You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Phil Zampino (JIRA)" <ji...@apache.org> on 2017/11/06 14:29:00 UTC

[jira] [Resolved] (KNOX-1102) Document Recommended ZooKeeper SASL Configuration for HA Providers

     [ https://issues.apache.org/jira/browse/KNOX-1102?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Phil Zampino resolved KNOX-1102.
--------------------------------
    Resolution: Not A Problem

Since the Hadoop services are responsible for the ACLs on the znodes referenced by the HaProvider URL managers that employ ZooKeeper, it doesn't make sense to make recommendations for setting those from a Knox perspective.

Also, since the existing ACLs appear to allow reading for even unauthenticated ZooKeeper clients, recommendations for configuring client authentication seems unnecessary at this time.

> Document Recommended ZooKeeper SASL Configuration for HA Providers 
> -------------------------------------------------------------------
>
>                 Key: KNOX-1102
>                 URL: https://issues.apache.org/jira/browse/KNOX-1102
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: Site
>    Affects Versions: 0.14.0
>            Reporter: Phil Zampino
>            Assignee: Phil Zampino
>
> There are multiple ZooKeeper clients in use in Knox in the form of HA Providers. If they are all in use in a single Knox instance, then they need to share a common SASL (JAAS) configuration because the currently-released version of the ZooKeeper client only supports a single login context.
> This doc may also include recommendations wrt znode ACLs where they are found deficient.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)