Ninja Docs Help

Zookeeper configuration

Revision

Date

Description

1.0

24.07.2024

Init Changelog

Zookeeper config files

zookeeper_jaas.conf

File contains superusers definition for Zookeeper. When there is configuration Kafka with Zookeeper without SSL, this file not exists.

Server { org.apache.zookeeper.server.auth.DigestLoginModule required user_super="super" user_admin="secret" user_client="password"; };

zookeeper.properties

File contains Zookeeper configuration.

Most important configs:

  • Directory data for Zookeeper.

    dataDir=/opt/kafka_2.12-3.0.0/zookeeper

  • Zookeeper port.

    clientPort=2181

  • Defines max number of connection into Zookeeper, where 0 means unlimited.

    maxClientCnxns=0

  • Enable AdminServer for Zookeeper and defines its connection port, default it is disabled.

    admin.enableServer=false admin.serverPort=8080

  • Zookeeper parameters.

    tickTime=2000 initLimit=5 syncLimit=2

  • Zookeeper cluster members. Current server is described as 0.0.0.0, other with theirs hostname.

    server.1=0.0.0.0:2888:3888 server.2=ip-10-136-65-23.eu-west-1.compute.internal:2888:3888 server.3=ip-10-136-66-82.eu-west-1.compute.internal:2888:3888

  • SSL configuration. authProvider.* should be configured for each superuser defined in zookeeper_jaas.conf. When Kafka with Zookeeper cluster is configured without SSL, this code not exists.

    requireClientAuthScheme=sasl authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider authProvider.2=org.apache.zookeeper.server.auth.SASLAuthenticationProvider authProvider.3=org.apache.zookeeper.server.auth.SASLAuthenticationProvider authProvider.4=org.apache.zookeeper.server.auth.SASLAuthenticationProvider authProvider.5=org.apache.zookeeper.server.auth.SASLAuthenticationProvider zookeeper.sasl.client=true

Zookeeper with SSL

If Zookeeper works with SSL configured, you need to add into <KAFKA_DIR>/bin/zookeeper-server-start.sh line below:

export KAFKA_OPTS="-Djava.security.auth.login.config=/opt/kafka_2.12-3.0.0/config/zookeeper_jaas.conf"

Best place for add this line, is the beginning of script, like:

# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. export KAFKA_OPTS="-Djava.security.auth.login.config=/opt/kafka_2.12-3.0.0/config/zookeeper_jaas.conf" echo $KAFKA_OPTS if [ $# -lt 1 ]; then ...

Zookeeper service config in /etc/systemd/system

[Unit] Requires=network.target remote-fs.target After=network.target remote-fs.target [Service] Type=simple User=kafka ExecStart=/opt/kafka_2.12-3.0.0/bin/zookeeper-server-start.sh /opt/kafka_2.12-3.0.0/config/zookeeper.properties ExecStop=/opt/kafka_2.12-3.0.0/bin/zookeeper-server-stop.sh Restart=on-abnormal [Install] WantedBy=multi-user.target
Last modified: 17 February 2025
Useful commandsDebezium