qdrant-azure icon indicating copy to clipboard operation
qdrant-azure copied to clipboard
verified publisher icon Azure-Samples

How do I secure this?

Open mesgar opened this issue 2 years ago • 3 comments 

- [ ] bug report -> please search issues before submitting
- [x] feature request
- [ ] documentation issue or request
- [ ] regression (a behavior that used to work and stopped in a new release)

I followed the walkthrough blog post: https://devblogs.microsoft.com/semantic-kernel/the-power-of-persistent-memory-with-semantic-kernel-and-qdrant-vector-database/ and I'm wondering how to secure it properly?

Qdrant supports api key but how do I enable it during the deployment? https://qdrant.tech/documentation/guides/security/

mesgar avatar Jul 07 '23 12:07 mesgar

I decided to deploy qdrant on a single Azure VM (Standard E2s v3 (2 vcpus, 16 GiB memory)) for now. It's much easier to use persistent volumes for large-scale datasets, setting SSL and API key.

i.e. docker run -p 6333:6333
-v /mnt/qdrant/config/XXX-custom.yaml:/qdrant/config/production.yaml
-v /mnt/qdrant/storage:/mnt/qdrant/storage
-v /mnt/qdrant/snapshots:/mnt/qdrant/snapshots
qdrant/qdrant

and in the XXX-custom.yaml file, storage: storage_path: /mnt/qdrant//storage ... snapshots_path: /mnt/qdrant/snapshots ... on_disk_payload: true

mesgar avatar Jul 08 '23 11:07 mesgar

@mesgar Thanks for the feedback. I'm going to add this to backlog so that we have auth option in repo.

tawalke avatar Sep 06 '23 19:09 tawalke

Found this issue while trying to secure a cloud deployment of Qdrant. Unfortunately seems non-trivial outside of Qdrant Cloud.

@tawalke FYI- looks like the default config in this repo exposes the "internal" gRPC port via the load balancer. If the documentation is to be trusted, this is an inherent security flaw:

image

D4stiny avatar May 22 '24 02:05 D4stiny