如何防止/限制未经授权的节点加入 Akka 集群？

Question

在 Akka Cluster 示例、文档和教程中，似乎任何节点都可以通过了解集群和集群的种子节点来加入集群。如何防止未经授权的节点加入？

Answer 1

我试图实现这个功能，但我也没有在 Akka 集群中找到这个功能。我设法通过在参与者上创建一个授权标志，将集群包装在Option[Cluster] 中，并在preStart() mwethod 中决定订阅或不订阅集群上的参与者。这已经阻止了参与者接收消息。但是，它仍然可以向集群成员发送消息。然后我把标志放在case UserMessage(content) if (authorized) => ??? 上。我没有将演员从集群中踢出，但我相信这只是在他起床后踢他。

object Alice extends ChatApp("Alice", 2551, true)
object Bob extends ChatApp("Bob", 2552, true)
object Fabio extends ChatApp("Fabio", 2554, false)

演员

class ChatActor(nickname: String, port: Int, authorized: Boolean) extends Actor with ActorLogging {
  // 1: initialize the cluster object
  val cluster: Option[Cluster] = if (authorized) Some(Cluster(context.system)) else None

  // 2: subscribe to cluster event in preStart
  override def preStart(): Unit = {
    if (authorized) {
      cluster match {
        case Some(c) => c.subscribe(
          self,
          initialStateMode = InitialStateAsEvents,
          classOf[MemberEvent]
        )
        case None => log.info(s"user [$nickname] is not authorized to enter in the cluster =(. Please leave the cluster.")
      }
    }
  }

  // 3: unsubscribe self in postStop
  override def postStop(): Unit = {
    cluster match {
      case Some(c) => c.unsubscribe(self)
      case None => log.info(s"user [$nickname] is not authorized to enter in the cluster =(.")
    }
  }

  override def receive: Receive = online(Map())

  /** chatRoom is the data structure to the users in the chat */
  def online(chatRoom: Map[String, String]): Receive = {
    case UserMessage(content) if (authorized) =>
      chatRoom.keys.foreach { address =>
        val chatActorSelection: ActorSelection = context.actorSelection(s"${address}/user/chatActor")
        chatActorSelection ! ChatMessage(nickname, content)
      }
  }
}