Hi everyone, I am really need your help, please read below
If we have to run solr in cloud mode, we are going to use zookeeper, now any zookeeper client can connect to zookeeper server, Zookeeper has facility to protect znode however any one can see znode acl however password could be encrypted. Decrypting password or guessing password is not a big deal. As we know password is SHA encrypted also there is no limitation of number of try to authorize with ACL. So my point is how to safegard zookeeper. I can guess few things a. Don't reveal ip of your zookeeper ( security with obscurity ) b. ip table which is also not a very good idea c. what else ?? My guess was if some how we can protect zookeeper server itself by asking client to authorize them self before it can make connection to ensemble even at root ( /) znode. Please please at least comment on this , I really need your help.