-hack-1944688/

Security Risks

If we are working on an Apache Ignite cluster which can dynamically be scaled depending on the load, which is the most common case, we cannot go with non-shared discovery configuration. In such a case, if cluster security is not in place, any unauthenticated node can join the cluster, become part of cluster topology and access the sensitive information. In a static cluster also, any unauthenticated Ignite Client can access the cluster data in the absence of cluster security. Thus, an Apache Ignite cluster in the production environment needs to be secured.

Ignite Security

Apache Ignite provides authentication capabilities but it can only be used when native persistence is enabled. It can be configured by using IgniteConfiguration.setAuthenticationEnabled(boolean).

Custom Security Plugin

Now, let’s see how we can define a custom security plugin for Apache Ignite.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Amar Gajbhiye

Amar Gajbhiye

Technology Enthusiast | Big Data Developer | Amateur Cricketer | Technical Lead Engineer @ eQ Technologic | https://www.bugdbug.com