Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-10478

advertised.listeners should allow duplicated ports

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.7.0
    • Component/s: core
    • Labels:
      None

      Description

      The same validations performed for listeners endpoints are also applied to advertised.listeners.

      It makes sense that neither parameter should allow duplicated listener names. The port number restriction is different though.

      It makes sense that we only allow one listener per port, since two listeners cannot bind to the same port at the same time (considering a single network interface).

      For advertised listeners, though this doesn't apply since Kafka doesn't actually bind to the advertised listener ports. A practical application of relaxing this restriction for advertised.listeners is the following:

      When configuring Kafka using Kerberos authentication and a Load Balancer we need to have two SASL_SSL listeners: (A) one running with the kafka/hostname principal and (B) another using kafka/lb_name, which is necessary for proper authentication when using the LB FQDN. After bootstrap, though, the client receives the brokers' addresses with the actual host FQDNs advertised by the brokers. To connect to the brokerd using the hostnames the client must connect to the listener A to be able to authenticate successfully with Kerberos.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                asdaraujo Andre Araujo
                Reporter:
                asdaraujo Andre Araujo
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: