Hi Pere,
Thanks for the KIP. Enabling SSL for zookeeper for Kafka makes
sense.
"The changes are planned to be introduced in a compatible way, by keeping
the current JAAS variable precedence."
Can you elaborate a bit here. If the user configures a JAAS file with
Client section it will take precedence over zookeeper SSL configs?
Thanks,
Harsha
On Fri, Aug 30, 2019 at 7:50 AM, Pere Urbón Bayes <pere.ur...@gmail.com>
wrote:
> Hi,
> quick question, I saw in another mail that 2.4 release is planned for
> September. I think it would be really awesome to have this for this
> release, do you think we can make it?
>
> -- Pere
>
> Missatge de Pere Urbón Bayes <pere.ur...@gmail.com> del dia dj., 29 d’ag.
> 2019 a les 20:10:
>
> Hi,
> this is my first KIP for a change in Apache Kafka, so I'm really need to
> the process. Looking forward to hearing from you and learn the best ropes
> here.
>
> I would like to propose this KIP-515 to enable the ZookeeperClients to
> take full advantage of the TLS communication in the new Zookeeper 3.5.5.
> Specially interesting it the Zookeeper Security Migration, that without
> this change will not work with TLS, disabling users to use ACLs when the
> Zookeeper cluster use TLS.
>
> link:
> https://cwiki.apache.org/confluence/display/KAFKA/
> KIP-515%3A+Enable+ZK+client+to+use+the+new+TLS+supported+authentication
>
> Looking forward to hearing from you on this,
>
> /cheers
>
> --
> Pere Urbon-Bayes
> Software Architect
> http://www.purbon.com
> https://twitter.com/purbon
> https://www.linkedin.com/in/purbon/
>
> --
> Pere Urbon-Bayes
> Software Architect
> http://www.purbon.com
> https://twitter.com/purbon
> https://www.linkedin.com/in/purbon/
>
