You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@kafka.apache.org by "M. Manna" <ma...@gmail.com> on 2017/08/02 17:16:13 UTC

Kafka TLS Authentication for brokers and clients (w/o Zookeeper Auth)

Hello,

From Kafka Documentation - I understand that Authentication and encryption
can be enabled for inter-broker, broker-client exchanges. By exchanges, i
mean data transfer-related activities.

My questions are:

1) Is it common to have ONLY inter-broker and broker-client exchanges, but
only plain transfer between zookeeper? in other words, is it common to only
put authentication for brokers and clients, but not zookeepers.

2) If I also want to use authentication for zookeeper-zookeeper exchanges,
is there any known performance issues I should be concerned about?

I would be grateful if someone could provide a dummy example of having both
implemented. I can see kafka online documentation which shows self-signing
certificates and keystore usage for inter-broker and broker-client
authentication, but I cannot see much mentioning of zookeeper to broker
exchanges (may be i missed it).

Kindest Regards,
M. Manna