Matt Wise 2013-03-08, 23:13
Matt Wise 2013-03-16, 16:38
My two cents: the ZooKeeper's support to encryption between servers and
between client-server has not progressed until now:
Plus, you can find an interesting discussion here:
On Sat, Mar 16, 2013 at 1:38 PM, Matt Wise <[EMAIL PROTECTED]> wrote:
> No thoughts on encrypting and authenticating zookeeper-to-zookeeper
> On Mar 8, 2013, at 3:13 PM, Matt Wise <[EMAIL PROTECTED]> wrote:
> > Currently we run Zookeeper out on the big bad scary internet using
> Stunnel as an encryption and authentication system for our clients. Our
> single 5-node Zookeeper quorum is in a single datacenter where we can
> control network access and feel reasonably safe.
> > I've been thinking about scale recently, and I would love to be able to
> put Zookeeper Observer nodes in each of our regions. We don't use VPC or
> any other network-to-network tunneling technology. Stunnel is simple when
> you have one client, and one endpoint, but it sucks when you have multiple
> servers all trying to talk to each other.
> > Are there any plans to add SSL support to Zookeeper? Specifically to its
> own private cluster communication ports? If not, what about running a
> Zookeeper Observer in a "client" mode where I can point it to any of our 5
> quorum servers, and it acts as a kind of proxy for data -- without really
> "joining" the cluster?
> > --Matt