Support Questions

Hi @MariaZ 

In order for zookeeper to use secure port 2182, you need to make sure your cluster is TLS enabled
and also  -- > This port used in ZooKeeper to accept TLS/SSL connections from clients. You need to select 'Enable TLS/SSL for ZooKeeper' in order to have this port open. Any client that connects to this port must use TLS/SSL."

Hope this answers your request.

Regards,
Puneeth 

thank you @Puni,  

Zookeeper is configured to accept TLS/SSL Connections from clients, and in ranger admin add new configuration section I am setting zookeeper.client.secure = true

Is there anything else that needs to be set?

Hi @MariaZ 

That should be all. However zookeeper.client.secure = true is something I don't see if needed. But if this value helps, you can leave it and check.

Regards,

Puneeth

hi @Puni 

Its not working, in the ranger admin logs, i see this error:org.apache.ranger.services.kafka.RangerServiceKafka

2024-03-08 13:38:11,851 [timed-executor-pool-0] ERROR org.apache.ranger.services.kafka.RangerServiceKafka (RangerServiceKafka.java:67) - <== RangerServiceKafka.validateConfig Error:java.lang.InterruptedException
2024-03-08 13:38:11,851 [timed-executor-pool-0] ERROR org.apache.ranger.biz.ServiceMgr$TimedCallable (ServiceMgr.java:610) - TimedCallable.call: Error:java.lang.InterruptedException

Hi @MariaZ 

The error above may be a different issue . Hard to say its due to the enablement of TLS/SSL on Zookeeper.

you may better raise case with the error message to troubleshoot it with logs to identify what is causing the java InterruptedException.

Regards,

Puneeth

.