For the moment, consumers still need to write under the /consumers tree. Even if they are committing offsets to Kafka instead of ZK, they will need to write owner information there when they are balancing. Eventually, you are correct, this is going away with the new consumer.
-Todd On Fri, Oct 17, 2014 at 10:09 AM, Arvind Mani <am...@linkedin.com.invalid> wrote: > > I'm looking at Kafka Brokers authentication with ZooKeeper since this > looks independent of other tasks. > > [AM] > > 1) Is authentication required only between kafka broker and zookeeper? Can > we assume "world" read so that consumers don't have to be authenticated (I > believe in any case kafka is planning to change in such that consumers > don't have to interact with zk)? In this case I assume kafka broker can I > think easily create the znode with appropriate acl list - broker can be > admin. > > 2) Zookeeper supports Kerberos authentication. Zookeeper supports SSL > connections (version 3.4 or later) but I don't see an x509 authentication > provider. Do we want to support x509 cert based authentication for zk? > > - Arvind > >
