I'm looking at Kafka Brokers authentication with ZooKeeper since this looks independent of other tasks.
[AM] 1) Is authentication required only between kafka broker and zookeeper? Can we assume "world" read so that consumers don't have to be authenticated (I believe in any case kafka is planning to change in such that consumers don't have to interact with zk)? In this case I assume kafka broker can I think easily create the znode with appropriate acl list - broker can be admin. 2) Zookeeper supports Kerberos authentication. Zookeeper supports SSL connections (version 3.4 or later) but I don't see an x509 authentication provider. Do we want to support x509 cert based authentication for zk? - Arvind
