You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@zookeeper.apache.org by Sam Lee <sa...@yahoo.com.INVALID> on 2022/03/24 12:25:49 UTC
Custom hostname when using quorum TLS
I have followed the steps in the documentation to set up "Quorum TLS"
for encrypted communication between ZooKeeper nodes.
( https://zookeeper.apache.org/doc/r3.6.3/zookeeperAdmin.html#Quorum+TLS )
Now, I am looking to change the hostname that a ZooKeeper node
presents to other ZooKeeper nodes. For example, my server's
/etc/hostname is 'my-server' but I want the ZooKeeper instance running
on that server to use another hostname instead (e.g. 'zoo1'). Is this
possible?
Re: Custom hostname when using quorum TLS
Posted by Andor Molnar <an...@apache.org>.
Hi Sam,
What do you mean by ‘present’?
AFAIK - I’m not 100% sure about this off the top of my head - ZK does not present its name to other quorum members, only the certificate. Something like:
1. ZK reads quorum members from zoo.cfg at startup,
2. It connects to all other nodes via TCP and present the certificate: here I am and that’s my ID.
3. Other quorum member will reverse lookup the DNS name from the IP and compares it with the hostname in the cert.
I need to dig this to be sure.
Andor
> On 2022. Mar 24., at 13:25, Sam Lee <sa...@yahoo.com.INVALID> wrote:
>
> I have followed the steps in the documentation to set up "Quorum TLS"
> for encrypted communication between ZooKeeper nodes.
> ( https://zookeeper.apache.org/doc/r3.6.3/zookeeperAdmin.html#Quorum+TLS )
>
> Now, I am looking to change the hostname that a ZooKeeper node
> presents to other ZooKeeper nodes. For example, my server's
> /etc/hostname is 'my-server' but I want the ZooKeeper instance running
> on that server to use another hostname instead (e.g. 'zoo1'). Is this
> possible?