Home | About | Sematext search-lucene.com search-hadoop.com
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB
 Search Hadoop and all its subprojects:

Switch to Plain View
Zookeeper >> mail # user >> Zookeeper and SSL...


+
Matt Wise 2013-03-08, 23:13
+
Matt Wise 2013-03-16, 16:38
Copy link to this message
-
Re: Zookeeper and SSL...
Hi,

My two cents: the ZooKeeper's support to encryption between servers and
between client-server has not progressed until now:

https://issues.apache.org/jira/browse/ZOOKEEPER-236

https://issues.apache.org/jira/browse/ZOOKEEPER-235

https://issues.apache.org/jira/browse/ZOOKEEPER-1000

Plus, you can find an interesting discussion here:
http://zookeeper-user.578899.n2.nabble.com/Linking-two-sites-via-two-Zookeeper-instances-td7578441.html

Edward

On Sat, Mar 16, 2013 at 1:38 PM, Matt Wise <[EMAIL PROTECTED]> wrote:

> No thoughts on encrypting and authenticating zookeeper-to-zookeeper
> communication?
>
> On Mar 8, 2013, at 3:13 PM, Matt Wise <[EMAIL PROTECTED]> wrote:
>
> > Currently we run Zookeeper out on the big bad scary internet using
> Stunnel as an encryption and authentication system for our clients. Our
> single 5-node Zookeeper quorum is in a single datacenter where we can
> control network access and feel reasonably safe.
> >
> > I've been thinking about scale recently, and I would love to be able to
> put Zookeeper Observer nodes in each of our regions. We don't use VPC or
> any other network-to-network tunneling technology. Stunnel is simple when
> you have one client, and one endpoint, but it sucks when you have multiple
> servers all trying to talk to each other.
> >
> > Are there any plans to add SSL support to Zookeeper? Specifically to its
> own private cluster communication ports? If not, what about running a
> Zookeeper Observer in a "client" mode where I can point it to any of our 5
> quorum servers, and it acts as a kind of proxy for data -- without really
> "joining" the cluster?
> >
> > --Matt
> >
>
>
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB