Unlock Kafka metadata in Zookeeper
Learn how to unlock access to Kafka metadata in Zookeeper
A secure Kafka cluster with Kerberos authentication enabled is required.
- Disable the use of secure ACLs: This can be achieved by setting the
zookeeper.set.aclconfiguration parameter to false.
- In Cloudera Manager select the Kafka service.
- Select Configuration.
- Find the Enable Zookeeper ACL property.
- Set the property to false by unchecking the checkbox next to the name of the role group.
- Perform a Rolling Restart:
- Return to the Home page by clicking the Cloudera Manager logo.
- Go to the Kafka service and select .
- Check the Restart roles with stale configurations only checkbox and click Rolling restart.
- Click Close when the restart has finished.
- Run the
zookeeper-security-migrationtool with the
zookeeper.acloption set to
zookeeper-security-migration --zookeeper.connect [HOSTNAME]:[PORT]/[ZOOKEEPER_KAFKA_CHROOT] --zookeeper.acl unsecure
Replace [ZOOKEEPER_KAFKA_CHROOT] with the value of the
zookeeper.chrootproperty. To view the value of the property, in Cloudera Manager go to and search for