facebook
Memcached server specification (TLS/SSL) documentation
I was unable to find any documentation on the wiki on the specification of downstream servers in the wiki, especially around SSL/TLS.
- https://github.com/facebook/mcrouter/wiki/SSL-Setup mentions how to set up for incoming connections (and is not linked to from https://github.com/facebook/mcrouter/wiki/Features#SSL-support
- https://github.com/facebook/mcrouter/wiki/Features#SSL-support only links to https://github.com/facebook/mcrouter/wiki/Command-line-options#ssl which enables incoming SSL connections
- All other memcached server specification examples (e.g. in https://github.com/facebook/mcrouter/blob/main/README.md or https://github.com/facebook/mcrouter/wiki/Sharded-pools-setup) just use the
host:portformat.
I had to do code spelunking to find https://github.com/facebook/mcrouter/blob/b8c1b6ca21d765dfd93e6c22ee82d1a91942c5ca/mcrouter/lib/network/AccessPoint.cpp#L168, which says that the extended format is <host>:<port>[:<protocol>[:<encryption>[:<compressed>]]]
It would be good to have that format (along with the options for each - who knew that encryption could be ssl, fizz, ktls, tls_to_plain? What does each mean?)
@rusty-udemy
SecurityMech class declared here: mcrouter/mcrouter/lib/network/SecurityOptions.h Line 19 in 4e08bf0
"plain" = SecurityMech::NONE "ssl" = SecurityMech::TLS "tls_to_plain" = SecurityMech::TLS_TO_PLAINTEXT "fizz" = SecurityMech::TLS13_FIZZ "ktls12" = SecurityMech::KTLS12
AccessPointTest.cpp file has an example of using extended parameters for the access point: mcrouter/mcrouter/lib/network/test/AccessPointTest.cpp Line 78 in 4e08bf0
