[ 
https://issues.apache.org/jira/browse/YARN-11468?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Szilard Nemeth resolved YARN-11468.
-----------------------------------
    Fix Version/s: 3.4.0
       Resolution: Fixed

> Zookeeper SSL/TLS support
> -------------------------
>
>                 Key: YARN-11468
>                 URL: https://issues.apache.org/jira/browse/YARN-11468
>             Project: Hadoop YARN
>          Issue Type: Improvement
>          Components: resourcemanager
>            Reporter: Ferenc Erdelyi
>            Assignee: Ferenc Erdelyi
>            Priority: Critical
>              Labels: pull-request-available
>             Fix For: 3.4.0
>
>
> Zookeeper 3.5.5 server can operate with SSL/TLS secure connection with its 
> clients.
> [https://cwiki.apache.org/confluence/display/ZOOKEEPER/ZooKeeper+SSL+User+Guide]
> The SSL communication should be possible in the different parts of YARN, 
> where it communicates with Zookeeper servers. The Zookeeper clients are used 
> in the following places:
>  * ResourceManager
>  * ZKConfigurationStore
>  * ZKRMStateStore
> The yarn.resourcemanager.zk-client-ssl.enabled flag to enable SSL 
> communication should be provided in the yarn-default.xml and the required 
> parameters for the keystore and truststore should be picked up from the 
> core-default.xml (HADOOP-18709)
> yarn.resourcemanager.ha.curator-leader-elector.enabled has to set to true via 
> yarn-site.xml to make sure Curator is used, otherwise we can't enable SSL.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-dev-h...@hadoop.apache.org

Reply via email to