* fix issue with zkCli.sh not working with sasl

* updated readme for sasl setup * logging updates to dependent systesms likes splunk
116davinder · Feb 20, 2024 · b2d37cf · b2d37cf
1 parent c228ea9
commit b2d37cf
Show file tree

Hide file tree

Showing 8 changed files with 33 additions and 12 deletions.
diff --git a/Splunk-Config.md b/Splunk-Config.md
@@ -5,7 +5,7 @@
 [default]
 host = $HOSTNAME
 
-[monitor:///zookeeper/zookeeper-logs/*.out]
+[monitor:///zookeeper/zookeeper-logs/*]
 disabled = false
 index = kafka
 sourcetype = zookeeper

diff --git a/Vagrantfile b/Vagrantfile
@@ -22,4 +22,5 @@ Vagrant.configure("2") do |config|
 # SSH config to use your local ssh key for auth instead of username/password
   config.ssh.insert_key = false
   config.vm.provision "file", source: "~/.ssh/id_rsa.pub", destination: "~/.ssh/authorized_keys"
+  config.vm.synced_folder '.', '/vagrant', disabled: true
 end
diff --git a/clusterMigrateToMtls.yml b/clusterMigrateToMtls.yml
@@ -63,9 +63,9 @@
         name: configure
         tasks_from: dynamicConfigs
       vars:
-        - zookeeperConfigFile: zoo.cfg
-        - zookeeperSslQuorum: true
-        - zookeeperPortUnification: "true" # force true
+        zookeeperConfigFile: zoo.cfg
+        zookeeperSslQuorum: true
+        zookeeperPortUnification: "true" # force true
 
     - name: MigrateToMtls | restarting zookeeper
       ansible.builtin.import_role:
@@ -100,9 +100,9 @@
         name: configure
         tasks_from: dynamicConfigs
       vars:
-        - zookeeperConfigFile: zoo.cfg
-        - zookeeperSslQuorum: true
-        - zookeeperPortUnification: "false" # force false
+        zookeeperConfigFile: zoo.cfg
+        zookeeperSslQuorum: true
+        zookeeperPortUnification: "false" # force false
 
     - name: MigrateToMtls | restarting zookeeper
       ansible.builtin.import_role:

diff --git a/clusterMigrateToSasLAuth.yml b/clusterMigrateToSasLAuth.yml
@@ -14,15 +14,15 @@
         name: configure
         tasks_from: dynamicConfigs
       vars:
-        - zookeeperConfigFile: jaas.conf
+        zookeeperConfigFile: jaas.conf
 
     - name: MigrateToSasL | regenerate java.env to enable jaas.conf
       ansible.builtin.include_role:
         name: configure
         tasks_from: dynamicConfigs
       vars:
-        - zookeeperConfigFile: java.env
-        - zookeeperQuorumAuthEnableSasl: true
+        zookeeperConfigFile: java.env
+        zookeeperQuorumAuthEnableSasl: true
 
     - name: MigrateToSasL | enableSasl in zoo.cfg
       ansible.builtin.lineinfile:
@@ -83,8 +83,8 @@
         name: configure
         tasks_from: dynamicConfigs
       vars:
-        - zookeeperConfigFile: zoo.cfg
-        - zookeeperQuorumAuthEnableSasl: true
+        zookeeperConfigFile: zoo.cfg
+        zookeeperQuorumAuthEnableSasl: true
 
     - name: MigrateToSasL | restarting zookeeper
       ansible.builtin.import_role:

diff --git a/docs/migrate-to-mtls.md b/docs/migrate-to-mtls.md
@@ -4,6 +4,7 @@ Read documentation here: https://zookeeper.apache.org/doc/r3.8.0/zookeeperAdmin.
 
 ### Step 0
 Generate MTLS Certs, if you are testing with vagrant then you can use below-mentioned script else read above-mentioned documenations.
+The following script generates certs in the directory from where you are running the script.
 
 [vagrant-generate-tls-certs.sh](../files/vagrant-generate-tls-certs.sh)
 

diff --git a/docs/vagrant-notes.md b/docs/vagrant-notes.md
@@ -0,0 +1,8 @@
+## Running on Windows
+
+### Requires following plugins
+```bash
+vagrant plugin install vagrant-hosts
+vagrant plugin install virtualbox_WSL2
+vagrant plugin install vagrant-vbguest # optional
+```
diff --git a/files/vagrant-generate-tls-certs.sh b/files/vagrant-generate-tls-certs.sh
diff --git a/roles/configure/templates/jaas.conf b/roles/configure/templates/jaas.conf
@@ -8,3 +8,14 @@ QuorumLearner {
        username="{{ zookeeperQuorumUsername }}"
        password="{{ zookeeperQuorumPassword }}";
 };
+
+Server {
+       org.apache.zookeeper.server.auth.DigestLoginModule required
+       user_{{ zookeeperQuorumUsername }}="{{ zookeeperQuorumPassword }}";
+};
+
+Client {
+       org.apache.zookeeper.server.auth.DigestLoginModule required
+       username="{{ zookeeperQuorumUsername }}"
+       password="{{ zookeeperQuorumPassword }}";
+};