Author Archives: Rakesh Radhakrishnan and Michael Han

Hardening Apache ZooKeeper Security: SASL Quorum Peer Mutual Authentication and Authorization

Categories: ZooKeeper

Background

Apache ZooKeeper is a core infrastructure component in Apache Hadoop stack and is also widely used by many companies for service discovery, configuration management, and so on. Previously ZooKeeper does not support authentication and authorization of servers that are participating in the leader election and quorum forming process; ZooKeeper assumes that every server that is listed in the ZooKeeper configuration file (zoo.cfg) is authenticated. As a result, a server listed in zoo.cfg can join the ensemble even if it is compromised,

Read more