我正在尝试为kafka经纪人交换启用TLS,并考虑过Zookeeper TLS。目前,在Apache Kafka文档中,我看不到很多关于ZK TLS设置的提及(好吧,可能是因为它是一个不同的apache项目)以及任何可能的性能影响。
问题是,我是否可以保证只有经纪人 - 客户和经纪人之间的交易所安全?我是否还需要将TLS添加到zookeeper?额外的安全性也不错,但是对于动物园管理员来说它真的有必要吗?
答案 0 :(得分:4)
Zookeeper with TLS is only available in Zookeeper 3.5 which is still in beta. Therefore, Kafka isn't supporting TLS connections to zookeeper yet. Doesn't mean you can't do it but it does mean you won't find much documentation on it and if you run in it on something important, you are putting yourself at risk. In this case, I would say the extra security could hurt.