You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-dev@hadoop.apache.org by "Ferenc Erdelyi (Jira)" <ji...@apache.org> on 2023/04/19 15:01:00 UTC

[jira] [Created] (HADOOP-18709) Add curator based ZooKeeper communication over SSL/TLS support into the common library

Ferenc Erdelyi created HADOOP-18709:
---------------------------------------

             Summary: Add curator based ZooKeeper communication over SSL/TLS support into the common library
                 Key: HADOOP-18709
                 URL: https://issues.apache.org/jira/browse/HADOOP-18709
             Project: Hadoop Common
          Issue Type: Improvement
            Reporter: Ferenc Erdelyi


With HADOOP-16579 the ZooKeeper client is capable of securing communication with SSL. 

To follow the convention introduced in HADOOP-14741, proposing to add to the core-default.xml the following configurations, as the groundwork for the components to enable encrypted communication between the individual components and ZooKeeper:
 * hadoop.zk.ssl.keystore.location
 * hadoop.zk.ssl.keystore.password
 * hadoop.zk.ssl.truststore.location
 * hadoop.zk.ssl.truststore.password

These parameters along with the component-specific ssl.client.enable option (e.g. yarn.zookeeper.ssl.client.enable) should be passed to the ZKCuratorManager to build the CuratorFramework. The ZKCuratorManager needs a new overloaded start() method to build the encrypted communication.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-dev-help@hadoop.apache.org