Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Discovery ConfigMap does not expose AuthenticationClass for authenticated access to ZooKeeper #531

Open
maltesander opened this issue Jul 27, 2022 · 0 comments
Open

Discovery ConfigMap does not expose AuthenticationClass for authenticated access to ZooKeeper #531

maltesander opened this issue Jul 27, 2022 · 0 comments

Comments

@maltesander
Copy link
Member

Currently, if an AuthenticationClass is set, the client access is encrypted and requires authentication.
This is not exposed in the discovery ConfigMap to be picked up by other operators to configure their ZooKeeper access.

The discovery ConfigMap currently expose 3 fields:

  • ZOOKEEPER contains the full zookeeper connection string with znode (generally used)
  • ZOOKEEPER_CHROOT contains the znode (i think only for Nifi currently)
  • ZOOKEEPER_HOSTS contains the zookeeper connection string without znode (i think only for Nifi currently)

Temporary example proposal to add "secure" fields:

  • ZOOKEEPER_SECURE
  • ZOOKEEPER_HOSTS_SECURE
  • (ZOOKEEPER_CHROOT_SECURE) would be redundant
  • AUTHENTICATION_CLASS

This will be discussed further in the architecture meeting on 3rd of August.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@maltesander