[jira] [Commented] (KAFKA-8843) Zookeeper migration tool support for TLS

Fri, 24 Jan 2020 14:12:24 -0800 


    [ 
https://issues.apache.org/jira/browse/KAFKA-8843?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17023299#comment-17023299
 ] 

ASF GitHub Bot commented on KAFKA-8843:
---------------------------------------

rondagostino commented on pull request #8003: KAFKA-8843: KIP-515: Zookeeper 
TLS support
URL: https://github.com/apache/kafka/pull/8003
 
 
   Signed-off-by: Ron Dagostino <rdagost...@confluent.io>
   
   *More detailed description of your change,
   if necessary. The PR title and PR message become
   the squashed commit message, so use a separate
   comment to ping reviewers.*
   
   *Summary of testing strategy (including rationale)
   for the feature or bug fix. Unit and/or integration
   tests are expected for any behaviour change and
   system tests should be considered for larger changes.*
   
   ### Committer Checklist (excluded from commit message)
   - [ ] Verify design and implementation 
   - [ ] Verify test coverage and CI build status
   - [ ] Verify documentation (including upgrade notes)
   
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Zookeeper migration tool support for TLS
> ----------------------------------------
>
>                 Key: KAFKA-8843
>                 URL: https://issues.apache.org/jira/browse/KAFKA-8843
>             Project: Kafka
>          Issue Type: Bug
>            Reporter: Pere Urbon-Bayes
>            Assignee: Pere Urbon-Bayes
>            Priority: Minor
>
> Currently zookeeper-migration tool works based on SASL authentication. What 
> means only digest and kerberos authentication is supported.
>  
> With the introduction of ZK 3.5, TLS is added, including a new X509 
> authentication provider. 
>  
> To support this great future and utilise the TLS principals, the 
> zookeeper-migration-tool script should support the X509 authentication as 
> well.
>  
> In my newbie view, this should mean adding a new parameter to allow other 
> ways of authentication around 
> [https://github.com/apache/kafka/blob/trunk/core/src/main/scala/kafka/admin/ZkSecurityMigrator.scala#L65.
>  
> |https://github.com/apache/kafka/blob/trunk/core/src/main/scala/kafka/admin/ZkSecurityMigrator.scala#L65]
>  
> If I understand the process correct, this will require a KIP, right?
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to