Reputation: 578
Mesos parameters for enabling communication over SSL with Zookeeper-3.5.7
Recently, I've been working on securing communication between Mesos master and zookeeper by setting up SSL authentication.
I followed the steps as listed here to have client-server communication involving zookeeper over SSL.
For a sample zookeeper client, say zookeeper CLI, the following JVM flags are needed to be set to allow the zkCli to communicate over SSL with the zookeeper.
export CLIENT_JVMFLAGS="- Dzookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty
-Dzookeeper.client.secure=true
-Dzookeeper.ssl.keyStore.location=/root/zookeeper/ssl/keyStore.jks
-Dzookeeper.ssl.keyStore.password=xxxx
-Dzookeeper.ssl.trustStore.location=/root/zookeeper/ssl/trustStore.jks
-Dzookeeper.ssl.trustStore.password=xxxx"
My question arises regarding how to pass the above parameters when we want Mesos master to communicate with zookeeper over SSL.
Tried looking for some pointers here and here but could not find anything that would help in this case. Further, I tried passing these parameters as arguments inside mesos-master.sh as given below but it does not solve my problem.
# Start Mesos master
$ ./bin/mesos-master.sh --ip=127.0.0.1 --work_dir=/var/lib/mesos
Would be great to get some advice on this as it's become a potential blocker for now.
Thank you,
Tushar
Upvotes: 0
Views: 241
Answers (1)
Related Questions
- Mesos Failed to connect error to IP:5050
- Issue using same zookeeper for Kafka and Mesos
- Mesos-master: Shutdown failed on fd=25: Transport endpoint is not connected [107]
- Configuring SSL in zookeeper
- Will mesos & zookeeper uses random ports to communicate with peers
- Mesos cluster deployment with Marathon
- Resolving the Mesos Leading Master
- mesos slaves are not connecting with mesos masters cluster
- Mesos - Zookeeper error; Connection Refused
- Apache Mesos - Zookeeper failing on load, cannot access marathon/attach slaves.