[go: nahoru, domu]
Page MenuHomePhabricator
Create Task
Maniphest T365400

Enable blocked commands in Zookeeper management interface
Closed, ResolvedPublic
Actions

Description

Zookeeper has a simple management interface that we can use to check cluster health, list keys, etc. The management commands are collectively known as the Four-Letter Words.

Starting with version 3.4.10 , Zookeeper blocks these commands by default, responding with ${cmd} is not executed because it is not in the whitelist. We're running into this on Bookworm, which ships with 3.8.0-11.

As we need these commands to have visibility into the cluster, I'm creating this ticket to:

  • Enable these commands in zoo.cfg for newer versions of Zookeeper.
  • Verify operation.

Details

Other Assignee
bking
SubjectRepoBranchLines +/-
zookeeper: enable 4lw cmds in bookworm or lateroperations/puppetproduction+7 -1
Customize query in gerrit

Event Timeline

bking created this task.May 20 2024, 9:40 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 20 2024, 9:40 PM
gerritbot added a comment.May 20 2024, 9:49 PM

Change #1034162 had a related patch set uploaded (by Ryan Kemper; author: Ryan Kemper):

[operations/puppet@production] zookeeper: enable 4lw cmds in zk 3.4.10

https://gerrit.wikimedia.org/r/1034162

gerritbot added a project: Patch-For-Review.May 20 2024, 9:49 PM
bking assigned this task to RKemper.May 20 2024, 9:51 PM
bking updated Other Assignee, added: bking.
bking edited projects, added Data-Platform-SRE (2024.05.06 - 2024.05.26); removed Data-Platform-SRE.
gerritbot added a comment.May 20 2024, 10:00 PM

Change #1034162 merged by Bking:

[operations/puppet@production] zookeeper: enable 4lw cmds in bookworm or later

https://gerrit.wikimedia.org/r/1034162

Maintenance_bot removed a project: Patch-For-Review.May 20 2024, 10:30 PM
Gehel moved this task from Backlog to In Progress on the Data-Platform-SRE (2024.05.06 - 2024.05.26) board.May 21 2024, 8:08 AM
bking closed this task as Resolved.May 21 2024, 2:27 PM
bking moved this task from In Progress to Done on the Data-Platform-SRE (2024.05.06 - 2024.05.26) board.

We merged this change yesterday and confirmed that we can now use the "Four Letter Word" commands. Closing...

RKemper added a comment.May 21 2024, 3:20 PM

Here's what it looked like before the puppet patch:

ryankemper@cumin2002:~$ sudo -E cookbook sre.zookeeper.roll-restart-zookeeper flink-codfw
===== NODE GROUP =====
(1) flink-zk2003.codfw.wmnet
----- OUTPUT of 'echo stats | nc -q 1 localhost 2181' -----
stat is not executed because it is not in the whitelist.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits