Access Control: Restrict allowed node member ips

  • Filter
  • Time
  • Show
Clear All
new posts

  • Access Control: Restrict allowed node member ips

    I set up PXC and everything is working as expected. However, I wondered whether there is some kind of access control to restrict incoming connections to the nodes defined under wsrep_cluster_address. That is, is there a way to have a whitelist of IPs (e.g., the wsrep_cluster_address ones) and prevent any other IPs from joining the cluster by directly dropping those connections?

    The idea behind this question is that I would like to reduce possible hacking attempts to the cluster in a WAN setup. Because if a hacker joins my cluster, then it would have all my data, right?

  • #2
    Well, I did not find any settings within PXC and used iptables in order to secure the cluster servers.