rondagostino commented on a change in pull request #11503: URL: https://github.com/apache/kafka/pull/11503#discussion_r759323353
########## File path: core/src/main/scala/kafka/server/KafkaConfig.scala ########## @@ -748,7 +749,8 @@ object KafkaConfig { "Different security (SSL and SASL) settings can be configured for each listener by adding a normalised " + "prefix (the listener name is lowercased) to the config name. For example, to set a different keystore for the " + "INTERNAL listener, a config with name <code>listener.name.internal.ssl.keystore.location</code> would be set. " + - "If the config for the listener name is not set, the config will fallback to the generic config (i.e. <code>ssl.keystore.location</code>). " + "If the config for the listener name is not set, the config will fallback to the generic config (i.e. <code>ssl.keystore.location</code>). " + + "Note that in KRaft an additional default mapping CONTROLLER to PLAINTEXT is added." Review comment: As discussed offline, it will be included in the KRaft **default value only** so that users don't have to set something like `listener.security.protocol.map=PLAINTEXT:PLAINTEXT:CONTROLLER:PLAINTEXT` for simple KRaft setups. If users set anything for `listener.security.protocol.map` then the `CONTROLLER:PLAINTEXT` mapping won't be added -- users will be forced to specify everything they need if they specify anything. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org