Skip to content

필사 모드: Building a Secured (Kerberized) ZooKeeper Cluster

English
0%
정확도 0%
💡 왼쪽 원문을 읽으면서 오른쪽에 따라 써보세요. Tab 키로 힌트를 받을 수 있습니다.
원문 렌더가 준비되기 전까지 텍스트 가이드로 표시합니다.

Overview

Let's learn how to apply Kerberos security to ZooKeeper.

Changing Configuration

The number of milliseconds of each tick

tickTime=2000

The number of ticks that the initial

synchronization phase can take

initLimit=10

The number of ticks that can pass between

sending a request and getting an acknowledgement

syncLimit=5

the directory where the snapshot is stored.

do not use /tmp for storage, /tmp here is just

example sakes.

dataDir=/var/zookeeper

the port at which the clients will connect

clientPort=2181

server.1=hadoop1.mysite.com:2888:3888

server.2=hadoop2.mysite.com:2888:3888

server.3=hadoop3.mysite.com:2888:3888

quorum.auth.enableSasl=true

quorum.cnxn.threads.size=20

authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider

kerberos.removeHostFromPrincipal=true

kerberos.removeRealmFromPrincipal=true

quorum.auth.learnerRequireSasl=true

quorum.auth.serverRequireSasl=true

quorum.auth.kerberos.servicePrincipal=zookeeper/_HOST

#autopurge.purgeInterval=1

Server {

com.sun.security.auth.module.Krb5LoginModule required

useKeyTab=true

keyTab="/etc/hdfs.keytab"

storeKey=true

useTicketCache=false

principal="zookeeper/hadoop1.mysite.com@CHAOS.ORDER.COM";

};

QuorumServer {

com.sun.security.auth.module.Krb5LoginModule required

useKeyTab=true

keyTab="/etc/hdfs.keytab"

storeKey=true

useTicketCache=false

principal="zookeeper/hadoop1.mysite.com@CHAOS.ORDER.COM";

};

QuorumLearner {

com.sun.security.auth.module.Krb5LoginModule required

useKeyTab=true

keyTab="/etc/hdfs.keytab"

storeKey=true

useTicketCache=false

principal="zookeeper/hadoop1.mysite.com@CHAOS.ORDER.COM";

};

export JVMFLAGS="-Djava.security.auth.login.config=${JAAS_CONF_PATH}"

Restarting ZooKeeper

After changing the configuration as described above, restarting ZooKeeper will make it run securely.

Quiz

Q1: What is the main topic covered in "Building a Secured (Kerberized) ZooKeeper Cluster"?

Learn how to apply Kerberos security to ZooKeeper.

Learn how to apply Kerberos security to ZooKeeper.

Consider the practical examples and patterns discussed throughout the post.

현재 단락 (1/47)

Let's learn how to apply Kerberos security to ZooKeeper.

작성 글자: 0원문 글자: 1,978작성 단락: 0/47