Open aditypandit opened 4 years ago
Was having trouble getting Kafka to set ACLs on Zookeeper (via zookeeper.set.acl=true).
Turns out that Zookeeper isn't picking up all the environment variables as expected. The following wouldn't work:
ZOOKEEPER_KERBEROS_REMOVEHOSTFROMPRINCIPAL: true ZOOKEEPER_KERBEROS_REMOVEREALMFROMPRINCIPAL: true ZOOKEEPER_AUTHPROVIDER_1: "org.apache.zookeeper.server.auth.SASLAuthenticationProvider" ZOOKEEPER_REQUIRECLIENTAUTHSCHEME: "sasl"
This, instead, did work:
-Dzookeeper.kerberos.removeHostFromPrincipal=true -Dzookeeper.kerberos.removeRealmFromPrincipal=true -Dzookeeper.authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider -Dzookeeper.requireClientAuthScheme=sasl
Has been tested with the 5.3.1 image.
Note that requireClientAuthScheme does nothing as per https://issues.apache.org/jira/browse/ZOOKEEPER-2668.
requireClientAuthScheme
Was having trouble getting Kafka to set ACLs on Zookeeper (via zookeeper.set.acl=true).
Turns out that Zookeeper isn't picking up all the environment variables as expected. The following wouldn't work:
This, instead, did work:
Has been tested with the 5.3.1 image.