When the various nodes are in the same datacenter.... connectivity is a no-brainer. Can anyone comment on their experiences over a WAN connection? I'm curious about the security and privacy issues? Or is the simple answer IPSEC/VPN?
to restrict the range to 4000 to 4005 for example.
The range size depends of the size of your cluster (how many servers run riak).
I think that, you also have to open the port defined by the riak_handoff_port paramater in your configuration file.
Concerning security, erlang cluster securiy is mainly based on the shared secret : the cookie, that you define in your riak configuration file.
There is no other authentication system, and communications between nodes are not encrypted.
In WAN environment, I think that the real problem (as always) is the latency introduced by the network. I have no experience with riak in this context.
I starts to read the code, some timeouts seems to be hard coded, but it's nothing to change ;p
let me know if i'm wrong.
>When the various nodes are in the same datacenter.... connectivity is a
>no-brainer. Can anyone comment on their experiences over a WAN connection?
>I'm curious about the security and privacy issues? Or is the simple answer
>riak-users mailing list
>[hidden email] >http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com >
> If I am right, the riak network layer is based on the erlang clustering system.
You are right, though not all communication between nodes is in Erlang
messaging (some is raw TCP and/or protobuffs) almost all of the
typical-behavior networking is in standard distributed Erlang.
The rest of your comments about both network setup and security are
spot-on as well.
> In WAN environment, I think that the real problem (as always) is the latency introduced by the network. I have no experience with riak in this context.
Completely correct, and we do not recommend running a single Riak
cluster across general purpose long-haul internet links. The internal
protocols and models that Riak is built on for intra-cluster
communication are not intended for such highly-variable latency as
occurs in that situation. Generally a single Riak cluster should be
composed of nodes with relatively local network connectivity between
Our Enterprise product has long-haul cluster-to-cluster
multidirectional replication using entirely different communication
models for inter-cluster communication. Just as failure conditions
are different across the internet than within the datacenter, so must
be our ways of dealing with them.