Notes by Peter Galonza(Пётр Галонза)
GitHub Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  1. Hi, it’s my notes
  2. /
  3. Operations
  4. /
  5. Zookeeper

Zookeeper

TLS

Server

secureClientPort=<secure port>
serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory
ssl.keyStore.location=<keystore path>
ssl.keyStore.password=<keystore password>
ssl.trustStore.location=<truststore path>
ssl.trustStore.password=<truststore password>
ssl.clientAuth=none

Clent

export CLIENT_JVMFLAGS="-Dzookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty -Dzookeeper.client.secure=true -Dzookeeper.ssl.trustStore.location=<path>/truststore.jks -Dzookeeper.ssl.trustStore.password=<password>"

zookeeper.client.secure=true
zookeeper.ssl.trustStore.location=/opt/zookeeper/ssl/truststore.jks
zookeeper.ssl.trustStore.password=changeme

SASL

Server

authProvider.sasl=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
requireClientAuthScheme=sasl

File zookeeper_server_jaas.conf

Server {
       org.apache.zookeeper.server.auth.DigestLoginModule required
       user_super="<password>"
       user_client="<password>";
};

Client

export SERVER_JVMFLAGS="-Djava.security.auth.login.config=<path>/kafka_server_jaas.conf"

zookeeper.sasl.client=true
zookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty
gdoc_arrow_left_alt Zabbix Management and Mentoring gdoc_arrow_right_alt