Configuring encryption for cluster nodes

via the fs-server.conf file

(for cluster nodes only)
In the case of cluster nodes, the encryption parameters can either be configured centrally using the fs-server.conf file (of the master) or the fs-wrapper.slave.conf file (see below).

Specific cluster nodes can be individually configured by adding the prefix

cluster.<NODE>.<PROPERTY>

e.g.

cluster.slave1.firstspirit.password=uNuegFThpxtvD23C
cluster.slave2.firstspirit.password=KhPXSNBuoJzhWZ1M

Allcluster nodes can be universally configured by adding the prefix

cluster.<PROPERTY>

e.g.

cluster.firstspirit.password=uNuegFThpxtvD23C

Example of how to configure the encryption parameters in fs-server.conf:

fs.ssl.protocols=TLSv1.2
fs.ssl.cipherSuites=DEFAULT
fs.ssl.needClientAuth=true
fs.ssl.keyStore=/home/server_cert.jks
fs.ssl.keyStorePassword=q1w2e3r4t
 
#cluster configuration for all cluster nodes
cluster.firstspirit.password=<globalPW>
cluster.firstspirit.encryption=1
cluster.fs.ssl.cipherSuites=DEFAULT
cluster.fs.ssl.keyStore=/home/user/selfsigned.jks
cluster.fs.ssl.keyStorePassword=OBF:changeit123
 
#cluster configuration for individual nodes e.g.:
cluster.slave1.firstspirit.password=1234
cluster.slave2.firstspirit.password=5678

via the fs-wrapper.slave.conf file

(for cluster nodes only)
In the case of cluster nodes, the encryption parameters can also be configured using Java properties in the fs‑wrapper.slave.conf file, e.g.

wrapper.java.additional.5=-Dfirstspirit.encryption=1.

Evaluation order

The following evaluation order applies here (from highest priority to lowest priority):

1. Configuration of the parameter using the cluster.<NODE> prefix (individual configuration for a cluster node) and the fs-server.conf file
2. Configuration of the parameter using the cluster prefix (universal configuration for all cluster nodes) and the fs-server.conf file
3. Configuration of the parameter using -D properties in the fs-wrapper.slave.conf file