From 3f2dd0e681073c338872489590247e673a6f86b8 Mon Sep 17 00:00:00 2001 From: Clark Boylan Date: Fri, 12 Mar 2021 09:12:05 -0800 Subject: [PATCH] Enable srvr, stat and dump commands in the zk cluster Zookeeper supports a number of "4 letter" commands [0] which are useful for debugging and general diagnostics. By default only srvr is enabled, but we want to add stat and dump to see details on server and client connection statuses. We do this via the 4lw.commands.whitelist configuration option [1] and not the docker image env vars because we're mounting a zoo.cfg in already. [0] https://zookeeper.apache.org/doc/current/zookeeperAdmin.html#sc_4lw [1] https://zookeeper.apache.org/doc/current/zookeeperAdmin.html#sc_clusterOptions Change-Id: I24ea9b37cd5766c9d393106e8eab34623cad1624 --- playbooks/roles/zookeeper/tasks/main.yaml | 7 +++++++ playbooks/roles/zookeeper/templates/zoo.cfg.j2 | 1 + testinfra/test_zookeeper.py | 15 ++++++++++++++- 3 files changed, 22 insertions(+), 1 deletion(-) diff --git a/playbooks/roles/zookeeper/tasks/main.yaml b/playbooks/roles/zookeeper/tasks/main.yaml index 1acc60d29e..4b901eb570 100644 --- a/playbooks/roles/zookeeper/tasks/main.yaml +++ b/playbooks/roles/zookeeper/tasks/main.yaml @@ -54,3 +54,10 @@ - name: Run docker prune to cleanup unneeded images shell: cmd: docker image prune -f + +# This is handy to have on the zk cluster for interacting with the 4 letter +# commands. +- name: Install netcat + package: + name: netcat + state: present diff --git a/playbooks/roles/zookeeper/templates/zoo.cfg.j2 b/playbooks/roles/zookeeper/templates/zoo.cfg.j2 index d943db37b8..79243cd18c 100644 --- a/playbooks/roles/zookeeper/templates/zoo.cfg.j2 +++ b/playbooks/roles/zookeeper/templates/zoo.cfg.j2 @@ -22,6 +22,7 @@ autopurge.purgeInterval=6 maxClientCnxns=60 standaloneEnabled=true admin.enableServer=true +4lw.commands.whitelist=srvr, stat, dump clientPort=2181 secureClientPort=2281 ssl.keyStore.location=/tls/keys/keystore.pem diff --git a/testinfra/test_zookeeper.py b/testinfra/test_zookeeper.py index feb9009612..d96756b440 100644 --- a/testinfra/test_zookeeper.py +++ b/testinfra/test_zookeeper.py @@ -22,9 +22,22 @@ def test_id_file(host): assert myid.content == b'1\n' def test_zk_listening(host): - zk = host.socket("tcp://0.0.0.0:2281") + zk = host.socket("tcp://0.0.0.0:2181") assert zk.is_listening def test_zk_listening_ssl(host): zk = host.socket("tcp://0.0.0.0:2281") assert zk.is_listening + +def test_l4_commands(host): + cmd = host.run("echo srvr | nc localhost 2181") + assert "Zookeeper version" in cmd.stdout + assert "not executed because it is not in the whitelist" not in cmd.stdout + + cmd = host.run("echo stat | nc localhost 2181") + assert "Zookeeper version" in cmd.stdout + assert "not executed because it is not in the whitelist" not in cmd.stdout + + cmd = host.run("echo dump | nc localhost 2181") + assert "SessionTracker dump" in cmd.stdout + assert "not executed because it is not in the whitelist" not in cmd.stdout