[jira] [Updated] (KAFKA-13456) Tighten KRaft config checks/constraints
[ https://issues.apache.org/jira/browse/KAFKA-13456?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ron Dagostino updated KAFKA-13456: -- Priority: Blocker (was: Major) > Tighten KRaft config checks/constraints > --- > > Key: KAFKA-13456 > URL: https://issues.apache.org/jira/browse/KAFKA-13456 > Project: Kafka > Issue Type: Bug > Components: kraft >Affects Versions: 2.8.0, 3.0.0 >Reporter: Ron Dagostino >Assignee: Ron Dagostino >Priority: Blocker > Fix For: 3.1.0 > > > We need to tighten the configuration constraints/checks related to KRaft > configs because the current checks do not eliminate illegal configuration > combinations. Specifically, we need to add the following constraints: > * controller.listener.names is required to be empty for the non-KRaft (i.e. > ZooKeeper) case. A ZooKeeper-based cluster that sets this config will fail to > restart until this config is removed. This generally should not be occurring > -- nobody should be setting KRaft-specific configs in a ZooKeeper-based > cluster -- but we currently do not prevent it from happening. > * There must be no advertised listeners when running just a KRaft controller > (i.e. when process.roles=controller). This means neither listeners nor > advertised.listeners (if the latter is explicitly defined) can contain a > listener that does not also appear in controller.listener.names. > * When running a KRaft broker (i.e. when process.roles=broker or > process.roles=broker,controller), advertised listeners must not include any > listeners appearing in controller.listener.names. > * When running a KRaft controller (i.e. when process.roles=controller or > process.roles=broker,controller) controller.listener.names must be non-empty > and every one must appear in listeners > * When running just a KRaft broker (i.e. when process.roles=broker) > controller.listener.names must be non-empty and none of them can appear in > listeners. This is currently checked indirectly, but the indirect checks do > not catch all cases. We will check directly. > * When running just a KRaft broker we log a warning if more than one entry > appears in controller.listener.names because only the first entry is used. > In addition to the above additional constraints, we should also map the > CONTROLLER listener name to the PLAINTEXT security protocol by default when > using KRaft -- this would be a very helpful convenience. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Updated] (KAFKA-13456) Tighten KRaft config checks/constraints
[ https://issues.apache.org/jira/browse/KAFKA-13456?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ron Dagostino updated KAFKA-13456: -- Description: We need to tighten the configuration constraints/checks related to KRaft configs because the current checks do not eliminate illegal configuration combinations. Specifically, we need to add the following constraints: * controller.listener.names is required to be empty for the non-KRaft (i.e. ZooKeeper) case. A ZooKeeper-based cluster that sets this config will fail to restart until this config is removed. This generally should not be occurring -- nobody should be setting KRaft-specific configs in a ZooKeeper-based cluster -- but we currently do not prevent it from happening. * There must be no advertised listeners when running just a KRaft controller (i.e. when process.roles=controller). This means neither listeners nor advertised.listeners (if the latter is explicitly defined) can contain a listener that does not also appear in controller.listener.names. * When running a KRaft broker (i.e. when process.roles=broker or process.roles=broker,controller), advertised listeners must not include any listeners appearing in controller.listener.names. * When running a KRaft controller (i.e. when process.roles=controller or process.roles=broker,controller) controller.listener.names must be non-empty and every one must appear in listeners * When running just a KRaft broker (i.e. when process.roles=broker) controller.listener.names must be non-empty and none of them can appear in listeners. This is currently checked indirectly, but the indirect checks do not catch all cases. We will check directly. * When running just a KRaft broker we log a warning if more than one entry appears in controller.listener.names because only the first entry is used. In addition to the above additional constraints, we should also map the CONTROLLER listener name to the PLAINTEXT security protocol by default when using KRaft -- this would be a very helpful convenience. was:The controller.listener.names config is currently checked for existence when the process.roles contains the controller role (i.e. process.roles=controller or process.roles=broker,contrtoller); it is not checked for existence when process.roles=broker. However, KRaft brokers have to talk to KRaft controllers, of course, and they do so by taking the first entry in the controller.listener.names list. Therefore, controller.listener.names is required in KRaft mode even when process.roles=broker. > Tighten KRaft config checks/constraints > --- > > Key: KAFKA-13456 > URL: https://issues.apache.org/jira/browse/KAFKA-13456 > Project: Kafka > Issue Type: Bug > Components: kraft >Affects Versions: 2.8.0, 3.0.0 >Reporter: Ron Dagostino >Assignee: Ron Dagostino >Priority: Major > > We need to tighten the configuration constraints/checks related to KRaft > configs because the current checks do not eliminate illegal configuration > combinations. Specifically, we need to add the following constraints: > * controller.listener.names is required to be empty for the non-KRaft (i.e. > ZooKeeper) case. A ZooKeeper-based cluster that sets this config will fail to > restart until this config is removed. This generally should not be occurring > -- nobody should be setting KRaft-specific configs in a ZooKeeper-based > cluster -- but we currently do not prevent it from happening. > * There must be no advertised listeners when running just a KRaft controller > (i.e. when process.roles=controller). This means neither listeners nor > advertised.listeners (if the latter is explicitly defined) can contain a > listener that does not also appear in controller.listener.names. > * When running a KRaft broker (i.e. when process.roles=broker or > process.roles=broker,controller), advertised listeners must not include any > listeners appearing in controller.listener.names. > * When running a KRaft controller (i.e. when process.roles=controller or > process.roles=broker,controller) controller.listener.names must be non-empty > and every one must appear in listeners > * When running just a KRaft broker (i.e. when process.roles=broker) > controller.listener.names must be non-empty and none of them can appear in > listeners. This is currently checked indirectly, but the indirect checks do > not catch all cases. We will check directly. > * When running just a KRaft broker we log a warning if more than one entry > appears in controller.listener.names because only the first entry is used. > In addition to the above additional constraints, we should also map the > CONTROLLER listener name to the PLAINTEXT security protocol by default when > using KRaft -- this would be a very helpful convenience. -- This
[jira] [Updated] (KAFKA-13456) Tighten KRaft config checks/constraints
[ https://issues.apache.org/jira/browse/KAFKA-13456?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ron Dagostino updated KAFKA-13456: -- Component/s: kraft > Tighten KRaft config checks/constraints > --- > > Key: KAFKA-13456 > URL: https://issues.apache.org/jira/browse/KAFKA-13456 > Project: Kafka > Issue Type: Bug > Components: kraft >Affects Versions: 2.8.0, 3.0.0 >Reporter: Ron Dagostino >Assignee: Ron Dagostino >Priority: Major > > The controller.listener.names config is currently checked for existence when > the process.roles contains the controller role (i.e. process.roles=controller > or process.roles=broker,contrtoller); it is not checked for existence when > process.roles=broker. However, KRaft brokers have to talk to KRaft > controllers, of course, and they do so by taking the first entry in the > controller.listener.names list. Therefore, controller.listener.names is > required in KRaft mode even when process.roles=broker. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Updated] (KAFKA-13456) Tighten KRaft config checks/constraints
[ https://issues.apache.org/jira/browse/KAFKA-13456?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ron Dagostino updated KAFKA-13456: -- Fix Version/s: 3.1.0 > Tighten KRaft config checks/constraints > --- > > Key: KAFKA-13456 > URL: https://issues.apache.org/jira/browse/KAFKA-13456 > Project: Kafka > Issue Type: Bug >Affects Versions: 2.8.0, 3.0.0 >Reporter: Ron Dagostino >Assignee: Ron Dagostino >Priority: Major > Fix For: 3.1.0 > > > The controller.listener.names config is currently checked for existence when > the process.roles contains the controller role (i.e. process.roles=controller > or process.roles=broker,contrtoller); it is not checked for existence when > process.roles=broker. However, KRaft brokers have to talk to KRaft > controllers, of course, and they do so by taking the first entry in the > controller.listener.names list. Therefore, controller.listener.names is > required in KRaft mode even when process.roles=broker. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Updated] (KAFKA-13456) Tighten KRaft config checks/constraints
[ https://issues.apache.org/jira/browse/KAFKA-13456?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ron Dagostino updated KAFKA-13456: -- Summary: Tighten KRaft config checks/constraints (was: controller.listener.names is required for all KRaft nodes, not just controllers) > Tighten KRaft config checks/constraints > --- > > Key: KAFKA-13456 > URL: https://issues.apache.org/jira/browse/KAFKA-13456 > Project: Kafka > Issue Type: Bug >Affects Versions: 2.8.0, 3.1.0, 3.0.0 >Reporter: Ron Dagostino >Assignee: Ron Dagostino >Priority: Major > > The controller.listener.names config is currently checked for existence when > the process.roles contains the controller role (i.e. process.roles=controller > or process.roles=broker,contrtoller); it is not checked for existence when > process.roles=broker. However, KRaft brokers have to talk to KRaft > controllers, of course, and they do so by taking the first entry in the > controller.listener.names list. Therefore, controller.listener.names is > required in KRaft mode even when process.roles=broker. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Updated] (KAFKA-13456) Tighten KRaft config checks/constraints
[ https://issues.apache.org/jira/browse/KAFKA-13456?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ron Dagostino updated KAFKA-13456: -- Affects Version/s: (was: 3.1.0) > Tighten KRaft config checks/constraints > --- > > Key: KAFKA-13456 > URL: https://issues.apache.org/jira/browse/KAFKA-13456 > Project: Kafka > Issue Type: Bug >Affects Versions: 2.8.0, 3.0.0 >Reporter: Ron Dagostino >Assignee: Ron Dagostino >Priority: Major > > The controller.listener.names config is currently checked for existence when > the process.roles contains the controller role (i.e. process.roles=controller > or process.roles=broker,contrtoller); it is not checked for existence when > process.roles=broker. However, KRaft brokers have to talk to KRaft > controllers, of course, and they do so by taking the first entry in the > controller.listener.names list. Therefore, controller.listener.names is > required in KRaft mode even when process.roles=broker. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Updated] (KAFKA-13456) Tighten KRaft config checks/constraints
[ https://issues.apache.org/jira/browse/KAFKA-13456?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ron Dagostino updated KAFKA-13456: -- Fix Version/s: (was: 3.1.0) > Tighten KRaft config checks/constraints > --- > > Key: KAFKA-13456 > URL: https://issues.apache.org/jira/browse/KAFKA-13456 > Project: Kafka > Issue Type: Bug >Affects Versions: 2.8.0, 3.0.0 >Reporter: Ron Dagostino >Assignee: Ron Dagostino >Priority: Major > > The controller.listener.names config is currently checked for existence when > the process.roles contains the controller role (i.e. process.roles=controller > or process.roles=broker,contrtoller); it is not checked for existence when > process.roles=broker. However, KRaft brokers have to talk to KRaft > controllers, of course, and they do so by taking the first entry in the > controller.listener.names list. Therefore, controller.listener.names is > required in KRaft mode even when process.roles=broker. -- This message was sent by Atlassian Jira (v8.20.1#820001)
