kafka-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pere Urbón Bayes <pere.ur...@gmail.com>
Subject Re: [DISCUSS] KIP-515: Enable ZK client to use the new TLS supported authentication
Date Mon, 02 Sep 2019 12:23:12 GMT
Thanks for your time Harsha,
   anyone else with comments? looking forward to hearing from you.

Stupid question: when do you move from discussion to vote?

Missatge de Harsha Chintalapani <kafka@harsha.io> del dia dv., 30 d’ag.
2019 a les 21:59:

> Thanks Pere. KIP looks good to me.
> -Harsha
>
>
> On Fri, Aug 30, 2019 at 10:05 AM, Pere Urbón Bayes <pere.urbon@gmail.com>
> wrote:
>
>> Not really,
>>   my idea is to keep the JAAS parameter, so people don't see major
>> changes. But if you pass a properties file, then this takes precedence over
>> the other, with the idea that you can do sasl as well with the properties
>> files.
>>
>> Makes sense?
>>
>> -- Pere
>>
>> Missatge de Harsha Chintalapani <kafka@harsha.io> del dia dv., 30 d’ag.
>> 2019 a les 19:00:
>>
>>> Hi Pere,
>>>           Thanks for the KIP. Enabling SSL for zookeeper for Kafka makes
>>> sense.
>>> "The changes are planned to be introduced in a compatible way, by
>>> keeping the current JAAS variable precedence."
>>> Can you elaborate a bit here. If the user configures a JAAS file with
>>> Client section it will take precedence over zookeeper SSL configs?
>>>
>>> Thanks,
>>> Harsha
>>>
>>>
>>>
>>> On Fri, Aug 30, 2019 at 7:50 AM, Pere Urbón Bayes <pere.urbon@gmail.com>
>>> wrote:
>>>
>>>> Hi,
>>>> quick question, I saw in another mail that 2.4 release is planned for
>>>> September. I think it would be really awesome to have this for this
>>>> release, do you think we can make it?
>>>>
>>>> -- Pere
>>>>
>>>> Missatge de Pere Urbón Bayes <pere.urbon@gmail.com> del dia dj., 29
>>>> d’ag. 2019 a les 20:10:
>>>>
>>>> Hi,
>>>> this is my first KIP for a change in Apache Kafka, so I'm really need
>>>> to the process. Looking forward to hearing from you and learn the best
>>>> ropes here.
>>>>
>>>> I would like to propose this KIP-515 to enable the ZookeeperClients to
>>>> take full advantage of the TLS communication in the new Zookeeper 3.5.5.
>>>> Specially interesting it the Zookeeper Security Migration, that without
>>>> this change will not work with TLS, disabling users to use ACLs when the
>>>> Zookeeper cluster use TLS.
>>>>
>>>> link:
>>>>
>>>> https://cwiki.apache.org/confluence/display/KAFKA/KIP-515%3A+Enable+ZK+client+to+use+the+new+TLS+supported+authentication
>>>>
>>>> Looking forward to hearing from you on this,
>>>>
>>>> /cheers
>>>>
>>>> --
>>>> Pere Urbon-Bayes
>>>> Software Architect
>>>> http://www.purbon.com
>>>> https://twitter.com/purbon
>>>> https://www.linkedin.com/in/purbon/
>>>>
>>>> --
>>>> Pere Urbon-Bayes
>>>> Software Architect
>>>> http://www.purbon.com
>>>> https://twitter.com/purbon
>>>> https://www.linkedin.com/in/purbon/
>>>>
>>>
>>>
>>
>> --
>> Pere Urbon-Bayes
>> Software Architect
>> http://www.purbon.com
>> https://twitter.com/purbon
>> https://www.linkedin.com/in/purbon/
>>
>
>

-- 
Pere Urbon-Bayes
Software Architect
http://www.purbon.com
https://twitter.com/purbon
https://www.linkedin.com/in/purbon/

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message