Make Kafka topics only visible to the specific host #206
Labels
No labels
architecture
authentication
backend
bug
ci/cd
cleanup
documentation
duplicate
enhancement
good first issue
help wanted
in progress
invalid
media
mobile
new feature
packaging
question
ui
voice
waiting user input
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference: platypush/platypush#206
Loading…
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Created by: BlackLight
As of know all the nodes connected to a Kafka backend listen to whichever message arrives on the topics specified in config.yaml, and discard the message if the target hostname doesn't match theirs.
This is bad in terms of performance (messages are broadcast to all the nodes when only one actually needs to execute) and in terms of security (all the nodes can see all the messages).
Change the Kafka backend implementation so that each node only listens to the messages delivered on the
<config_topic>.hostname
topic.Later on we'll implement:
A token-based (or async-key-based) auth mechanism so that only authenticated messages will actually be executed on the node;
A wildcard or multi-node message delivery system so that messages can be delivered to multiple nodes, groups of nodes or all the nodes.