THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
- Perform a rolling restart setting the JAAS login file, which enables brokers to authenticate. At the end of the rolling restart, brokers are able to manipulate znodes with strict ACLs, but they will not create znodes with those ACLs.
- Perform a second rolling restart of brokers, this time setting the configuration parameter {{
zookeeper.set.acl
to true}}, which enables enablesZkUtils
to use secure ACLs when creating znodes. - Execute a tool called
ZkSecurityMigrator
(there is a script under under./bin
and the code is underkafka.admin
). This tool traverses the corresponding sub-trees changing the ACLs of the znodes.
...