zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Patrick Hunt (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ZOOKEEPER-236) SSL Support for Atomic Broadcast protocol
Date Wed, 08 Mar 2017 15:57:38 GMT

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-236?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15901467#comment-15901467

Patrick Hunt commented on ZOOKEEPER-236:

In general I don't think we want to tie/require security through reconfig. Seems like a potentially
useful feature, but most folks are pretty familiar with typically java/ssl configuration.
Additionally what was originally proposed here is very consistent across the Hadoop 'ecosystem'.
 That said perhaps a separate jira for the reconfig feature, for those interested in that
approach (although I don't know if we need two)

Keep in mind also that some folks might want security w/o enabling reconfig - reconfig is
off by default iirc in 3.5. Those that are not using reconfig might not want to enable it
just to enable security.

> SSL Support for Atomic Broadcast protocol
> -----------------------------------------
>                 Key: ZOOKEEPER-236
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-236
>             Project: ZooKeeper
>          Issue Type: New Feature
>          Components: quorum, server
>            Reporter: Benjamin Reed
>            Assignee: Abraham Fine
>            Priority: Minor
> We should have the ability to use SSL to authenticate and encrypt the traffic between
ZooKeeper servers. For the most part this is a very easy change. We would probably only want
to support this for TCP based leader elections.

This message was sent by Atlassian JIRA

View raw message