Thanks Enrico. I was also looking at https://issues.apache.org/jira/browse/ZOOKEEPER-2220 who is facing same issue.
I will try with your suggestion. My requirement is to enable SASL based authentication between server-server and client-server. Please advise if I'm looking at the right place or is there any better documentation. Regards, Praveen Kumar K S +91-9986855625 On Thu, Jan 16, 2020 at 3:01 PM Enrico Olivelli - Diennea < [email protected]> wrote: > Praveen > In order to use Netty it is better for you to use 3.5.6 that contains > Netty 4, ZooKeeper 3.4.x uses the deprecated Netty 3. For TSL, and it is > known to have security flaws and it is no more maintained > > Btw your problem looks like there is a missing class and it is weird > > Enrico > > Il giorno 16/01/20, 10:25 "Praveen Kumar K S" <[email protected]> > ha scritto: > > Hello, > > I'm looking for help on enabling authentication in zookeeper. Please > note > below approach I have tried. > > 1. I followed > > https://cwiki.apache.org/confluence/display/ZOOKEEPER/ZooKeeper+SSL+User+Guide > 2. I'm deploying zookeeper as single node using docker > 3. Zookeeper version is 3.4.13 > 4. Below are some important environmental variables in zookeeper > container > > > CLIENT_JVMFLAGS=-Dzookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty > -Dzookeeper.client.secure=true > -Dzookeeper.ssl.keyStore.location=/opt/vault/zookeeper/ssl/KeyStore.jks > -Dzookeeper.ssl.keyStore.password=XX@123 > > -Dzookeeper.ssl.trustStore.location=/opt/vault/zookeeper/ssl/truststore.jks > -Dzookeeper.ssl.trustStore.password=XX@123 > > > SERVER_JVMFLAGS=-Dzookeeper.serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory > -Dzookeeper.ssl.keyStore.location=/opt/vault/zookeeper/ssl/KeyStore.jks > -Dzookeeper.ssl.keyStore.password=XX@123 > > -Dzookeeper.ssl.trustStore.location=/opt/vault/zookeeper/ssl/truststore.jks > -Dzookeeper.ssl.trustStore.password=XX@123 > > > zookeeper.serverCnxnFactory="org.apache.zookeeper.server.NettyServerCnxnFactory" > > 5. Below is conf file > server.1=0.0.0.0:2888:3888 > secureClientPort=2281 > initLimit=5 > syncLimit=2 > tickTime=2000 > clientPort=2181 > clientPortAddress=zookeeper > dataLogDir=/opt/vault/zookeeper/logs > dataDir=/opt/vault/zookeeper/data > > 6. Zookeeper is healthy > 7. I tried connecting to Zookeeper server from my machine using > zkCli.sh. > But getting below error > > 2020-01-16 14:21:27,798 [myid:] - INFO [main:ZooKeeper@442] - > Initiating > client connection, connectString=zookeeper:2281 sessionTimeout=30000 > watcher=org.apache.zookeeper.ZooKeeperMain$MyWatcher@531d72ca > Exception in thread "main" java.io.IOException: Couldn't instantiate > org.apache.zookeeper.ClientCnxnSocketNetty > at > org.apache.zookeeper.ZooKeeper.getClientCnxnSocket(ZooKeeper.java:1851) > at org.apache.zookeeper.ZooKeeper.<init>(ZooKeeper.java:453) > at > org.apache.zookeeper.ZooKeeperMain.connectToZK(ZooKeeperMain.java:283) > at org.apache.zookeeper.ZooKeeperMain.<init>(ZooKeeperMain.java:297) > at org.apache.zookeeper.ZooKeeperMain.main(ZooKeeperMain.java:290) > Caused by: java.lang.ClassNotFoundException: > org.apache.zookeeper.ClientCnxnSocketNetty > at java.net.URLClassLoader.findClass(URLClassLoader.java:382) > at java.lang.ClassLoader.loadClass(ClassLoader.java:424) > at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:349) > at java.lang.ClassLoader.loadClass(ClassLoader.java:357) > at java.lang.Class.forName0(Native Method) > at java.lang.Class.forName(Class.java:264) > at > org.apache.zookeeper.ZooKeeper.getClientCnxnSocket(ZooKeeper.java:1848) > ... 4 more > > 8.Zookeeper is working fine on 2181 > 9.I tried to connect Kafka to Zookeeper on port 2281. Getting below > error > > [2020-01-16 09:12:07,477] INFO Initiating client connection, > connectString=zookeeper:2281 sessionTimeout=6000 > > watcher=kafka.zookeeper.ZooKeeperClient$ZooKeeperClientWatcher$@5c33f1a9 > (org.apache.zookeeper.ZooKeeper) > [2020-01-16 09:12:07,488] INFO [ZooKeeperClient] Waiting until > connected. > (kafka.zookeeper.ZooKeeperClient) > [2020-01-16 09:12:07,489] INFO Opening socket connection to server > zookeeper/172.16.13.2:2281. Will not attempt to authenticate using > SASL > (unknown error) (org.apache.zookeeper.ClientCnxn) > [2020-01-16 09:12:07,493] INFO Socket error occurred: zookeeper/ > 172.16.13.2:2281: Connection refused (org.apache.zookeeper.ClientCnxn) > [2020-01-16 09:12:08,599] INFO Opening socket connection to server > zookeeper/172.16.13.2:2281. Will not attempt to authenticate using > SASL > (unknown error) (org.apache.zookeeper.ClientCnxn) > > Please help and advice. > > Regards, > Praveen Kumar K S > +91-9986855625 > > > > ________________________________ > > CONFIDENTIALITY & PRIVACY NOTICE > This e-mail (including any attachments) is strictly confidential and may > also contain privileged information. If you are not the intended recipient > you are not authorised to read, print, save, process or disclose this > message. If you have received this message by mistake, please inform the > sender immediately and destroy this e-mail, its attachments and any copies. > Any use, distribution, reproduction or disclosure by any person other than > the intended recipient is strictly prohibited and the person responsible > may incur in penalties. > The use of this e-mail is only for professional purposes; there is no > guarantee that the correspondence towards this e-mail will be read only by > the recipient, because, under certain circumstances, there may be a need to > access this email by third subjects belonging to the Company. >
