jfrazee commented on a change in pull request #4753:
URL: https://github.com/apache/nifi/pull/4753#discussion_r561228356
##########
File path: nifi-docs/src/main/asciidoc/administration-guide.adoc
##########
@@ -2246,6 +2246,53 @@ _true_. Once Netty is enabled, you should see log
messages like the following in
2020-02-24 23:37:54,082 INFO [nioEventLoopGroup-3-1]
o.apache.zookeeper.ClientCnxnSocketNetty SSL handler added for channel: [id:
0xa831f9c3]
2020-02-24 23:37:54,104 INFO [nioEventLoopGroup-3-1]
o.apache.zookeeper.ClientCnxnSocketNetty channel is connected: [id: 0xa831f9c3,
L:/172.17.0.4:56510 - R:8e38869cd1d1/172.17.0.3:2281]
+=== Embedded ZooKeeper with TLS
+
+A NiFi cluster can also be deployed using a ZooKeeper instance(s) embedded in
NiFi itself which all nodes can communicate with. Communication between nodes
and this embedded ZooKeeper can also be secured with TLS. The configuration for
the client side of the connection will operate in the same way as an external
ZooKeeper. That is, it will use the `+nifi.security.*+` properties from the
nifi.properties file by default, unless you specifiy explicit ZooKeeper
keystore/truststore properties with `+nifi.zookeeper.security.*+` as described
above.
Review comment:
"Communication between nodes and this embedded ZooKeeper can also be
secured with TLS." => "Communication between nodes and this embedded ZooKeeper
will be secured with TLS if NiFi is secured with TLS. Versions of NiFi prior to
1.13 did not use secure client access with embedded ZooKeeper(s)."
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
