Password Change Procedure for Couchbase Bucket

I have both memcached and Couchbase on the server version 4 of Couchbase Community Edition. Our buckets have passwords (type "SASL auth"), and it is time to change these passwords. The usual procedure that we use for this kind of thing is ...

  • Create a new account on a shared resource.
  • relocate clients with the credentials of the new account.
  • once all clients use new credentials, delete / disable the original account.

However, with Couchbase, I see no way to create a new Bucket account. If I just change the password on the server, everything that uses this server (even material with high availability) will stop working until it is redistributed.

I really don't like to plan downtime for something like this. Is there any recommendation on the migration process that I missed?

+4
source share
1 answer

Unfortunately, there does not seem to be a “one bucket, two password” approach with slave SASL authenticators. You may be able to hack LDAP or PAM there , but that doesn't look like what you are using.

, , - 5 ( , ). 5 , .

+3

Source: https://habr.com/ru/post/1686251/


All Articles