mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-11-14 03:25:15 +00:00
0159c74f21
Add inter-server cluster secret, it is used for Distributed queries inside cluster, you can configure in the configuration file: <remote_servers> <logs> <shard> <secret>foobar</secret> <!-- empty -- works as before --> ... </shard> </logs> </remote_servers> And this will allow clickhouse to make sure that the query was not faked, and was issued from the node that knows the secret. And since trust appeared it can use initial_user for query execution, this will apply correct *_for_user (since with inter-server secret enabled, the query will be executed from the same user on the shards as on initator, unlike "default" user w/o it). v2: Change user to the initial_user for Distributed queries if secret match v3: Add Protocol::Cluster package v4: Drop Protocol::Cluster and use plain Protocol::Hello + user marker v5: Do not use user from Hello for cluster-secure (superfluous)
42 lines
863 B
XML
42 lines
863 B
XML
<?xml version="1.0"?>
|
|
<yandex>
|
|
<profiles>
|
|
<default>
|
|
</default>
|
|
</profiles>
|
|
|
|
<users>
|
|
<default>
|
|
<password></password>
|
|
<networks>
|
|
<ip>::/0</ip>
|
|
</networks>
|
|
<profile>default</profile>
|
|
<quota>default</quota>
|
|
</default>
|
|
|
|
<nopass>
|
|
<password></password>
|
|
<networks>
|
|
<ip>::/0</ip>
|
|
</networks>
|
|
<profile>default</profile>
|
|
<quota>default</quota>
|
|
</nopass>
|
|
|
|
<pass>
|
|
<password>foo</password>
|
|
<networks>
|
|
<ip>::/0</ip>
|
|
</networks>
|
|
<profile>default</profile>
|
|
<quota>default</quota>
|
|
</pass>
|
|
</users>
|
|
|
|
<quotas>
|
|
<default>
|
|
</default>
|
|
</quotas>
|
|
</yandex>
|