impl single SG index - Githubissues

jcantrill commented 6 years ago

This PR modifies ACL generation:

utilizes a single SG index
attempts to reconcile based on version conflicts
removes all plugin caching
expires generated acls based on some expire period

This is the 5.x release of #123

fusesource-ci commented 6 years ago

Tests failed.

jcantrill commented 6 years ago

cc @t0ffel

jcantrill commented 6 years ago

cc @portante

fusesource-ci commented 6 years ago

Tests failed.

jcantrill commented 6 years ago

In response to @richm

Can you explain the strategy to ensure only 1 shared searchguard index per cluster? 
How do you ensure that updates to the index are atomic?

The algorithm is based upon the recommendations of Elastic and uses optimistic concurrency and document versioning. We load, grab version, and attempt to update which will merge our changes into the existing document and then bump the version. If this fails, it backs off, reloads, and tries again. Additionally, every X seconds we expire entries which is a full document replace since 'update' is only additive; ES makes no effort to remove sections.

Basically, each node will make a single change and continue to try to submit that changes until it is accepted. @portante and I determined removing any notion of caching was acceptable given this is only handing requests with bearer tokens which should be minimal. Conceptually there probably is a case to be made for some sort of DOS if servicing requests if their are high rates using bearer tokens.