No. There is quorum SSL between zookeeper servers on different ports.
https://zookeeper.apache.org/doc/current/zookeeperAdmin.html#Quorum+TLS
Note: please don't use in production self signed certificates and put in your trust store the CAs.
Client ports are for clients
> Am 30.07.2019 um 12:41 schrieb Nayak, Soumya R. <snayak@firstam.com>:
>
> Thanks Harsha for the link.
>
> As I am using a zookeeper cluster.
> In the below link there is a mention that no SSL support is there between zookeeper servers. (Any future version that would have this feature)
>
> So is it that the zookeeper servers will talk to each other on the ClientPort - 2181 and the kafka brokers will talk to these zookeeper servers over SSL on the secureClientPort - 2281.
>
> Please confirm if its correct or anything I am missing.
>
> Regards,
> Soumya
>
> -----Original Message-----
> From: Harsha <kafka@harsha.io>
> Sent: Monday, July 29, 2019 4:26 PM
> To: users@kafka.apache.org
> Subject: Re: TLS Communication in With Zookeeper Cluster
>
> Here is the guide
> https://cwiki.apache.org/confluence/display/ZOOKEEPER/ZooKeeper+SSL+User+Guide
> you need zookeeper 3.5 or higher for TLS.
>
>> On Mon, Jul 29, 2019, at 1:21 AM, Nayak, Soumya R. wrote:
>> Hi Team,
>>
>> Is there any way mutual TLS communication set up can be done with
>> zookeeper. If any references, can you please let me know.
>>
>> I am trying to set up a Zookeeper cluster (3 Zookeepers) and Kafka
>> cluster (4 Kafka Brokers) using docker images in Azure Ubuntu VM
>> servers.
>>
>>
>> Also, there is a new protocol of RAFT-ETCD . How is it when compared
>> to Kafka Zookeeper set up?
>>
>> Regards,
>> Soumya
>>
>> **********************************************************************
>> ******************** This message may contain confidential or
>> proprietary information intended only for the use of the
>> addressee(s) named above or may contain information that is legally
>> privileged. If you are not the intended addressee, or the person
>> responsible for delivering it to the intended addressee, you are
>> hereby notified that reading, disseminating, distributing or copying
>> this message is strictly prohibited. If you have received this message
>> by mistake, please immediately notify us by replying to the message
>> and delete the original message and any copies immediately thereafter.
>>
>> If you received this email as a commercial message and would like to
>> opt out of future commercial messages, please let us know and we will
>> remove you from our distribution list.
>>
>> Thank you.~
>> **********************************************************************
>> ********************
>> FAFLD
>>
https://zookeeper.apache.org/doc/current/zookeeperAdmin.html#Quorum+TLS
Note: please don't use in production self signed certificates and put in your trust store the CAs.
Client ports are for clients
> Am 30.07.2019 um 12:41 schrieb Nayak, Soumya R. <snayak@firstam.com>:
>
> Thanks Harsha for the link.
>
> As I am using a zookeeper cluster.
> In the below link there is a mention that no SSL support is there between zookeeper servers. (Any future version that would have this feature)
>
> So is it that the zookeeper servers will talk to each other on the ClientPort - 2181 and the kafka brokers will talk to these zookeeper servers over SSL on the secureClientPort - 2281.
>
> Please confirm if its correct or anything I am missing.
>
> Regards,
> Soumya
>
> -----Original Message-----
> From: Harsha <kafka@harsha.io>
> Sent: Monday, July 29, 2019 4:26 PM
> To: users@kafka.apache.org
> Subject: Re: TLS Communication in With Zookeeper Cluster
>
> Here is the guide
> https://cwiki.apache.org/confluence/display/ZOOKEEPER/ZooKeeper+SSL+User+Guide
> you need zookeeper 3.5 or higher for TLS.
>
>> On Mon, Jul 29, 2019, at 1:21 AM, Nayak, Soumya R. wrote:
>> Hi Team,
>>
>> Is there any way mutual TLS communication set up can be done with
>> zookeeper. If any references, can you please let me know.
>>
>> I am trying to set up a Zookeeper cluster (3 Zookeepers) and Kafka
>> cluster (4 Kafka Brokers) using docker images in Azure Ubuntu VM
>> servers.
>>
>>
>> Also, there is a new protocol of RAFT-ETCD . How is it when compared
>> to Kafka Zookeeper set up?
>>
>> Regards,
>> Soumya
>>
>> **********************************************************************
>> ******************** This message may contain confidential or
>> proprietary information intended only for the use of the
>> addressee(s) named above or may contain information that is legally
>> privileged. If you are not the intended addressee, or the person
>> responsible for delivering it to the intended addressee, you are
>> hereby notified that reading, disseminating, distributing or copying
>> this message is strictly prohibited. If you have received this message
>> by mistake, please immediately notify us by replying to the message
>> and delete the original message and any copies immediately thereafter.
>>
>> If you received this email as a commercial message and would like to
>> opt out of future commercial messages, please let us know and we will
>> remove you from our distribution list.
>>
>> Thank you.~
>> **********************************************************************
>> ********************
>> FAFLD
>>
Comments
Post a Comment