[KAFKA-2641] Upgrade path for ZK authentication - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.9.0.0
Component/s: security
Labels:
None

Description

If a cluster isn't secure and wants to migrate to secure, then it will need to execute the following steps with respect to ZK:

Perform a rolling restart passing the appropriate JAAS file to enable the ZK client to authenticate against the server
Run a ZkSecurityMigrationTool that will set the appropriate ACLs
Perform a second rolling restart to set `zookeeper.enable.secure.acls`

This recipe assumes that the ZK ensemble has security on.

Attachments

Activity

People

Assignee:: Flavio Paiva Junqueira

Reporter:: Flavio Paiva Junqueira

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 13/Oct/15 12:22

Updated:: 23/Oct/15 22:11

Resolved:: 23/Oct/15 22:11