Hi All, I am currently using an external 3 machine Zookeeper (3.4.10) to manage multiple NiFi Clusters (NiFi 1.5). I would like to put in ACL for each of the existing NiFi clusters with username/password that is unique to each of the NiFi clusters as it is currently wide open. The docs say that Kerberos is the recommended method for securing ZK, but for now going to go with User/Password.
I'm looking for the best way to do this. My initial thought was to spin up a new ZK cluster, then use the migration tool to migrate each of the root nodes to the new cluster, adding the username/password as each root is migrated. Is there a better way to do this? I'm wondering if a new ZK cluster is needed or not and whether the same thing can just be done on the existing ZK cluster. Can the Username/Password ACL info just be applied to the existing roots (just add the ACL info to the NiFi configuration) and then that's it? Any direction or suggestions is appreciated!! Cheers, Ryan H
