Environment
Situation
Resolution
Setting ACL's for the Appliance and Setting ACL's for ZooKeeper on a Windows Server
1. On the Appliance Primary server where zookeeper is installed, go to the /opt/confluent/bin folder.
2. Edit the zookeeper-shell.sh file and add the below line as shown. (check the attached zookeeper-shell.sh file for reference)
"-Djava.security.auth.login.config=/etc/opt/novell/zenworks/casa/casa-jaas.conf"
exec $(dirname $0)/kafka-run-class "-Djava.security.auth.login.config=/etc/opt/novell/zenworks/casa/casa-jaas.conf" org.apache.zookeeper.ZooKeeperMain -server "$@"
3. Save and Exit
4. Run the command
export JAVA_HOME=/opt/novell/zenworks/share/java
5. Run the command
./zookeeper-shell localhost:6789
6. Run the command to set ACL on /zookeeper node
setAcl /zookeeper sasl:zen-zkadmin:cdrwa
7. Run the command to set ACL on /zookeeper/quota node
setAcl /zookeeper/quota sasl:zen-zkadmin:cdrwa
https://www.apache.org/dyn/closer.lua/zookeeper/zookeeper-3.5.8/apache-zookeeper-3.5.8-bin.tar.gz
2. Extract the contents into a folder.
3. From the extracted path go to “extracted_path\apache-zookeeper-3.5.8-bin\bin”
4. Edit the zkcli.cmd file and add the parameters
"-Djava.security.auth.login.config=%ZENWORKS_HOME%\conf\casa\casa-jaas.conf”
call %JAVA% "-Dzookeeper.log.dir=%ZOO_LOG_DIR%" "-Djava.security.auth.login.config=%ZENWORKS_HOME%\conf\casa\casa-jaas.conf" "-Dzookeeper.root.logger=%ZOO_LOG4J_PROP%" "-Dzookeeper.log.file=%ZOO_LOG_FILE%" -cp "%CLASSPATH%" %ZOOMAIN% %*
5. Save and Exit
6. Run the command
set JAVA_HOME=%ZENWORKS_HOME%\share\java
7. Run the command
zkCli.cmd -server localhost:6789
8. Run the command to set ACL on /zookeeper node
setAcl /zookeeper
sasl:zen-zkadmin:cdrwa
9. Run the command to set ACL on /zookeeper/quota node
setAcl /zookeeper/quota sasl:zen-zkadmin:cdrwa
'sasl,'zen-zkadmin
: cdrwa
Cause
Additional Information
Note: The command getAcl /zookeeper will tell us if the ACL’s are set properly.
getAcl /zookeeper