rondagostino commented on a change in pull request #11503:
URL: https://github.com/apache/kafka/pull/11503#discussion_r759323353
##########
File path: core/src/main/scala/kafka/server/KafkaConfig.scala
##########
@@ -748,7 +749,8 @@ object KafkaConfig {
"Different security (SSL and SASL) settings can be configured for each
listener by adding a normalised " +
"prefix (the listener name is lowercased) to the config name. For example,
to set a different keystore for the " +
"INTERNAL listener, a config with name
<code>listener.name.internal.ssl.keystore.location</code> would be set. " +
- "If the config for the listener name is not set, the config will fallback
to the generic config (i.e. <code>ssl.keystore.location</code>). "
+ "If the config for the listener name is not set, the config will fallback
to the generic config (i.e. <code>ssl.keystore.location</code>). " +
+ "Note that in KRaft an additional default mapping CONTROLLER to PLAINTEXT
is added."
Review comment:
As discussed offline, it will be included in the KRaft **default value
only** so that users don't have to set something like
`listener.security.protocol.map=PLAINTEXT:PLAINTEXT:CONTROLLER:PLAINTEXT` for
simple KRaft setups. If users set anything for
`listener.security.protocol.map` then the `CONTROLLER:PLAINTEXT` mapping won't
be added -- users will be forced to specify everything they need if they
specify anything.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
