zoo.cfg

Lists the ZooKeeper configuration file.

Example zoo.cfg File

The file /opt/mapr/zookeeper/zookeeper-$version/conf/zoo.cfg specifies ZooKeeper configuration parameters.

# The number of milliseconds of each tick
tickTime=2000
# The number of ticks that the initial
# synchronization phase can take
initLimit=20
# The number of ticks that can pass between
# sending a request and getting an acknowledgement
syncLimit=10
# the directory where the snapshot is stored.
dataDir=/opt/mapr/zkdata
# the port at which the clients will connect
clientPort=5181
# max number of client connections
maxClientCnxns=1000
#autopurge interval - 24 hours
autopurge.purgeInterval=24
#superuser to allow zk nodes delete
superUser=mapr
#readuser to allow read zk info for authenticated clients
readUser=anyone
# cldb key location
mapr.cldbkeyfile.location=/opt/mapr/conf/cldb.key
#security provider name
authMech=MAPR-SECURITY
# security auth provider
authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
# use maprserverticket not userticket for auth
mapr.usemaprserverticket=true
#
# For upgrade from 3.4.11
snapshot.trust.empty=true
#
# ZK server-to-server SSL encryption
sslQuorum=false
serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory
ssl.quorum.keyStore.location=/opt/mapr/conf/ssl_keystore.p12
ssl.quorum.keyStore.password=mapr123
ssl.quorum.trustStore.location=/opt/mapr/conf/ssl_truststore.p12
ssl.quorum.trustStore.password=mapr123
ssl.quorum.protocol=TLS
ssl.quorum.enabledProtocols=TLSv1.2
#
# ZK-to-ZK server authentication using MAPR-SASL
# Set quorum.auth.enableSasl=false for insecure cluster, =true for secure cluster
quorum.auth.enableSasl=true
quorum.auth.learnerRequireSasl=true
quorum.auth.serverRequireSasl=true
quorum.auth.learner.loginContext=QuorumLearner
quorum.auth.server.loginContext=QuorumServer
quorum.cnxn.threads.size=20
#x.x.x.x is are the IP addresses of the ZK nodes
server.0=x.x.x.x:2888:3888
server.1=x.x.x.x:2888:3888
server.2=x.x.x.x:2888:3888          
Warning: maxClientCnxns limits the number of concurrent ZooKeeper connections that a single client machine may make. This value does not set a limit for the whole cluster. The default is 100. If you plan to run more than 100 jobs from a single node, increase this value.

Enable Encrypted Quorum Communication

Perform the following steps to enable encrypted quorum communication between ZooKeeper nodes:

  1. Copy all *.p12 certificates from the master CLDB node to all the ZooKeeper nodes.
  2. Set the user and group of all the *.p12 certificates to mapr on all the ZooKeeper nodes.
  3. Set sslQuorum=true in the zoo.cfg file.
  4. Restart ZooKeeper and Warden:
    service mapr-zookeeper restart
    service mapr-warden restart