Curator wraps the built-in ZooKeeper client, so Curator doesn't give you any benefit that isn't already present in ZooKeeper itself. You can easily use port 80 or 443 as the ZK/Curator client port. But, the ZooKeeper protocol (jute) is of course not HTTP. If the Firewall is expecting HTTP it won't work. Ports 2888/3888 are only used internally between ZooKeeper server instances. Those should all be behind a firewall so should be OK.
-JZ > On Mar 3, 2018, at 9:25 AM, Chris Miles <[email protected]> wrote: > > Firstly, I apologise for the cross post, but I think this is a question which > may need to be seen by both users, and devs who understand the underlying > code. > > I need to deploy Zookeeper to a firewall restricted cloud-foundry cloud, > where the only communication can happen between nodes is through HTTP, so I > am looking at ways of getting ZooKeeper communicating through HTTP tunnelling. > > As far as I can determine, ZooKeeper only allows the configuring of the main > client connection via server and client connection factories, but not for the > 2888 and 3888 connectivity, which is I think ((correct me if wrong)) node to > node communication on the first one, and leader election on the second? > > Does Curator's connection handling give me any ability to intercept and wrap > the connections used for the rest of these ports? (Netty Http Tunnel).
