Github user StephanEwen commented on the issue:
https://github.com/apache/flink/pull/3600
Thanks @zhengcanbin and @vijikarthi
Merging this...
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does
Github user zhengcanbin commented on the issue:
https://github.com/apache/flink/pull/3600
@StephanEwen @EronWright
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and
Github user vijikarthi commented on the issue:
https://github.com/apache/flink/pull/3600
The changes looks good to me.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled
Github user zhengcanbin commented on the issue:
https://github.com/apache/flink/pull/3600
@StephanEwen @vijikarthi @EronWright @Rucongzhang
Thanks all! I have changed this default behaviour, now
`zookeeper.sasl.disable` is `false` by default.
---
If your project is set up for
Github user Rucongzhang commented on the issue:
https://github.com/apache/flink/pull/3600
@StephanEwen , yes, now if you want to use kerberos , you need additionally
to set zookeeper.sasl.disable to false. And I agree with you, the default value
of zookeeper.sasl.disable can set to
Github user EronWright commented on the issue:
https://github.com/apache/flink/pull/3600
The thread is becoming confused as to what the default behavior should be.
In brief I think the code should say:
```
public static final ConfigOption ZOOKEEPER_SASL_DISABLE =
Github user vijikarthi commented on the issue:
https://github.com/apache/flink/pull/3600
The default ZK SASL client behavior is to enable SASL client and to be in
consistent it makes sense for us to leave the default option enabled.
---
If your project is set up for it, you can
Github user StephanEwen commented on the issue:
https://github.com/apache/flink/pull/3600
I am a bit confused here, this seems to make things more complicated.
Before, if you wanted to use ZK and Kerberos, you only added `zookeeper` to
`security.kerberos.login.contexts`. Now
Github user gaqzcb commented on the issue:
https://github.com/apache/flink/pull/3600
@EronWright @vijikarthi If you find the time, pls review this patch.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project
Github user Rucongzhang commented on the issue:
https://github.com/apache/flink/pull/3600
@zhengcanbin ,@StephanEwen ,@shijinkui. After push this issue, we must
illustrate in flink configuration. If we want to use kerberos authentication
with ZK server, we must set
Github user zhengcanbin commented on the issue:
https://github.com/apache/flink/pull/3600
@EronWright @vijikarthi
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and
Github user zhengcanbin commented on the issue:
https://github.com/apache/flink/pull/3600
@EronWright @StephanEwen
In ZookeeperSaslClient.java, 'zookeeper.sasl.client' is true by default, so
I agree to set 'zookeeper.sasl.disable' to false by default, for consistency.
---
If
Github user EronWright commented on the issue:
https://github.com/apache/flink/pull/3600
To recap, when the ZK server is configured to use SASL, the client is
challenged accordingly. The client checks for a login entry in the JAAS config
to obtain a kerberos credential, and issues a
Github user StephanEwen commented on the issue:
https://github.com/apache/flink/pull/3600
@EronWright @vijikarthi If you find the time, what do you think about this
patch?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well.
Github user StephanEwen commented on the issue:
https://github.com/apache/flink/pull/3600
Yes, CI seems to be unstable.
Can you try to push again to the branch (maybe change the commit message,
force push then) to retrigger the CI?
---
If your project is set up for it, you
Github user zhengcanbin commented on the issue:
https://github.com/apache/flink/pull/3600
Hi, this patch works and passes all tests on my side, but now all checks
have failed, I check all the five raw logs, obviously those errors are not from
my side.
16 matches
Mail list logo