zoo.cfg

Lists the ZooKeeper configuration file.

Example zoo.cfg File

The file /opt/mapr/zookeeper/zookeeper-$version/conf/zoo.cfg specifies ZooKeeper configuration parameters.

# The number of milliseconds of each tick
tickTime=2000
# The number of ticks that the initial
# synchronization phase can take
initLimit=20
# The number of ticks that can pass between
# sending a request and getting an acknowledgement
syncLimit=10
# the directory where the snapshot is stored.
dataDir=/opt/mapr/zkdata
# the port at which the clients will connect
clientPort=5181
# max number of client connections
maxClientCnxns=1000
#autopurge interval - 24 hours
autopurge.purgeInterval=24
#superuser to allow zk nodes delete
superUser=mapr
#readuser to allow read zk info for authenticated clients
readUser=anyone
# cldb key location
mapr.cldbkeyfile.location=/opt/mapr/conf/cldb.key
#security provider name
authMech=MAPR-SECURITY
# security auth provider
authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
# use maprserverticket not userticket for auth
mapr.usemaprserverticket=true
#
# Added for 3.4.11-mapr
#
# ZK-to-ZK server authentication using MAPR-SASL
# Set quorum.auth.enableSasl=false for insecure cluster, =true for secure cluster
quorum.auth.enableSasl=true
quorum.auth.learnerRequireSasl=true
quorum.auth.serverRequireSasl=true
quorum.auth.learner.loginContext=QuorumLearner
quorum.auth.server.loginContext=QuorumServer
quorum.cnxn.threads.size=20
#
# Added for 3.5.6-mapr
#
# ZK server-to-server SSL encryption
#
sslQuorum=true
serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory
ssl.quorum.keyStore.location=/opt/mapr/conf/ssl_keystore.p12
ssl.quorum.keyStore.password=<randomly generated password>
ssl.quorum.trustStore.location=/opt/mapr/conf/ssl_truststore.p12
ssl.quorum.trustStore.password=<randomly generated password>
ssl.quorum.protocol=TLS
ssl.quorum.enabledProtocols=TLSv1.2
# MapR uses the cluster name in the certificates, no host names
ssl.quorum.hostnameVerification=false
#
#  The Jetty Admin Server allows ZK access via a URL
#  Like  http://localhost:8080/commands/stat
#  Default port 8080 may cause conflicts; thus server disabled by default
# admin.serverPort=8080
admin.enableServer=false
#
# For upgrade from an existing 3.4.11 or older that had no snapshots
snapshot.trust.empty=true
#

WARNING

maxClientCnxns limits the number of concurrent ZooKeeper connections that a single client machine may make. This value does not set a limit for the whole cluster. The default is 100. If you plan to run more than 100 jobs from a single node, increase this value.

ATTENTION

By default, only authenticated users (users with a valid ticket) are allowed to execute ZooKeeper related commands. To allow all users to execute ZooKeeper related commands, add the entry sessionRequireClientSASLAuth=false to this file and restart ZooKeeper.

Enable Encrypted Quorum Communication

Perform the following steps to enable encrypted quorum communication between ZooKeeper nodes:

Copy all *.p12 certificates from the master CLDB node to all the ZooKeeper nodes.
Set the user and group of all the *.p12 certificates to mapr on all the ZooKeeper nodes.
Set sslQuorum=true in the zoo.cfg file.

Restart ZooKeeper and Warden:

service mapr-zookeeper restart
service mapr-warden restart

HPE Ezmeral Data Fabric – Customer-Managed 7.9.0 Documentation
Abstract	This site contains documentation for the customer-managed platform of the HPE Ezmeral Data Fabric version 7.9.0 including installation, configuration, administration, and reference content, as well as content for the associated bundled ecosystem components and drivers.
Published	November 2024
Edition	7.9.0