The Charmed Apache ZooKeeper Operator delivers automated operations management from day 0 to day 2 on the Apache ZooKeeper server which enables highly reliable distributed coordination, deployed on top of a Kubernetes cluster. It is an open source, end-to-end, production ready data platform on top of cloud native technologies.
The Charmed Apache ZooKeeper Operator can be found on Charmhub and it comes with features such as:
- Horizontal scaling for high-availability out-of-the-box
- Server-Server and Client-Server authentication both enabled by default
- Access control management supported with user-provided ACL lists.
Apache ZooKeeper is a free, open source software project by the Apache Software Foundation. Users can find out more at the Apache ZooKeeper project page.
For production environments, it is recommended to deploy at least 5 nodes for Apache Zookeeper. While the following requirements are meant to be for production, the charm can be deployed in smaller environments.
- 4-8GB of RAM
- 2-4 cores
- 1 storage device, 64GB
To get a description of all config options available, please refer to the
config.yaml file.
Options can be changed by using the juju config command:
juju config zookeeper <config_option_1>=<value> [<config_option_2>=<value>]The Apache ZooKeeper charmed operator may be deployed using the Juju command line as follows:
juju deploy zookeeper -n 5To watch the process, juju status can be used.
Once all the units show as active|idle the credentials to access the admin user can be queried with:
juju run-action zookeeper/leader get-super-password --wait For Apache ZooKeeper cluster horizontal scaling (scale in/out), see examples below or How to manage units guide in Juju documentation.
The charm can be scaled out using juju add-unit command:
juju add-unit zookeeper -n <num_servers_to_add>To scale in the charm, use juju remove-unit command:
juju remove-unit <unit_name>The Charmed Apache ZooKeeper Operator has two internal users:
super: admin user for the cluster. Used mainly with the Kafka operator.sync: specific to the internal quorum handling.
The set-password action can be used to rotate the password of one of them. If no username is passed, it will default to the super user.
To set a specific password for the sync user:
juju run-action zookeeper/leader set-password username=sync password=<password> --waitTo randomly generate a password for the super user:
juju run-action zookeeper/leader set-password --waitSupported relations:
The tls-certificates interface is used with TLS certificate provider charms, e.g. self-signed-certificates operator.
Deploy the TLS provider charm:
juju deploy self-signed-certificatesTo enable TLS, relate the application:
juju relate self-signed-certificates zookeeperUpdates to private keys for certificate signing requests (CSR) can be made via the set-tls-private-key action.
Updates can be done using auto-generated keys with:
juju run-action zookeeper/0 set-tls-private-key --wait
juju run-action zookeeper/1 set-tls-private-key --wait
juju run-action zookeeper/2 set-tls-private-key --waitPassing keys to internal keys should only be done with base64 -w0 not cat. With three servers this schema should be followed:
Generate shared internal key:
openssl genrsa -out internal-key.pem 3072Set keys on each unit:
juju run-action zookeeper/0 set-tls-private-key "internal-key=$(base64 -w0 internal-key.pem)" --wait
juju run-action zookeeper/1 set-tls-private-key "internal-key=$(base64 -w0 internal-key.pem)" --wait
juju run-action zookeeper/2 set-tls-private-key "internal-key=$(base64 -w0 internal-key.pem)" --waitTo disable TLS remove the relation:
juju remove-relation zookeeper self-signed-certificatesNote: The TLS settings here are for self-signed-certificates which are not recommended for production clusters,
the self-signed-certificates charm offers a variety of configurations, read more on the Charmhub page.
Security issues in the Charmed Apache ZooKeeper Operator can be reported through LaunchPad. Please do not file GitHub issues about security issues.
Please see the Juju SDK docs for guidelines on enhancements to this charm following best practice guidelines, and CONTRIBUTING.md for developer guidance.
The Charmed Apache ZooKeeper Operator is free software, distributed under the Apache Software License, version 2.0. See LICENSE for more information.