Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Plain View
Zookeeper, mail # user - Zookeeper and SSL...


+
Matt Wise 2013-03-08, 23:13
Copy link to this message
-
Re: Zookeeper and SSL...
Matt Wise 2013-03-16, 16:38
No thoughts on encrypting and authenticating zookeeper-to-zookeeper communication?

On Mar 8, 2013, at 3:13 PM, Matt Wise <[EMAIL PROTECTED]> wrote:

> Currently we run Zookeeper out on the big bad scary internet using Stunnel as an encryption and authentication system for our clients. Our single 5-node Zookeeper quorum is in a single datacenter where we can control network access and feel reasonably safe.
>
> I've been thinking about scale recently, and I would love to be able to put Zookeeper Observer nodes in each of our regions. We don't use VPC or any other network-to-network tunneling technology. Stunnel is simple when you have one client, and one endpoint, but it sucks when you have multiple servers all trying to talk to each other.
>
> Are there any plans to add SSL support to Zookeeper? Specifically to its own private cluster communication ports? If not, what about running a Zookeeper Observer in a "client" mode where I can point it to any of our 5 quorum servers, and it acts as a kind of proxy for data -- without really "joining" the cluster?
>
> --Matt
>
+
Edward Ribeiro 2013-03-16, 19:24