THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
- Perform a rolling restart setting the JAAS login file, which enables brokers to authenticate, but setting
zookeeper.set.acl
to false. At the end of the rolling restart, brokers stop creating znodes with secure ACLs, but are still able to authenticate and manipulate all znodes. - Perform a second rolling restart of brokers, this time omitting the system property that sets the JAAS login file.
- Execute the
ZkSecurityMigrator
(there is a script under./bin
and the code is underkafka.admin
). This tool traverses the corresponding sub-trees changing the ACLs of the znodes. - Perform a second rolling restart of brokers, this time omitting the system property that sets the JAAS login file.
Step 2 3 isn't strictly necessary, but it is best to just turn off authentication.
...