[
https://issues.apache.org/jira/browse/HIVE-23045?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17062402#comment-17062402
]
Peter Varga commented on HIVE-23045:
------------------------------------
[~dkuzmenko] [~pvary] could you take a look at this. Thanks.
> Zookeeper SSL/TLS support
> -------------------------
>
> Key: HIVE-23045
> URL: https://issues.apache.org/jira/browse/HIVE-23045
> Project: Hive
> Issue Type: Improvement
> Components: HiveServer2, JDBC, Metastore
> Reporter: Peter Varga
> Assignee: Peter Varga
> Priority: Critical
> Labels: pull-request-available
> Attachments: HIVE-23045.1.patch, HIVE-23045.2.patch,
> HIVE-23045.3.patch, HIVE-23045.4.patch
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Zookeeper 3.5.5 server can operate with SSL/TLS secure connection with its
> clients.
> [https://cwiki.apache.org/confluence/display/ZOOKEEPER/ZooKeeper+SSL+User+Guide]
> The SSL communication should be possible in the different part of HIVE, where
> it communicates with Zookeeper servers. The Zookeeper clients are used in the
> following places:
> * HiveServer2 PrivilegeSynchronizer
> * HiveServer2 register/remove server from Zookeeper
> * HS2ActivePassiveHARegistryClient
> * ZooKeeperHiveLockManager
> * LLapZookeeperRegistryImpl
> * TezAmRegistryImpl
> * WebHCat ZooKeeperStorage
> * JDBC Driver server lookup
> * Metastore - ZookeeperTokenStore
> * Metastore register/remove server from Zookeeper
> The flag to enable SSL communication and the required parameters should be
> provided by different configuration parameters, corresponding the different
> use cases.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
