zookeeper-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Angel <ang...@mit.edu>
Subject Secure Configuration of Zookeeper
Date Fri, 10 Jan 2020 18:20:59 GMT

What resources are available to help harden a Zookeeper installation?
What Zookeeper files should be watched with custom auditing rules?
Reviewing the Zookeeper documentation we don't see many security configuration recommendations
beyond the ACL section.

Background: we are running a 3 node Zookeeper for most projects under RHEL 7.7 Systems minimal
installs with SELinux, FIPS, and STIG standards.
Zookeeper we are using to support a 3 node Kafka installation.
We are offloading Zookeeper logs to our Central Logging system.
We are blocking the Zookeeper mangement tcp port 2181.


Michael Angel

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message