Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Threaded View
Zookeeper, mail # user - Zookeeper and SSL...


Copy link to this message
-
Re: Zookeeper and SSL...
Edward Ribeiro 2013-03-16, 19:24
Hi,

My two cents: the ZooKeeper's support to encryption between servers and
between client-server has not progressed until now:

https://issues.apache.org/jira/browse/ZOOKEEPER-236

https://issues.apache.org/jira/browse/ZOOKEEPER-235

https://issues.apache.org/jira/browse/ZOOKEEPER-1000

Plus, you can find an interesting discussion here:
http://zookeeper-user.578899.n2.nabble.com/Linking-two-sites-via-two-Zookeeper-instances-td7578441.html

Edward

On Sat, Mar 16, 2013 at 1:38 PM, Matt Wise <[EMAIL PROTECTED]> wrote:

> No thoughts on encrypting and authenticating zookeeper-to-zookeeper
> communication?
>
> On Mar 8, 2013, at 3:13 PM, Matt Wise <[EMAIL PROTECTED]> wrote:
>
> > Currently we run Zookeeper out on the big bad scary internet using
> Stunnel as an encryption and authentication system for our clients. Our
> single 5-node Zookeeper quorum is in a single datacenter where we can
> control network access and feel reasonably safe.
> >
> > I've been thinking about scale recently, and I would love to be able to
> put Zookeeper Observer nodes in each of our regions. We don't use VPC or
> any other network-to-network tunneling technology. Stunnel is simple when
> you have one client, and one endpoint, but it sucks when you have multiple
> servers all trying to talk to each other.
> >
> > Are there any plans to add SSL support to Zookeeper? Specifically to its
> own private cluster communication ports? If not, what about running a
> Zookeeper Observer in a "client" mode where I can point it to any of our 5
> quorum servers, and it acts as a kind of proxy for data -- without really
> "joining" the cluster?
> >
> > --Matt
> >
>
>