zookeeper-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patrick Hunt <ph...@apache.org>
Subject Re: Securing ZooKeeper connections
Date Thu, 27 May 2010 17:00:26 GMT

On 05/27/2010 09:47 AM, Benjamin Reed wrote:
> actually pat hunt took over that issue: ZOOKEEPER-733. pat has made a
> lot of progress and the patch looks close to being ready.

This is just the server side though, still need to make similar changes 
on the client. That will likely be a separate jira. But yes, it's coming 

> ps - actually, to be clear the patch adds netty support. the idea is
> that once we have netty in and netty supports SSL quite transparently,
> it should be easy to get SSL in.

SSL/netty part seems pretty simple, however there's also the key mgmt 
portion which look more complicated (need to integrate "not quite 
commons ssl" or something like that, haven't gotten that far yet)

> On 05/26/2010 04:44 PM, Mahadev Konar wrote:
>> Hi Vishal,
>> Ben (Benjamin Reed) has been working on a netty based client server
>> protocol in ZooKeeper. I think there is an open jira for it. My network
>> connection is pretty slow so am finding it hard to search for it.
>> We have been thinking abt enabling secure connections via this netty
>> based
>> connections in zookeeper.
>> Thanks
>> mahadev
>> On 5/25/10 12:20 PM, "Vishal K"<vishalmlst@Gmail.com> wrote:
>>> Hi All,
>>> Since ZooKeeper does not support secure network connections yet, I
>>> thought I
>>> would poll and see what people are doing to address this problem. Is
>>> anyone
>>> running ZooKeeper over secure channels (client - server and server-
>>> server
>>> authentication/encryption)? If yes, can you please elaborate how you
>>> do it?
>>> Thanks.
>>> Regards,
>>> -Vishal

View raw message