SASL Digest-MD5 for the ZK Quorum #189

JeanMichelApeupres · 2023-03-30T14:50:39Z

Hi !

Since ZK 3.4.10, we can have SASL authentication for the quorum (more information here : https://cwiki.apache.org/confluence/display/ZOOKEEPER/Server-Server+mutual+authentication). This PR implements SASL for server2server authentication using Digest-MD5 but can be improved to include Kerberos (I don't have Kerberos in my testing environment) :)

manifests/init.pp

deric · 2023-06-01T07:44:51Z

manifests/init.pp

+  Boolean                                    $quorum_auth_enable_sasl          = $zookeeper::params::quorum_auth_enable_sasl,
+  Boolean                                    $quorum_auth_learner_require_sasl = $zookeeper::params::quorum_auth_learner_require_sasl,
+  Boolean                                    $quorum_auth_server_require_sasl  = $zookeeper::params::quorum_auth_server_require_sasl,
+  String                                     $quorum_sasl_user                 = $zookeeper::params::quorum_sasl_user,


String can't have an undef value unless it's declared as Optional[String]. The same in case of $quorum_sasl_password

deric requested changes May 31, 2023

View reviewed changes

manifests/init.pp Outdated Show resolved Hide resolved

SASL Digest-MD5 for the ZK Quorum

a15f767

JeanMichelApeupres force-pushed the master branch from 1dd84c3 to a15f767 Compare May 31, 2023 13:19

deric reviewed Jun 1, 2023

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SASL Digest-MD5 for the ZK Quorum #189

SASL Digest-MD5 for the ZK Quorum #189

JeanMichelApeupres commented Mar 30, 2023

deric Jun 1, 2023

SASL Digest-MD5 for the ZK Quorum #189

Are you sure you want to change the base?

SASL Digest-MD5 for the ZK Quorum #189

Conversation

JeanMichelApeupres commented Mar 30, 2023

deric Jun 1, 2023

Choose a reason for hiding this comment