Connecting cluster with different cookies

Raimo Niskanen raimo+erlang-questions@REDACTED
Tue Aug 10 11:36:02 CEST 2021

On Tue, Aug 10, 2021 at 10:04:21AM +0100, Roger Lipscombe wrote:
> On Mon, 9 Aug 2021 at 17:21, Raimo Niskanen
> <raimo+erlang-questions@REDACTED> wrote:
> > So, what says the Community?  How important feature is it
> > to be able to connect nodes with different cookies?
> Consider another use-case that might inform a wider view: if I've got
> a cluster running with a fixed cookie, and I want to rotate that
> cookie (maybe in place, maybe as I bring new nodes into the cluster
> and retire old ones), how do I do that?

Interesting idea.  But using the current cookie concept for this;
wouldn't that be to put too much faith in the cookies...?

It sounds a bit like handling TLS certificates and revocations for
a cluster.  I here there are very complicated procedures for that.

> Could the way that Erlang uses cookies be simplified (yet generalised)
> to handle both use cases? Is there a larger story hiding under all
> this?

I wrote an alternative distribution protocol for a benchmark test suite,
that uses the one cookie as the encryption and authentication key for
a cluster.  The purpose was to have some kind of barebone encryption
to compare the TLS distribution protocol with.

To use a homebrewn encryption system in production is a known way
to future catastrophic failure, but, ... in such a system it would
make sense to have the possibility to change the cluster cookie
while in a live cluster.


/ Raimo Niskanen, Erlang/OTP, Ericsson AB

More information about the erlang-questions mailing list