Reputation: 6804
Kafka and Zookeeper TLS
I am trying to enable TLS for kafka broker exchanges and had a thought regarding Zookeeper TLS. Currently, on Apache Kafka Documentation I cannot see much mentioned about ZK TLS setup (ok, probably because it's a different apache project) and any possible performance impact.
The question is, can I not have the ONLY broker-client and inter-broker exchanges secured? Do I also need to add TLS to zookeeper? Extra security isn't bad, but is it really necessary to it even for zookeeper?
Upvotes: 3
Views: 3238
Answers (1)
Reputation: 2313
Zookeeper with TLS is only available in Zookeeper 3.5 which is still in beta. Therefore, Kafka isn't supporting TLS connections to zookeeper yet. Doesn't mean you can't do it but it does mean you won't find much documentation on it and if you run in it on something important, you are putting yourself at risk. In this case, I would say the extra security could hurt.
Upvotes: 4
Related Questions
- Kafka Zookeeper security
- Zookeeper issue in setting kafka
- Kafka SASL/PLAIN Setup with SSL
- Zookeeper failures in Kafka 0.9 and above
- Kafka unable to connect to Zookeeper
- Kafka and zookeeper dependancies
- Kafka relationship with Zookeeper
- Kafka cluster and Zookeeper
- relationship zookeeper and kafka
- Zookeeper usage on Kafka 0.9.0