Skip to content

ZOOKEEPER-5029: Port unification for PrometheusMetricsProvider#2362

Open
PDavid wants to merge 1 commit intoapache:masterfrom
PDavid:ZOOKEEPER-5029-PrometheusMetricsProvider-portUnification
Open

ZOOKEEPER-5029: Port unification for PrometheusMetricsProvider#2362
PDavid wants to merge 1 commit intoapache:masterfrom
PDavid:ZOOKEEPER-5029-PrometheusMetricsProvider-portUnification

Conversation

@PDavid
Copy link
Copy Markdown
Contributor

@PDavid PDavid commented Mar 19, 2026
edited
Loading

JettyAdminServer has a port unification feature, meaning both secure and insecure connections can be established on the same port. It can be enabled with the admin.portUnification=true configuration setting.

In order to make it more consistent, PrometheusMetricsProvider can also provide such feature when metricsProvider.httpPort and metricsProvider.httpsPort are configured to the same value.

@PDavid
Copy link
Copy Markdown
Contributor Author

PDavid commented Mar 19, 2026
edited
Loading

Testing

Tested this locally as follows:

Created keystore:

keytool -genkeypair -alias zkAdmin -keyalg RSA -keysize 2048 \
  -dname "CN=your.server.com" -validity 365 \
  -keystore keystore.jks -storepass password -keypass password

Created truststore:

# Export the cert
keytool -export -alias zkAdmin -file zkAdmin.crt \
  -keystore keystore.jks -storepass password

# Import into truststore
keytool -import -alias zkAdmin -file zkAdmin.crt \
  -keystore truststore.jks -storepass password -noprompt

Added these to zoo.cfg:

...
metricsProvider.className=org.apache.zookeeper.metrics.prometheus.PrometheusMetricsProvider
metricsProvider.httpPort=7000
metricsProvider.httpsPort=7000
metricsProvider.ssl.keyStore.location=keystore.jks
metricsProvider.ssl.keyStore.password=password
metricsProvider.ssl.trustStore.location=truststore.jks
metricsProvider.ssl.trustStore.password=password
metricsProvider.ssl.need.client.auth=false

Started ZooKeeper:

mvn clean install -DskipTests && bin/zkServer.sh start

ZooKeeper log:

...
2026-03-19 16:52:27,546 [myid:] - INFO  [main:o.a.z.s.q.QuorumPeerConfig@167] - Reading configuration from: /home/david/projects/upstream/zookeeper/bin/../conf/zoo.cfg
2026-03-19 16:52:27,550 [myid:] - INFO  [main:o.a.z.s.q.QuorumPeerConfig@434] - clientPortAddress is 0.0.0.0:2181
2026-03-19 16:52:27,551 [myid:] - INFO  [main:o.a.z.s.q.QuorumPeerConfig@438] - secureClientPort is not set
2026-03-19 16:52:27,551 [myid:] - INFO  [main:o.a.z.s.q.QuorumPeerConfig@454] - observerMasterPort is not set
2026-03-19 16:52:27,551 [myid:] - INFO  [main:o.a.z.s.q.QuorumPeerConfig@471] - metricsProvider.className is org.apache.zookeeper.metrics.prometheus.PrometheusMetricsProvider
2026-03-19 16:52:27,552 [myid:] - INFO  [main:o.a.z.s.DatadirCleanupManager@78] - autopurge.snapRetainCount set to 3
2026-03-19 16:52:27,552 [myid:] - INFO  [main:o.a.z.s.DatadirCleanupManager@79] - autopurge.purgeInterval set to 0
2026-03-19 16:52:27,552 [myid:] - INFO  [main:o.a.z.s.DatadirCleanupManager@101] - Purge task is not scheduled.
2026-03-19 16:52:27,553 [myid:] - WARN  [main:o.a.z.s.q.QuorumPeerMain@139] - Either no config or no quorum defined in config, running in standalone mode
2026-03-19 16:52:27,553 [myid:] - INFO  [main:o.a.z.j.ManagedUtil@46] - Log4j 1.2 jmx support not found; jmx disabled.
2026-03-19 16:52:27,554 [myid:] - INFO  [main:o.a.z.s.q.QuorumPeerConfig@167] - Reading configuration from: /home/david/projects/upstream/zookeeper/bin/../conf/zoo.cfg
2026-03-19 16:52:27,554 [myid:] - INFO  [main:o.a.z.s.q.QuorumPeerConfig@434] - clientPortAddress is 0.0.0.0:2181
2026-03-19 16:52:27,554 [myid:] - INFO  [main:o.a.z.s.q.QuorumPeerConfig@438] - secureClientPort is not set
2026-03-19 16:52:27,554 [myid:] - INFO  [main:o.a.z.s.q.QuorumPeerConfig@454] - observerMasterPort is not set
2026-03-19 16:52:27,554 [myid:] - INFO  [main:o.a.z.s.q.QuorumPeerConfig@471] - metricsProvider.className is org.apache.zookeeper.metrics.prometheus.PrometheusMetricsProvider
2026-03-19 16:52:27,554 [myid:] - INFO  [main:o.a.z.s.ZooKeeperServerMain@122] - Starting server
2026-03-19 16:52:27,559 [myid:] - INFO  [main:o.a.z.m.p.PrometheusMetricsProvider@123] - Initializing Prometheus metrics with Jetty, configuration: {httpsPort=7000, ssl.keyStore.location=keystore.jks, ssl.trustStore.location=keystore.jks, ssl.keyStore.password=password, ssl.trustStore.password=password, ssl.need.client.auth=false, httpPort=7000, ssl.enabledProtocols=TLSv1.2,TLSv1.3, ssl.ciphersuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384}
2026-03-19 16:52:27,587 [myid:] - INFO  [main:o.a.z.m.p.PrometheusMetricsProvider@161] - Starting Prometheus Jetty server...
2026-03-19 16:52:27,592 [myid:] - INFO  [main:o.e.j.u.l.Log@170] - Logging initialized @313ms to org.eclipse.jetty.util.log.Slf4jLog
2026-03-19 16:52:27,645 [myid:] - INFO  [main:o.e.j.s.Server@375] - jetty-9.4.58.v20250814; built: 2025-08-14T02:28:49.637Z; git: 8f1440587e9e4ae7db3d74cf205643f3d707148d; jvm 1.8.0_422-b05
2026-03-19 16:52:27,662 [myid:] - INFO  [main:o.e.j.s.h.ContextHandler@921] - Started o.e.j.s.ServletContextHandler@2d1ef81a{/,null,AVAILABLE}
2026-03-19 16:52:27,759 [myid:] - INFO  [main:o.e.j.u.s.SslContextFactory@358] - x509=X509@4c39bec8(zkadmin,h=[your.server.com],a=[],w=[]) for Server@1f59a598[provider=null,keyStore=file:///home/david/projects/upstream/zookeeper/keystore.jks,trustStore=file:///home/david/projects/upstream/zookeeper/keystore.jks]
2026-03-19 16:52:27,799 [myid:] - INFO  [main:o.e.j.s.AbstractConnector@333] - Started ServerConnector@3835c46{SSL, (ssl, http/1.1)}{0.0.0.0:7000}
2026-03-19 16:52:27,799 [myid:] - INFO  [main:o.e.j.s.Server@415] - Started @521ms
2026-03-19 16:52:27,799 [myid:] - INFO  [main:o.a.z.m.p.PrometheusMetricsProvider@223] - Prometheus metrics provider with Jetty started. HTTP port: 7000, HTTPS port: 7000
2026-03-19 16:52:27,805 [myid:] - INFO  [main:o.a.z.s.ServerMetrics@64] - ServerMetrics initialized with provider org.apache.zookeeper.metrics.prometheus.PrometheusMetricsProvider@68e965f5
2026-03-19 16:52:27,813 [myid:] - INFO  [main:o.a.z.s.a.DigestAuthenticationProvider@51] - ACL digest algorithm is: SHA1
2026-03-19 16:52:27,814 [myid:] - INFO  [main:o.a.z.s.a.DigestAuthenticationProvider@65] - zookeeper.DigestAuthenticationProvider.enabled = true
2026-03-19 16:52:27,815 [myid:] - INFO  [main:o.a.z.s.p.FileTxnSnapLog@124] - zookeeper.snapshot.trust.empty : false
2026-03-19 16:52:27,820 [myid:] - INFO  [main:o.a.z.ZookeeperBanner@42] - 
2026-03-19 16:52:27,820 [myid:] - INFO  [main:o.a.z.ZookeeperBanner@42] -   ______                  _                                          
2026-03-19 16:52:27,820 [myid:] - INFO  [main:o.a.z.ZookeeperBanner@42] -  |___  /                 | |                                         
2026-03-19 16:52:27,820 [myid:] - INFO  [main:o.a.z.ZookeeperBanner@42] -     / /    ___     ___   | | __   ___    ___   _ __     ___   _ __   
2026-03-19 16:52:27,820 [myid:] - INFO  [main:o.a.z.ZookeeperBanner@42] -    / /    / _ \   / _ \  | |/ /  / _ \  / _ \ | '_ \   / _ \ | '__|
2026-03-19 16:52:27,820 [myid:] - INFO  [main:o.a.z.ZookeeperBanner@42] -   / /__  | (_) | | (_) | |   <  |  __/ |  __/ | |_) | |  __/ | |    
2026-03-19 16:52:27,820 [myid:] - INFO  [main:o.a.z.ZookeeperBanner@42] -  /_____|  \___/   \___/  |_|\_\  \___|  \___| | .__/   \___| |_|
2026-03-19 16:52:27,820 [myid:] - INFO  [main:o.a.z.ZookeeperBanner@42] -                                               | |                     
2026-03-19 16:52:27,820 [myid:] - INFO  [main:o.a.z.ZookeeperBanner@42] -                                               |_|                     
2026-03-19 16:52:27,820 [myid:] - INFO  [main:o.a.z.ZookeeperBanner@42] - 
2026-03-19 16:52:27,821 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:zookeeper.version=3.10.0-SNAPSHOT-9dcea1921e24a1065bc7d56e2c13056da36d6ad5-dirty, built on 2026-03-19 15:52 UTC
2026-03-19 16:52:27,821 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:host.name=paksyd-5680-ubuntu
2026-03-19 16:52:27,821 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:java.version=1.8.0_422
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:java.vendor=Temurin
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:java.home=/home/david/.sdkman/candidates/java/8.0.422-tem/jre
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:java.class.path=/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/classes:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/classes:/home/david/projects/upstream/zookeeper/bin/../build/classes:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/zookeeper-jute-3.10.0-SNAPSHOT.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/zookeeper-3.10.0-SNAPSHOT.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/slf4j-api-2.0.13.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/prometheus-metrics-tracer-otel-agent-1.3.10.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/prometheus-metrics-tracer-otel-1.3.10.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/prometheus-metrics-tracer-initializer-1.3.10.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/prometheus-metrics-tracer-common-1.3.10.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/prometheus-metrics-model-1.3.10.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/prometheus-metrics-instrumentation-jvm-1.3.10.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/prometheus-metrics-exposition-textformats-1.3.10.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/prometheus-metrics-exposition-formats-1.3.10.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/prometheus-metrics-exporter-servlet-javax-1.3.10.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/prometheus-metrics-exporter-httpserver-1.3.10.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/prometheus-metrics-exporter-common-1.3.10.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/prometheus-metrics-core-1.3.10.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/prometheus-metrics-config-1.3.10.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/opentest4j-1.2.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/objenesis-3.3.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/netty-transport-native-unix-common-4.1.130.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/netty-transport-native-epoll-4.1.130.Final-linux-x86_64.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/netty-transport-classes-epoll-4.1.130.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/netty-transport-4.1.130.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/netty-tcnative-classes-2.0.74.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/netty-tcnative-boringssl-static-2.0.74.Final-windows-x86_64.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/netty-tcnative-boringssl-static-2.0.74.Final-osx-x86_64.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/netty-tcnative-boringssl-static-2.0.74.Final-osx-aarch_64.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/netty-tcnative-boringssl-static-2.0.74.Final-linux-x86_64.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/netty-tcnative-boringssl-static-2.0.74.Final-linux-aarch_64.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/netty-tcnative-boringssl-static-2.0.74.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/netty-resolver-4.1.130.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/netty-handler-4.1.130.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/netty-common-4.1.130.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/netty-codec-4.1.130.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/netty-buffer-4.1.130.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/mockito-core-4.9.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/logback-core-1.3.15.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/logback-classic-1.3.15.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/junit-platform-suite-api-1.6.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/junit-platform-runner-1.6.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/junit-platform-launcher-1.6.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/junit-platform-engine-1.6.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/junit-platform-commons-1.6.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/junit-jupiter-engine-5.6.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/junit-jupiter-api-5.6.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/junit-4.13.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/jetty-util-ajax-9.4.58.v20250814.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/jetty-util-9.4.58.v20250814.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/jetty-servlet-9.4.58.v20250814.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/jetty-server-9.4.58.v20250814.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/jetty-security-9.4.58.v20250814.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/jetty-io-9.4.58.v20250814.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/jetty-http-9.4.58.v20250814.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/javax.servlet-api-3.1.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/hamcrest-core-1.3.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/dnsjava-3.5.1.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/commons-io-2.17.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/byte-buddy-agent-1.12.16.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/byte-buddy-1.12.16.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/audience-annotations-0.12.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-metrics-providers/zookeeper-prometheus-metrics/target/lib/apiguardian-api-1.1.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/zookeeper-jute-3.10.0-SNAPSHOT.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/tools-0.25.4.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/token-provider-2.0.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/spotbugs-annotations-4.0.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/snappy-java-1.1.10.5.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/slf4j-api-2.0.13.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/opentest4j-1.2.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/objenesis-3.3.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/nimbus-jose-jwt-4.41.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/netty-transport-native-unix-common-4.1.130.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/netty-transport-native-epoll-4.1.130.Final-linux-x86_64.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/netty-transport-classes-epoll-4.1.130.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/netty-transport-4.1.130.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/netty-tcnative-classes-2.0.74.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/netty-tcnative-boringssl-static-2.0.74.Final-windows-x86_64.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/netty-tcnative-boringssl-static-2.0.74.Final-osx-x86_64.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/netty-tcnative-boringssl-static-2.0.74.Final-osx-aarch_64.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/netty-tcnative-boringssl-static-2.0.74.Final-linux-x86_64.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/netty-tcnative-boringssl-static-2.0.74.Final-linux-aarch_64.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/netty-tcnative-boringssl-static-2.0.74.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/netty-resolver-4.1.130.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/netty-handler-4.1.130.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/netty-common-4.1.130.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/netty-codec-4.1.130.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/netty-buffer-4.1.130.Final.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/mockito-inline-4.9.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/mockito-core-4.9.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/metrics-core-4.1.12.1.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/logback-core-1.3.15.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/logback-classic-1.3.15.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/kerby-xdr-2.0.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/kerby-util-2.0.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/kerby-pkix-2.0.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/kerby-config-2.0.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/kerby-asn1-2.0.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/kerb-util-2.0.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/kerb-simplekdc-2.0.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/kerb-server-2.0.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/kerb-identity-2.0.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/kerb-crypto-2.0.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/kerb-core-2.0.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/kerb-common-2.0.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/kerb-client-2.0.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/kerb-admin-2.0.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jvm-driver-9.4.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jvm-driver-8.14.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/junit-platform-suite-api-1.6.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/junit-platform-runner-1.6.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/junit-platform-launcher-1.6.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/junit-platform-engine-1.6.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/junit-platform-commons-1.6.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/junit-jupiter-params-5.6.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/junit-jupiter-engine-5.6.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/junit-jupiter-api-5.6.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/junit-4.13.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jsr305-3.0.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/json-smart-2.3.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jmockit-1.48.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jline-3.25.1.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jetty-util-ajax-9.4.58.v20250814.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jetty-util-9.4.58.v20250814.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jetty-servlet-9.4.58.v20250814.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jetty-server-9.4.58.v20250814.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jetty-security-9.4.58.v20250814.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jetty-io-9.4.58.v20250814.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jetty-http-9.4.58.v20250814.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jetty-client-9.4.58.v20250814.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jcip-annotations-1.0-1.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/javax.servlet-api-3.1.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jackson-databind-2.18.1.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jackson-core-2.18.1.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/jackson-annotations-2.18.1.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/hamcrest-library-2.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/hamcrest-core-2.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/hamcrest-2.2.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/dnsjava-3.5.1.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/core-12.62.5.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/commons-io-2.17.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/commons-collections4-4.4.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/commons-cli-1.5.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/byte-buddy-agent-1.12.16.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/byte-buddy-1.12.16.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/bcutil-jdk18on-1.78.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/bcprov-jdk18on-1.78.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/bcpkix-jdk18on-1.78.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/audience-annotations-0.12.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/asm-5.0.4.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/apiguardian-api-1.1.0.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/target/lib/accessors-smart-1.2.jar:/home/david/projects/upstream/zookeeper/bin/../build/lib/*.jar:/home/david/projects/upstream/zookeeper/bin/../lib/*.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-*.jar:/home/david/projects/upstream/zookeeper/bin/../zookeeper-server/src/main/resources/lib/*.jar:/home/david/projects/upstream/zookeeper/bin/../conf:
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:java.library.path=/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:java.io.tmpdir=/tmp
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:java.compiler=<NA>
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:os.name=Linux
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:os.arch=amd64
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:os.version=6.17.0-19-generic
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:user.name=david
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:user.home=/home/david
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:user.dir=/home/david/projects/upstream/zookeeper
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:jvm.memory.free=858MB
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:jvm.memory.max=958MB
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.Environment@98] - Server environment:jvm.memory.total=958MB
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.s.ZooKeeperServer@151] - zookeeper.enableEagerACLCheck = false
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.s.ZooKeeperServer@164] - zookeeper.digest.enabled = true
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.s.ZooKeeperServer@168] - zookeeper.closeSessionTxn.enabled = true
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.s.ZooKeeperServer@2237] - zookeeper.serializeLastProcessedZxid.enabled = true
2026-03-19 16:52:27,822 [myid:] - INFO  [main:o.a.z.s.ZooKeeperServer@1585] - zookeeper.flushDelay = 0 ms
2026-03-19 16:52:27,823 [myid:] - INFO  [main:o.a.z.s.ZooKeeperServer@1594] - zookeeper.maxWriteQueuePollTime = 0 ms
2026-03-19 16:52:27,823 [myid:] - INFO  [main:o.a.z.s.ZooKeeperServer@1603] - zookeeper.maxBatchSize=1000
2026-03-19 16:52:27,823 [myid:] - INFO  [main:o.a.z.s.ZooKeeperServer@289] - zookeeper.intBufferStartingSizeBytes = 1024
2026-03-19 16:52:27,823 [myid:] - INFO  [main:o.a.z.s.BlueThrottle@141] - Weighed connection throttling is disabled
2026-03-19 16:52:27,824 [myid:] - INFO  [main:o.a.z.s.AuthenticationHelper@66] - zookeeper.enforce.auth.enabled = false
2026-03-19 16:52:27,824 [myid:] - INFO  [main:o.a.z.s.AuthenticationHelper@67] - zookeeper.enforce.auth.schemes = []
2026-03-19 16:52:27,824 [myid:] - INFO  [main:o.a.z.s.ZooKeeperServer@1395] - minSessionTimeout set to 4000 ms
2026-03-19 16:52:27,824 [myid:] - INFO  [main:o.a.z.s.ZooKeeperServer@1404] - maxSessionTimeout set to 40000 ms
2026-03-19 16:52:27,825 [myid:] - INFO  [main:o.a.z.s.ResponseCache@50] - getData response cache size is initialized with value 400.
2026-03-19 16:52:27,825 [myid:] - INFO  [main:o.a.z.s.ResponseCache@50] - getChildren response cache size is initialized with value 400.
2026-03-19 16:52:27,826 [myid:] - INFO  [main:o.a.z.s.u.RequestPathMetricsCollector@109] - zookeeper.pathStats.slotCapacity = 60
2026-03-19 16:52:27,826 [myid:] - INFO  [main:o.a.z.s.u.RequestPathMetricsCollector@110] - zookeeper.pathStats.slotDuration = 15
2026-03-19 16:52:27,826 [myid:] - INFO  [main:o.a.z.s.u.RequestPathMetricsCollector@111] - zookeeper.pathStats.maxDepth = 6
2026-03-19 16:52:27,826 [myid:] - INFO  [main:o.a.z.s.u.RequestPathMetricsCollector@112] - zookeeper.pathStats.initialDelay = 5
2026-03-19 16:52:27,826 [myid:] - INFO  [main:o.a.z.s.u.RequestPathMetricsCollector@113] - zookeeper.pathStats.delay = 5
2026-03-19 16:52:27,826 [myid:] - INFO  [main:o.a.z.s.u.RequestPathMetricsCollector@114] - zookeeper.pathStats.enabled = false
2026-03-19 16:52:27,827 [myid:] - INFO  [main:o.a.z.s.ZooKeeperServer@1622] - The max bytes for all large requests are set to 104857600
2026-03-19 16:52:27,827 [myid:] - INFO  [main:o.a.z.s.ZooKeeperServer@1636] - The large request threshold is set to -1
2026-03-19 16:52:27,827 [myid:] - INFO  [main:o.a.z.s.ZooKeeperServer@387] - Created server with tickTime 2000 ms minSessionTimeout 4000 ms maxSessionTimeout 40000 ms clientPortListenBacklog -1 dataLogdir /tmp/zookeeper/version-2 snapdir /tmp/zookeeper/version-2
2026-03-19 16:52:27,829 [myid:] - INFO  [main:o.a.z.c.X509Util@85] - Setting -D jdk.tls.rejectClientInitiatedRenegotiation=true to disable client-initiated TLS renegotiation
2026-03-19 16:52:27,855 [myid:] - INFO  [main:o.a.z.c.X509Util@109] - Default TLS protocol is TLSv1.3, supported TLS protocols are [TLSv1.3, TLSv1.2, TLSv1.1, TLSv1, SSLv3, SSLv2Hello]
2026-03-19 16:52:27,890 [myid:] - INFO  [main:o.a.z.s.a.JettyAdminServer@143] - Successfully loaded private key from keystore.jks
2026-03-19 16:52:27,890 [myid:] - INFO  [main:o.a.z.s.a.JettyAdminServer@144] - Successfully loaded certificate authority from truststore.jks
2026-03-19 16:52:27,893 [myid:] - WARN  [main:o.e.j.s.h.ContextHandler@1662] - o.e.j.s.ServletContextHandler@696da30b{/,null,STOPPED} contextPath ends with /*
2026-03-19 16:52:27,893 [myid:] - WARN  [main:o.e.j.s.h.ContextHandler@1673] - Empty contextPath
2026-03-19 16:52:27,898 [myid:] - INFO  [main:o.e.j.s.Server@375] - jetty-9.4.58.v20250814; built: 2025-08-14T02:28:49.637Z; git: 8f1440587e9e4ae7db3d74cf205643f3d707148d; jvm 1.8.0_422-b05
2026-03-19 16:52:27,901 [myid:] - INFO  [main:o.e.j.s.s.DefaultSessionIdManager@334] - DefaultSessionIdManager workerName=node0
2026-03-19 16:52:27,901 [myid:] - INFO  [main:o.e.j.s.s.DefaultSessionIdManager@339] - No SessionScavenger set, using defaults
2026-03-19 16:52:27,902 [myid:] - INFO  [main:o.e.j.s.s.HouseKeeper@132] - node0 Scavenging every 660000ms
2026-03-19 16:52:27,904 [myid:] - WARN  [main:o.e.j.s.ConstraintSecurityHandler@759] - ServletContext@o.e.j.s.ServletContextHandler@696da30b{/,null,STARTING} has uncovered http methods for path: /*
2026-03-19 16:52:27,905 [myid:] - INFO  [main:o.e.j.s.h.ContextHandler@921] - Started o.e.j.s.ServletContextHandler@696da30b{/,null,AVAILABLE}
2026-03-19 16:52:27,905 [myid:] - INFO  [main:o.e.j.u.s.SslContextFactory@358] - x509=X509@6f46426d(zkadmin,h=[your.server.com],a=[],w=[]) for Server@73700b80[provider=null,keyStore=null,trustStore=null]
2026-03-19 16:52:27,922 [myid:] - INFO  [main:o.e.j.s.AbstractConnector@333] - Started ServerConnector@2e222612{SSL, (ssl, http/1.1)}{0.0.0.0:8080}
2026-03-19 16:52:27,922 [myid:] - INFO  [main:o.e.j.s.Server@415] - Started @643ms
2026-03-19 16:52:27,922 [myid:] - INFO  [main:o.a.z.s.a.JettyAdminServer@201] - Started AdminServer on address 0.0.0.0, port 8080 and command URL /commands
2026-03-19 16:52:27,924 [myid:] - INFO  [main:o.a.z.s.ServerCnxnFactory@172] - Using org.apache.zookeeper.server.NIOServerCnxnFactory as server connection factory
2026-03-19 16:52:27,925 [myid:] - WARN  [main:o.a.z.s.ServerCnxnFactory@337] - maxCnxns is not configured, using default value 0.
2026-03-19 16:52:27,926 [myid:] - INFO  [main:o.a.z.s.NIOServerCnxnFactory@652] - Configuring NIO connection handler with 10s sessionless connection timeout, 3 selector thread(s), 40 worker threads, and 64 kB direct buffers.
2026-03-19 16:52:27,927 [myid:] - INFO  [main:o.a.z.s.NIOServerCnxnFactory@660] - binding to port 0.0.0.0/0.0.0.0:2181
2026-03-19 16:52:27,934 [myid:] - INFO  [main:o.a.z.s.w.WatchManagerFactory@42] - Using org.apache.zookeeper.server.watch.WatchManager as watch manager
2026-03-19 16:52:27,934 [myid:] - INFO  [main:o.a.z.s.w.WatchManagerFactory@42] - Using org.apache.zookeeper.server.watch.WatchManager as watch manager
2026-03-19 16:52:27,934 [myid:] - INFO  [main:o.a.z.s.ZKDatabase@137] - zookeeper.snapshotSizeFactor = 0.33
2026-03-19 16:52:27,934 [myid:] - INFO  [main:o.a.z.s.ZKDatabase@157] - zookeeper.commitLogCount=500
2026-03-19 16:52:27,936 [myid:] - INFO  [main:o.a.z.s.p.SnapStream@61] - zookeeper.snapshot.compression.method = CHECKED
2026-03-19 16:52:27,936 [myid:] - INFO  [main:o.a.z.s.p.FileSnap@86] - Reading snapshot /tmp/zookeeper/version-2/snapshot.0
2026-03-19 16:52:27,938 [myid:] - INFO  [main:o.a.z.s.DataTree@1706] - The digest value is empty in snapshot
2026-03-19 16:52:27,949 [myid:] - INFO  [main:o.a.z.s.p.FileTxnSnapLog@372] - 15 txns loaded in 5 ms
2026-03-19 16:52:27,949 [myid:] - INFO  [main:o.a.z.s.ZKDatabase@294] - Snapshot loaded in 15 ms, highest zxid is 0xf, digest is 2901938155
2026-03-19 16:52:27,950 [myid:] - INFO  [main:o.a.z.s.p.FileTxnSnapLog@480] - Snapshotting: 0xf to /tmp/zookeeper/version-2/snapshot.f
2026-03-19 16:52:27,951 [myid:] - INFO  [main:o.a.z.s.ZooKeeperServer@588] - Snapshot taken in 1 ms
2026-03-19 16:52:27,983 [myid:] - INFO  [main:o.a.z.s.RequestThrottler@75] - zookeeper.request_throttler.shutdownTimeout = 10000 ms
2026-03-19 16:52:27,983 [myid:] - INFO  [ProcessThread(sid:0 cport:2181)::o.a.z.s.PrepRequestProcessor@135] - PrepRequestProcessor (sid:0) started, reconfigEnabled=false
2026-03-19 16:52:27,991 [myid:] - INFO  [main:o.a.z.s.ContainerManager@97] - Using checkIntervalMs=60000 maxPerMinute=10000 maxNeverUsedIntervalMs=300000
2026-03-19 16:52:27,992 [myid:] - INFO  [main:o.a.z.a.ZKAuditProvider@42] - ZooKeeper audit is disabled.

Call PrometheusMetricsProvider using http:

curl -k -v http://localhost:7000/metrics       
* Host localhost:7000 was resolved.
* IPv6: ::1
* IPv4: 127.0.0.1
*   Trying [::1]:7000...
* Connected to localhost (::1) port 7000
* using HTTP/1.x
> GET /metrics HTTP/1.1
> Host: localhost:7000
> User-Agent: curl/8.15.0
> Accept: */*
> 
* Request completely sent off
< HTTP/1.1 200 OK
< Date: Thu, 19 Mar 2026 15:53:44 GMT
< Content-Type: text/plain; version=0.0.4; charset=utf-8
< Content-Length: 38880
< Server: Jetty(9.4.58.v20250814)
< 
# HELP add_dead_watcher_stall_time_total add_dead_watcher_stall_time counter
# TYPE add_dead_watcher_stall_time_total counter
add_dead_watcher_stall_time_total 0.0
# HELP approximate_data_size approximate_data_size
# TYPE approximate_data_size gauge
approximate_data_size 44.0
# HELP auth_failed_count auth_failed_count
# TYPE auth_failed_count gauge
auth_failed_count 0.0
# HELP avg_latency avg_latency
# TYPE avg_latency gauge
avg_latency 0.0
# HELP bytes_received_count_total bytes_received_count counter
# TYPE bytes_received_count_total counter
bytes_received_count_total 0.0
# HELP close_session_prep_time close_session_prep_time summary
# TYPE close_session_prep_time summary
close_session_prep_time{quantile="0.5"} NaN
close_session_prep_time{quantile="0.95"} NaN
close_session_prep_time{quantile="0.99"} NaN
close_session_prep_time_count 0
close_session_prep_time_sum 0.0
...
write_per_namespace_sum{key="acl_auth_test"} 28.0
# HELP znode_count znode_count
# TYPE znode_count gauge
znode_count 5.0
* Connection #0 to host localhost left intact

Call PrometheusMetricsProvider using https:

curl -k -v https://localhost:7000/metrics      
* Host localhost:7000 was resolved.
* IPv6: ::1
* IPv4: 127.0.0.1
*   Trying [::1]:7000...
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Request CERT (13):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS handshake, Certificate (11):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 / secp256r1 / RSASSA-PSS
* ALPN: server did not agree on a protocol. Uses default.
* Server certificate:
*  subject: CN=your.server.com
*  start date: Mar 10 12:58:28 2026 GMT
*  expire date: Mar 10 12:58:28 2027 GMT
*  issuer: CN=your.server.com
*  SSL certificate verify result: self-signed certificate (18), continuing anyway.
*   Certificate level 0: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
* Connected to localhost (::1) port 7000
* using HTTP/1.x
> GET /metrics HTTP/1.1
> Host: localhost:7000
> User-Agent: curl/8.15.0
> Accept: */*
> 
* Request completely sent off
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
< HTTP/1.1 200 OK
< Date: Thu, 19 Mar 2026 15:54:49 GMT
< Strict-Transport-Security: max-age=86400; includeSubDomains
< Content-Type: text/plain; version=0.0.4; charset=utf-8
< Content-Length: 38884
< Server: Jetty(9.4.58.v20250814)
< 
# HELP add_dead_watcher_stall_time_total add_dead_watcher_stall_time counter
# TYPE add_dead_watcher_stall_time_total counter
add_dead_watcher_stall_time_total 0.0
# HELP approximate_data_size approximate_data_size
# TYPE approximate_data_size gauge
approximate_data_size 44.0
# HELP auth_failed_count auth_failed_count
# TYPE auth_failed_count gauge
auth_failed_count 0.0
...
# HELP write_per_namespace write_per_namespace summary
# TYPE write_per_namespace summary
write_per_namespace{key="acl_auth_test",quantile="0.5"} 14.0
write_per_namespace_count{key="acl_auth_test"} 2
write_per_namespace_sum{key="acl_auth_test"} 28.0
# HELP znode_count znode_count
# TYPE znode_count gauge
znode_count 5.0
* Connection #0 to host localhost left intact

@PDavid PDavid force-pushed the ZOOKEEPER-5029-PrometheusMetricsProvider-portUnification branch from 9dcea19 to a6c4741 Compare March 23, 2026 18:59
@PDavid PDavid marked this pull request as ready for review March 24, 2026 09:11
@PDavid PDavid force-pushed the ZOOKEEPER-5029-PrometheusMetricsProvider-portUnification branch from a6c4741 to 1c3e4dd Compare April 13, 2026 13:59
@PDavid
Copy link
Copy Markdown
Contributor Author

PDavid commented Apr 13, 2026

Rebased the branch on latest master to resolve conflicts.

@anmolnar anmolnar requested review from anmolnar and kezhuw and removed request for anmolnar April 14, 2026 16:01
anmolnar
anmolnar requested changes Apr 14, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@anmolnar anmolnar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Few comments.

...metrics/src/main/java/org/apache/zookeeper/metrics/prometheus/PrometheusMetricsProvider.java

if (this.httpPort != -1 && this.httpsPort != -1 && this.httpPort == this.httpsPort) {
SecureRequestCustomizer customizer = new SecureRequestCustomizer();
customizer.setStsMaxAge(DEFAULT_STS_MAX_AGE);
Copy link
Copy Markdown
Contributor

@anmolnar anmolnar Apr 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is STS?

Copy link
Copy Markdown
Contributor Author

@PDavid PDavid Apr 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

STS means the Strict-Transport-Security HTTP response header.

The HTTP Strict-Transport-Security response header (often abbreviated as HSTS) informs browsers that the host should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be upgraded to HTTPS. Additionally, on future connections to the host, the browser will not allow the user to bypass secure connection errors, such as an invalid certificate. HSTS identifies a host by its domain name only.

...

max-age=<expire-time>
The time, in seconds, that the browser should remember that a host is only to be accessed using HTTPS.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Strict-Transport-Security

This is implemented here the same way as we have it in JettyAdminServer:
https://github.com/apache/zookeeper/blob/master/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/JettyAdminServer.java#L119

...metrics/src/main/java/org/apache/zookeeper/metrics/prometheus/PrometheusMetricsProvider.java
if (this.httpPort != -1 && this.httpsPort != -1 && this.httpPort == this.httpsPort) {
SecureRequestCustomizer customizer = new SecureRequestCustomizer();
customizer.setStsMaxAge(DEFAULT_STS_MAX_AGE);
customizer.setStsIncludeSubDomains(true);
Copy link
Copy Markdown
Contributor

@anmolnar anmolnar Apr 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We might need to add some comments to briefly explain what is this about.

Copy link
Copy Markdown
Contributor Author

@PDavid PDavid Apr 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This sets a directive of the Strict-Transport-Security HTTP response header.

includeSubDomains Optional
If this directive is specified, the HSTS policy applies to all subdomains of the host's domain as well.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Strict-Transport-Security#directives

Same as we have in JettyAdminServer here:

https://github.com/apache/zookeeper/blob/master/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/JettyAdminServer.java#L120

...metrics/src/main/java/org/apache/zookeeper/metrics/prometheus/PrometheusMetricsProvider.java
new HttpConnectionFactory(config));
connector.setPort(this.httpPort);
connector.setHost(this.host);
LOG.debug("Created unified ServerConnector for host: {}, httpPort: {}", host, httpPort);
Copy link
Copy Markdown
Contributor

@anmolnar anmolnar Apr 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can move these messages to INFO level. We should see clearly which type of server has been initialized.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@anmolnar anmolnar anmolnar requested changes

@kezhuw kezhuw Awaiting requested review from kezhuw

+1 more reviewer

@meszibalu meszibalu meszibalu approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@PDavid @anmolnar @meszibalu