Re: community feedback on removing non-encrypted support from consul-release

Zach Robinson <zrobinson@...>

I love the idea of secure by default, with simple tooling provided to
enable development workflows. If things work well on this release it's
probably a good idea to start using a similar pattern throughout.


On Fri, Feb 5, 2016 at 4:04 PM, Amit Gupta <agupta(a)> wrote:

Hey all!

The BOSH release of consul maintained by the core CF team [1] currently
supports both encrypted and unencrypted modes of operation. "encrypted"
means that all server-to-server and client-to-server is encrypted and
mutually authenticated via TLS, and all gossip traffic is encrypted using
an encryption key. "unencrypted" means none of the above.

We'd like to remove support for the non-encrypted mode of operation. All
production environments should be operating in encrypted mode, and all
production environments we know of do indeed. This should not affect the
developer workflow, as the BOSH-Lite tooling for the primary consumers of
consul-release (namely cf-release and diego-release) have built-in
self-signed certs.

We will continue to provide documentation and tooling to make it easy to
generate the right certs/keys for operating consul-release in encrypted

Does anyone have concerns about this proposal?

Amit, CF Infrastructure team PM

Join to automatically receive all group messages.