NMS Monitor uses an Apache ZooKeeper cluster as its database. It is recommended the ZooKeeper cluster consist of at least 3 nodes to allow 1 node to be brought down for backup while still maintaining redundancy.

In this chapter it is assumed that the cluster is configured on 3 servers Server1, Server2, Server3 and that ZooKeeper is pre-installed in the home directory of the user.

ZooKeeper can be downloaded from the following location: https://zookeeper.apache.org/releases.html

The following instructions are based on ZooKeeper 3.6.2.

In order to support SSL between nodes in the cluster and between ZooKeeper and clients each node must have its own keystore and trust store configured. These should be put into a new directory called ssl:

Use the following command to create the identity keystore and create the server certificate:

where <hostname> is the name of the server and <ipaddress> is the ip address of the server.

This action should be performed on each node in the cluster.

The keystore can be either in jks or pkcs12 format. All examples here are in pkcs12 format. Depending on the format the keystore or truststores created must end with the .jks or .p12 suffix.

Use the following command to export the node’s certificate. This will be imported into the truststore of the clients and other cluster nodes.

where <hostname> is the name of the server.

This action should be performed on each node in the cluster.

On each server a truststore must be created in the $HOME/ apache-zookeeper-3.6.2-bin/ssl directory. It should be created and all client certificates imported into the truststore in addition to the certificate from each node in the cluster.

When the first certificate is imported, the truststore will automatically be generated if it does not exist.

Do the following to import a certificate and create the truststore.

Where <nodename> is the name of the node in the cluster, or the client name and <nodename.cert> is the location of the certificate to be imported.

In order to support SSL between nodes in the cluster and between ZooKeeper and clients the following environment variables must be set in the user’s profile on each ZooKeeper node.

The password should be set to the password used when generating the identity keystore or truststore. Likewise the names of the identity store and truststore should refer to the ones created earlier in this chapter.

The directory $HOME/apache-zookeeper-3.6.2-bin/conf contains the configuration file for the ZooKeeper node. The file zoo.cfg should be created in this directory on each node.

Below is an example of the configuration file:

 

The tickTime, initLimit and syncLimit are set to default values.

The datadir must be set to the location the ZooKeeper data will be stored in (see below).

The secureClientPort defines the SSL port number that will be used by clients to connect to the ZooKeeper instance (See the chapter on NMS Monitor for details of how the client is configured to connect to the ZooKeeper cluster).

The sslQuorum property enables SSL communication between nodes in the ZooKeeper cluster.

The following lines:

Define each of the nodes that make up the ZooKeeper cluster, where <server1_hostname>, <server2_hostname>, and <server3_hostname> are the host names of each node in the cluster. The nodes will use ports 2888 and 3888 to communicate with each other. Clients (such as NMS Monitor) will use port 2281 to connect to these nodes.

In this example, each node is assigned a unique id of 1, 2, or 3 depending on the server property

Assigns the id 2 to host <server2_hostname>

 

The data directory needs to be created on each node of the server. The location is configured in the dataDir property in the ZooKeeper configuration file (see above).

The data directory must be created prior to starting the ZooKeeper instance and the file ‘myid’ must exist in the directory. The contents of the myid file must be the id of the node. For example, to configure the data directory for a server whose node is 2 and whose data location is $HOME/zookeeper:

In order to start the ZooKeeper node use the following command:

To stop the node use the following command: