Thanks Ram for the interest on this feature. Yes, user can enable SASL for Observer nodes as well. In general, QuorumLearner will send authentication packet to peer QuorumServer. Observer is a learner which follows the same quorum authentication protocol and auth logic will work fine.
FYI, hope you are referring below links for configurations, https://cwiki.apache.org/confluence/display/ZOOKEEPER/Server-Server+mutual+authentication https://blog.cloudera.com/blog/2017/01/hardening-apache-zookeeper-security-sasl-quorum-peer-mutual-authentication-and-authorization/ Please let us know if you are facing any issues. Thanks, Rakesh On Mon, Sep 24, 2018 at 8:31 AM rammohan ganapavarapu < rammohanga...@gmail.com> wrote: > Hi, > > Do we need to configure any thing on observer nodes for SASL > authentication? > > tcpKeepAlive=true ( this is not for sasl but just asking ) > > quorum.auth.enableSasl=true > quorum.auth.learnerRequireSasl=true > quorum.auth.serverRequireSasl=true > > What will happen if i set these properties on observers nodes as well ? > > Thanks, > Ram >
