Details
-
New Feature
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
None
Description
Maxctrl is currently written in JavaScript, to be run by node.js. The original reason for this was idea that not only is JavaScript very well suited for manipulating JSON, but the same library code could be used both by maxctrl and SkySQL/Monitor. It felt like a good idea at the time, but shared usage of the library code has not happened and will not happen.
The drawback of node.js is that it cannot be a assumed to be present on all platforms, which means that for deployment maxctrl is turned into a stand-alone executable. That is cumbersome and also causes the startup of maxctrl to be slow.
However, Python can be assumed to be available everywhere, so by rewriting maxctrl in Python, everything can be streamlined while simultaneously providing a better user experience to users.
Changes compared to existing MaxCtrl
- The use of the -p, --password option with a password given as an argument will be removed. This is inherently unsafe and any workarounds by obfuscating it will only give a false sense of security. The supported methods of providing credentials in the new versions will be to pass them via environment variables (which are safe), to write them into the configuration file or to pass them via the standard input.
Attachments
Issue Links
- blocks
-
MXS-5559 maxctrl does not obfuscate password in ps output
-
- Open
-
- includes
-
MXS-5504 Evaluate scope of rewriting maxctrl in C++
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
- is blocked by
-
-
- Closed
-
- relates to
-
-
- Open
-
-
-
- Closed
-