[
https://issues.apache.org/jira/browse/KAFKA-2641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Flavio Junqueira updated KAFKA-2641:
------------------------------------
Description:
If a cluster isn't secure and wants to migrate to secure, then it will need to
execute the following steps with respect to ZK:
# Perform a rolling restart passing the appropriate JAAS file to enable the ZK
client to authenticate against the server
# Run a ZkSecurityMigrationTool that will set the appropriate ACLs
# Perform a second rolling restart to set `zookeeper.enable.secure.acls`
This recipe assumes that the ZK ensemble has security on.
was:Add necessary configuration and scripting to make sure that existing
clusters can turn security on with minimal disruption.
> Upgrade path for ZK authentication
> ----------------------------------
>
> Key: KAFKA-2641
> URL: https://issues.apache.org/jira/browse/KAFKA-2641
> Project: Kafka
> Issue Type: Sub-task
> Components: security
> Reporter: Flavio Junqueira
> Assignee: Flavio Junqueira
>
> If a cluster isn't secure and wants to migrate to secure, then it will need
> to execute the following steps with respect to ZK:
> # Perform a rolling restart passing the appropriate JAAS file to enable the
> ZK client to authenticate against the server
> # Run a ZkSecurityMigrationTool that will set the appropriate ACLs
> # Perform a second rolling restart to set `zookeeper.enable.secure.acls`
> This recipe assumes that the ZK ensemble has security on.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
