[
https://issues.apache.org/jira/browse/ZOOKEEPER-3577?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17582785#comment-17582785
]
fistomina commented on ZOOKEEPER-3577:
--------------------------------------
I meet the same situation.
I start zookeeper 3.6.3 with secureClientPort and secureClientPortAddress
configed to expose ssl port:
secureClientPortAddress=192.168.x.x
secureClientPort=2181
and configed plaintext port in dynamic config which can only be connected
locally:
server.1=192.168.x.x:2888:3888:participant;127.0.0.1:2181
In this case, {{EnsambleTracker}} in Curator will get only plaintext adress and
prot 127.0.0.1:2181, thus cannot connect to zk when reconnect.
The configuration format maybe like this:
{code:java}
server.1=125.23.63.23:2780:2783:participant;127.0.0.1:2181;192.168.x.x:2181_ssl{code}
> SSL support in ZooKeeper Dynamic Reconfiguration
> ------------------------------------------------
>
> Key: ZOOKEEPER-3577
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3577
> Project: ZooKeeper
> Issue Type: Improvement
> Components: server
> Affects Versions: 3.5.5, 3.5.8, 3.6.2
> Reporter: zhaoyan
> Priority: Minor
>
> ZooKeeper Dynamic Reconfiguration is not support ssl
>
> {{server.1=125.23.63.23:2780:2783:participant;2791}}
>
> {{2791}} is must plaintext port, it not support ssl port
>
> reason:
> org.apache.zookeeper.server.quorum.QuorumPeerConfig#setupClientPort
> {{only {color:#9876aa}clientAddr{color}:}}
> {color:#cc7832}if {color}(qs != {color:#cc7832}null {color}&&
> qs.{color:#9876aa}clientAddr {color}!= {color:#cc7832}null{color})
> {color:#9876aa}clientPortAddress {color}=
> qs.{color:#9876aa}clientAddr{color}{color:#cc7832};{color}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
