In cassandra there is configuration option
internode_encryption: dc
That enforce encryption between different DCs only.
Is there such option in TiKV ?
Thanks
Thanks quite similar but no.
It is encryption between TiDB and client. I do not use TiDB. I use TiKV only.
(We had service that used RocksDB and we like modify it to use TiKV. TiKV API is quite similar to RocksDB)
I need encryption between TiKV and client.
Maybe this explains what you need?
1 Like
Thanks. I read that. It seems to turn encryption between any service. So services running in same rack would have to encrypt data.
Cassandra’s
internode_encryption: dc
enables encryption between datacenters only. nodes in same rack would would not encrypt data, data between racks would not be encrypted.
That config option can take following values in cassandra
- all - Encrypt all internode communications.
- none - No encryption.
- dc - Encrypt the traffic between the datacenters.
- rack - Encrypt the traffic between the racks.
Yes what TiDB offers is basically ‘all’ or ‘none’. However if you have two clusters in two DC’s, both with ‘none’ you could use TiCDC to replicate between them over a secure channel, but that’s outside of TiKV.
1 Like
It is answer I was looking. Thank You.