zookeeper-operator icon indicating copy to clipboard operation
zookeeper-operator copied to clipboard
verified publisher icon stackabletech

Discovery ConfigMap does not expose AuthenticationClass for authenticated access to ZooKeeper

Open maltesander opened this issue 3 years ago • 0 comments

Currently, if an AuthenticationClass is set, the client access is encrypted and requires authentication. This is not exposed in the discovery ConfigMap to be picked up by other operators to configure their ZooKeeper access.

The discovery ConfigMap currently expose 3 fields:

  • ZOOKEEPER contains the full zookeeper connection string with znode (generally used)
  • ZOOKEEPER_CHROOT contains the znode (i think only for Nifi currently)
  • ZOOKEEPER_HOSTS contains the zookeeper connection string without znode (i think only for Nifi currently)

Temporary example proposal to add "secure" fields:

  • ZOOKEEPER_SECURE
  • ZOOKEEPER_HOSTS_SECURE
  • (ZOOKEEPER_CHROOT_SECURE) would be redundant
  • AUTHENTICATION_CLASS

This will be discussed further in the architecture meeting on 3rd of August.

maltesander avatar Jul 27 '22 11:07 maltesander