hadoop-zookeeper-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Harold Lim <rold...@yahoo.com>
Subject Re: General Question about Zookeeper
Date Thu, 25 Jun 2009 18:16:51 GMT

Hi Gustavo,

Actually, in my case, we have a fully decentralized service. Something like where you have
users in a social network. Originally, we were thinking of using a distributed consensus algorithm
(e.g., Paxos) to perform some functionalities (e.g., leader election). 

Then, I read about ZooKeeper and was thinking of using ZooKeeper for leader election instead.
However, that means that we're introducing a "central" server/service to the architecture.


Currently, I'm just thinking of some of the original functionalities and how much of these
functionalities I can offload to ZooKeeper, without breaking the original privacy/security
motivation.


-Harold




--- On Thu, 6/25/09, Gustavo Niemeyer <gustavo@niemeyer.net> wrote:

> From: Gustavo Niemeyer <gustavo@niemeyer.net>
> Subject: Re: General Question about Zookeeper
> To: zookeeper-user@hadoop.apache.org
> Date: Thursday, June 25, 2009, 1:59 PM
> Hey Harold,
> 
> > I am interested in a security aspect of zookeeper,
> where the clients and the servers don't necessarily belong
> to the same "group". If a client creates a znode in the
> zookeeper? Can the person, who owns the zookeeper server,
> simply look at its filesystem and read the data
> (out-of-band, not using a client, simply browsing the file
> system of the machine hosting the zookeeper server)?
> 
> Yes, absolutely.  You could certainly encrypt the data
> that goes
> through the ZooKeeper server, but since ZooKeeper is
> supposed to be
> doing coordination work, I think that if you don't trust
> the server,
> the whole situation might get a bit awkward.  I'm
> curious about your
> use case, since I'm pondering about doing something where
> clients
> don't necessarily trust other clients or machines in the
> same network
> (or even different users in the same machine), thus might
> require
> additional tighting up, but if you don't trust the server
> itself, that
> may be tricky.  Please note that ZooKeeper isn't meant
> to be used just
> as a distributed filesystem for storage, but that's
> probably not your
> intention anyway.
> 
> -- 
> Gustavo Niemeyer
> http://niemeyer.net
> 


      

Mime
View raw message