Learn about the known issues in ZooKeeper, the impact or changes to the functionality,
and the workaround.
- Zookeeper-client does not use ZooKeeper TLS/SSL automatically
- The command-line tool ‘zookeeper-client’ is installed
on all Cloudera nodes and it can be used to start the default Java command line ZooKeeper client. However even
when ZooKeeper TLS/SSL is enabled, the zookeeper-client command connects to
localhost:2181, without using TLS/SSL.
- Manually configure the 2182 port, when zookeeper-client
connects to a ZooKeeper cluster.The following is an example of connecting to a specific
three-node ZooKeeper cluster using TLS/SSL:
CLIENT_JVMFLAGS="-Dzookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty -Dzookeeper.ssl.keyStore.location=[***PATH TO YOUR CONFIGURED KEYSTORE***] -Dzookeeper.ssl.keyStore.password=[***PASSWORD YOU CONFIGURED FOR KEYSTORE***] -Dzookeeper.ssl.trustStore.location=[***path to your configured truststore***] -Dzookeeper.ssl.trustStore.password=[***the password you configured for the truststore***] -Dzookeeper.client.secure=true" zookeeper-client -server [***your.zookeeper.server-1***]:2182,[***your.zookeeper.server-2***]:2182,[***your.zookeeper.server-3***]:2182