THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
We want to secure BookKeeper clusters, so at least we have to cover this main issues:
- SSL/TLS support for encrypting comunications and/or to implement client authentication
- Use ACLs while writing to ZooKeeper
- Provide an extensible Authentication framework (in BookKeeper 4.4.0 there is already partial support for this)
- Provide a out-of-the box plugin which implements standard SASL authentication, with at least support for GSSAPI/Kerberos and DIGEST-MD5 mechs
- Provide initial support for Authorization
- SSL/TLS support for encrypting comunications and/or to implement client authentication
Proposals
Major concers are about protocol compatibility, data encryption, configuration on Bookie side and client-side, rolling upgrades and ZooKeeper security.
...