Ganglia - security when polling metrics over TCP (xml format) from nodes

Question

Context: I am a student and I am trying to prepare a proof of concept for quick network-monitoring.

our imaginary context is that we have multiple clusters which are on different subnets. I have read numerous documentations regarding ganglia and what I really want to find out is during node polling, assuming that gmetad is on a different subnet as the node as well, is there any security measure that is utilised to protect sending the XML data over TCP.

Answer 1

It's not entirely clear whether you mean to ask about TCP or UDP transport here, but I assume TCP since that's how gmetad-gmetad and gmetad-gmond communication is done.

The only security measures are the trusted_hosts configuration attribute for gmetad and the access control lists that can be specified for gmond's tcp_accept_channel configuration.

You could perhaps consider a secure tunneled route between the hosts if you're looking to avoid eavesdropping?