Versions Compared

Old Version 14

changes.mady.by.user Former user

Saved on

compared with

New Version 15

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This section provides instructions to install, setup and point an external Zookeeper server to a standalone WSO2 Message Broker instance. 

Apache ZooKeeper is a high-performance coordination service for distributed applications. It exposes common services - such as naming, configuration management, synchronization, and group services - in a simple interface so you don't have to write them from scratch. You can use it off-the-shelf to implement consensus, group management, leader election, and presence protocols. And you can , and build on it for your ownunique, specific business needs. 

When WSO2 MB is configured to use an external ZooKeeper server, that external ZooKeeper server should be setup like below.

Installation Prerequisites

...

 WSO2 recommends the following in a typical, production environment:

 

  • Using anexternal server or cluster instead of the in-built Cassandra server, which is not recommended when processing large volumes of queues. In this case, Apache Zookeeper is used.
  • Have the external server on a separate machine or a dedicated VM instance and point to it from the Message Broker.
  • Apache ZooKeeper runs as an ensemble of ZooKeeper servers. Three ZooKeeper servers is the minimum recommended size for an ensemble, and they are recommend to be run on separate machines. 

ZooKeeper Installation Prerequisites

...

  • in.

    • GNU/Linux is supported as a development and production platform for both server and client.

    • Sun Solaris is supported as a development and production platform for both server and client.

    • FreeBSD is supported as a development and production platform for clients only. Java NIO selector support in the FreeBSD JVM is broken.

    • Win32 is supported as a development platform for both server and client.

    • MacOSX is supported as a development platform only for both server and client.

Download ZooKeeper

Download links for the latest, stable Apache ZooKeeper distribution can be found in one of the Apache Download Mirrors: http://zookeeper.apache.org/releases.html.

Info
titleNote

...

Use ZooKeeper version 3.4.0 or later since SASL authentication with zookeeper is available on those versions : http://hbase.apache.org/book/zk.sasl.auth.html

Standalone Operation (Minimum Configuration)

...

This file can be given any name. In this documentation, it is called conf/zoo.cfg. Change the value of dataDir to specify an existing (empty to start with) directory.

Setting up Zookeeper Server to

...

Accept SASL Connections

WSO2 Message Broker is configured to use SASL to connect to the Zookeeper server bundled with it. Thus Therefore, when setting up an external ZooKeeper server to work with WSO2 Message Broker, it is needed to configure ZooKeeper server to accept SASL connections from Message Broker as described below.

ZooKeeper installation folder is reffered refereed to as <ZK_HOME> throughout this section.

...

1. Add the following code to <ZK_HOME>/conf/zoo.cfg file

...

requireClientAuthScheme=sasl is optional: if it is set to any value, it will only allow non-authenticated clients to ping, create session, close session, or sasl-authenticate.

Code Block
languagehtml/xml
authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
#requireClientAuthScheme=sasl
# renew server-side ticket once an hour. 1000*60*60 = 3600000 milliseconds
jaasLoginRenew=3600000

     22. Inside <ZK_HOME>/conf/ folder create a file named jaas.conf and add following lines to configure DIGEST-MD5 authentication. Note that value given for "user_admin" is exactly same as password value given for user name "admin" under client section of jaas.conf file in <MB_HOME>/repository/conf/security folder. 

Code Block
languagehtml/xml
Server {
       org.apache.zookeeper.server.auth.DigestLoginModule required
       user_super="admin"
       user_admin="admin";
};

 

Info
titleNote

...

Value given for "user_admin" is same as password value given for user name "admin" under client section of jaas.conf file in <MB_HOME>/repository/conf/security folder.

The passwords are in plain text. Therefore,

...

both JAAS configuration files should not be readable by anyone other than the Zookeeper server process user.

    3. Inside <ZK_HOME>/conf/ folder, create a file named java.env and . In that file, define the full-qualified name to above jaas.conf file referred to in therestep 2.

Code Block
languagehtml/xml
SERVER_JVMFLAGS="-Djava.security.auth.login.config=/user/<ZK_HOME>/conf/jaas.conf"

...

 Info
titleNote
Change passwords and user names 
...
according to your requirements. For more information on setting SASL authentication for ZooKeeper
...
, refer to https://cwiki.apache.org/ZOOKEEPER/zookeeper-and-sasl.html.
Start ZooKeeper
Start ZooKeeper as follows, after After creating the configuration file, start ZooKeeper as follows.
 Code Block
bin/zkServer.sh start
...