4e9f5323c4
This patch aim to add support for TLS encryption both for client and quorum. Depends-On: https://review.opendev.org/c/openstack/ansible-role-pki/+/865420 Change-Id: I171e0c587296d2a7eac126863eb8efa303a05a8c
59 lines
2.2 KiB
Django/Jinja
59 lines
2.2 KiB
Django/Jinja
# The number of milliseconds of each tick
|
|
tickTime=2000
|
|
# The number of ticks that the initial
|
|
# synchronization phase can take
|
|
initLimit=10
|
|
# The number of ticks that can pass between
|
|
# sending a request and getting an acknowledgement
|
|
syncLimit=5
|
|
# Place the dataLogDir to a separate physical disc for better performance
|
|
dataLogDir={{ zookeeper_data_log_dir }}
|
|
# the directory where the snapshot is stored.
|
|
# do not use /tmp for storage, /tmp here is just
|
|
# example sakes.
|
|
dataDir={{ zookeeper_data_dir }}
|
|
# the port at which the clients will connect
|
|
clientPort={{ zookeeper_client_port }}
|
|
|
|
{% if zookeeper_cluster_members | length > 1 %}
|
|
# specify all zookeeper servers
|
|
{% for server in zookeeper_cluster_members %}
|
|
server.{{ loop.index }}={{ hostvars[server][zookeeper_cluster_address_hostvars_key] }}:{{ zookeeper_cluster_peer_ports }}
|
|
{% endfor %}
|
|
{% endif %}
|
|
|
|
# Be sure to read the maintenance section of the
|
|
# administrator guide before turning on autopurge.
|
|
#
|
|
# http://zookeeper.apache.org/doc/current/zookeeperAdmin.html#sc_maintenance
|
|
#
|
|
# The number of snapshots to retain in dataDir
|
|
autopurge.snapRetainCount={{ zookeeper_snap_retain_count }}
|
|
# Purge task interval in hours
|
|
# Set to "0" to disable auto purge feature
|
|
autopurge.purgeInterval={{ zookeeper_purge_interval }}
|
|
|
|
4lw.commands.whitelist={{ zookeeper_commands_whitelist | join(', ') }}
|
|
|
|
{% if zookeeper_ssl_client_enable | bool or zookeeper_ssl_quorum_enable | bool %}
|
|
serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory
|
|
{% endif %}
|
|
|
|
{% if zookeeper_ssl_client_enable | bool %}
|
|
secureClientPort={{ zookeeper_secure_client_port }}
|
|
ssl.keyStore.location={{ zookeeper_ssl_keystore_location }}
|
|
ssl.trustStore.location={{ zookeeper_ssl_truststore_location }}
|
|
ssl.enabledProtocols={{ zookeeper_ssl_protocols | join(',') }}
|
|
ssl.trustStore.type=PEM
|
|
ssl.clientAuth={{ zookeeper_ssl_client_auth }}
|
|
{% endif %}
|
|
|
|
{% if zookeeper_ssl_quorum_enable | bool %}
|
|
sslQuorum=true
|
|
ssl.quorum.keyStore.location={{ zookeeper_ssl_keystore_location }}
|
|
ssl.quorum.trustStore.location={{ zookeeper_ssl_truststore_location }}
|
|
ssl.quorum.enabledProtocols={{ zookeeper_ssl_protocols | join(',') }}
|
|
ssl.quorum.trustStore.type=PEM
|
|
ssl.quorum.clientAuth={{ zookeeper_ssl_quorum_client_auth }}
|
|
{% endif %}
|