Andre Araujo created KAFKA-10478:
------------------------------------
Summary: advertised.listeners should allow duplicated ports
Key: KAFKA-10478
URL: https://issues.apache.org/jira/browse/KAFKA-10478
Project: Kafka
Issue Type: Improvement
Components: core
Reporter: Andre Araujo
The same
[validations|https://github.com/apache/kafka/blob/391ad90112fb2e9a85bf76250d57863bbf33b383/core/src/main/scala/kafka/utils/CoreUtils.scala#L259-L260]
performed for {{listeners}} endpoints are also applied to
[{{advertised.listeners}}|https://github.com/apache/kafka/blob/e8b2dcdee6f25e9344d52b84e86328ec616bf819/core/src/main/scala/kafka/server/KafkaConfig.scala#L1689-L1691].
It makes sense that neither parameter should allow duplicated listener names.
The port number restriction is different though.
It makes sense that we only allow one listener per port, since two listeners
cannot bind to the same port at the same time (considering a single network
interface).
For advertised listeners, though this doesn't apply since Kafka doesn't
actually bind to the advertised listener ports. A practical application of
relaxing this restriction for {{advertised.listeners}} is the following:
When configuring Kafka using Kerberos authentication and a Load Balancer we
need to have two SASL_SSL listeners: (A) one running with the
{{kafka/hostname}} principal and (B) another using {{kafka/lb_name}}, which is
necessary for proper authentication when using the LB FQDN. After bootstrap,
though, the client receives the brokers' addresses with the actual host FQDNs
advertised by the brokers. To connect to the brokerd using the hostnames the
client must connect to the listener A to be able to authenticate successfully
with Kerberos.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
