Jorge Esteban Quilcate Otoya created KAFKA-15314: ----------------------------------------------------
Summary: No Quota applied if client-id is null or empty Key: KAFKA-15314 URL: https://issues.apache.org/jira/browse/KAFKA-15314 Project: Kafka Issue Type: Bug Components: core Reporter: Jorge Esteban Quilcate Otoya When Quotas where proposed, KIP-13[1] stated: > In addition, there will be a quota reserved for clients not presenting a >client id (for e.g. simple consumers not setting the id). This will default to >an empty client id ("") and all such clients will share the quota for that >empty id (which should be the default quota). Though, seems that when client-id is null or empty and a default quota for client-id is present, no quota is applied. Even though Java clients set a default value [2][3], the protocol accepts null client-id[4], and other clients implementations could send a null value to by-pass a quota. Related code[5][6] shows that preparing metric pair for quotas with client-id (potentially null) and setting quota to null when both client-id and (sanitize) user are null. Adding some tests to showcase this: [https://github.com/apache/kafka/pull/14165] Is it expected for client-id=null to by-pass quotas? If it is, then KIP or documentation to clarify this; otherwise we should amend this behavior bug. e.g we could "sanitize" client-id similar to user name to be empty string when input is null or empty. As a side-note, similar behavior could happen with user I guess. Even though value is default to ANONYMOUS, if a client implementation sends empty value, it may as well by-pass the default quota – though I need to further test this once this is considered a bug. [1]: [https://cwiki.apache.org/confluence/display/KAFKA/KIP-13+-+Quotas] [2]: [https://github.com/apache/kafka/blob/e98508747acc8972ac5ceb921e0fd3a7d7bd5e9c/clients/src/main/java/org/apache/kafka/clients/producer/ProducerConfig.java#L498-L508] [3]: [https://github.com/apache/kafka/blob/ab71c56973518bac8e1868eccdc40b17d7da35c1/clients/src/main/java/org/apache/kafka/clients/consumer/ConsumerConfig.java#L616-L628] [4]: [https://github.com/apache/kafka/blob/9f26906fcc2fd095b7d27c504e342b9a8d619b4b/clients/src/main/resources/common/message/RequestHeader.json#L34-L40] [5]: [https://github.com/apache/kafka/blob/322ac86ba282f35373382854cc9e790e4b7fb5fc/core/src/main/scala/kafka/server/ClientQuotaManager.scala#L588-L628] [6]: [https://github.com/apache/kafka/blob/322ac86ba282f35373382854cc9e790e4b7fb5fc/core/src/main/scala/kafka/server/ClientQuotaManager.scala#L651-L652] -- This message was sent by Atlassian Jira (v8.20.10#820010)