Cloudera Docs

Verify the ZooKeeper authentication

After enabling Kerberos authentication and restarting the ZooKeeper cluster, you can verify that the ZooKeeper authentication is working correctly.

  1. Start the ZooKeeper client, passing to it the name of a ZooKeeper server: 
    zookeeper-client -server fqdn.example.com:port
  2. From the ZooKeeper CLI, create a protected znode using your ZooKeeper client principal. 
    create /znode1 znode1data sasl:zkcli@{{YOUR-REALM}}:cdwra
  3. Verify the znode created and the ACL is set correctly: 
    getAcl/znode1
    The getAcl command returns the znode's scheme and permission values.
  4. Verify that the znode's scheme and permissions values are as expected.