...
org.apache.kafka.clients
Proposed Changes
Client code change :
Change parseAndValidateAddresses() in ClientUtils to allow full dns resolution which will result in adding all underlying hosts as kafka nodes. This will allow using an alias in bootstrap.servers
Forcing this behaviour down on existing users isn't desirable since it could break SSL authentication. This should therefore be an optional feature.
Code snippets in the JIRA.
Client configuration
Proposed parameter :
bootstrap.reverse.dns.lookup = true / false
The default value for this parameter is false, there will be no backwards compatibility issue.
Setting the parameter to true will have the client perform the reverse lookup regardless of which security.protocol is specified.
This parameter shouldn't be set to true when using SSL authentication as it can break SSL hostname verification.
Security considerations
This doesn't change the underlying SASL authentication mechanism.
If the principal sent by the broker doesn't match any hostname in bootstrap.servers, the authentication will failCode snippets in the JIRA.
Rejected alternatives
Other option considered :
Changing default behaviour.