Details
-
Bug
-
Status: Awaiting Feedback
-
Low
-
Resolution: Unresolved
-
None
-
None
-
Low
Description
This issue is closely related to CASSANDRA-11381. In this case, when a node joining the ring fails to complete the bootstrapping process with a streaming failure it will still always call org.apache.cassandra.service.CassandraDaemon#start and begin listening for client connections. If no authentication is configured clients are able to connect to the node and query the cluster much like write survey mode. But if authentication is enabled then it will cause an NPE because org.apache.cassandra.service.StorageService#doAuthSetup is only called after successfully completing the bootstrapping process. With the changes made in CASSANDRA-11381 we could now simply call doAuthSetup earlier since we don't have to worry about calling it multiple times but reading some of the concerns related to third party authentication classes, and now that "Incremental Bootstrapping" as described in CASSANDRA-8494 and CASSANDRA-8943, don't appear to be nearing implementation any time soon I would probably prefer that bootstrapping nodes simply didn't start listening for clients following a failed bootstrapping attempt.
I've attached a quick and naive patch that demonstrates my desired behaviour. I ended up creating a new variable for this for clarity but I also had a bit of trouble finding already existing information that wasn't tied up in more complicated or transient processes that I could use to determine this particular state. I believe org.apache.cassandra.service.StorageService#isAuthSetupComplete would also work in this case so we could tie it to that instead. If someone has something simpler or knows the correct place I should be querying for this state from, I welcome all feedback.
This patch also doesn't really address enabling/disabling thrift/binary via nodetool once the node is running. I wasn't sure if we should disallow it completely or include a force flag.
Cheers
-Vince