Thanks, Port unification sounds great.
> client that works both with and without SSL, the same for the client and the > same for the admin server. Are you saying that you'll serve the AdminServer on a sub path of the main clientPort, so we'll only need to connect to one port and use the same SSL cert? Or will AdminServer still require its own port? -- Jan Høydahl, search solution architect Cominvent AS - www.cominvent.com > 28. jul. 2019 kl. 13:53 skrev Enrico Olivelli <[email protected]>: > > Jan > > Il dom 28 lug 2019, 13:27 Jan Høydahl <[email protected]> ha scritto: > >> Hi >> >> The default reserved port number for Zookeeper is 2181. So when installing >> ZK using package managers that's typically what you'll get. >> Now with Netty and SSL you want clients to connect to secureClientPort. In >> the Confluence page examples are given with port 2281. But is there some >> best practice or recommendation on which port to use? Specifically: >> >> - Is 2281 a recommended default? >> - Or is it better to use 2181 for secureClientPort and disable old >> clientPort? >> > > I am not sure if there is a right answer to this question. > But on 3.6.0 we will have 'port unification' that is that we have only one > client that works both with and without SSL, the same for the client and > the same for the admin server. > > Enrico > > >> Likewise the new AdminServer defaults to 8080 (same a plain Jetty). Would >> it not be beneficial to have a well known port, say 2191 that clients/apps >> could use as default, and assume that if you apt-get install zookeeper or >> run it via docker, that would be the port AdminServer listens to? >> >> I'm asking because I believe in well-defined conventions. I'm a Solr >> committer and we need to document to users how to configure Zookeeper with >> SSL, and choose defaults in our clients talking to Zookeeper, including >> AdminServer. Ideally I hope the ZK project actively recommends ports for >> clientPort, secureClientPort and AdminServer in the 21xx range and let that >> tricle down to downstream package managers and installer makers. Seeing >> 8080 in a firewall setup tells you nothing, but seeing 2191 would >> immediately ring a bell. >> >> -- >> Jan Høydahl, search solution architect >> Cominvent AS - www.cominvent.com >> >>
