Status
Current state: Under Discussion
Discussion thread: thread
JIRA: KAFKA-9366
Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).
Motivation
In May 2012, the log4j dev team released log4j 1.2.17 and stopped their support to 1.x releases. And from then on, Apache Kafka is still using it in its core and the other submodules. Since this release has not only several critical security problems like CVE-2019-17571 but also an obsolete interface, it should be replaced into log4j2.
Public Interfaces
This KIP proposes the following:
- Replace log4j 1.x dependency into 2.x, with converting all 1.x API calls with 2.x equivalents.
- Provide a way to use log4j2 configuration, with backward compatibility to log4j.
Proposed Changes
1. Core
For backward compatibility, Kafka broker will use the log4j configuration file by default.
If the user wants to run Kafka broker with lgo4j2 config file, they can do it by setting `export KAFKA_LOG4J_OPTS="-Dlog4j.configurationFile={log4j2-config-file-path}"`. A log4j2 equivalent for traditional log4j config (log4j2.properties) will be provided.
2. Client
Use log4j2 configuration.
3. Connect
Like core, connect will use the log4j configuration file by default. A log4j2 equivalent for traditional log4j config (connect-log4j2.properties) will be also provided. The users can use it by setting `export KAFKA_LOG4J_OPTS="-Dlog4j.configurationFile={log4j2-config-file-path}"`.
Add to this, the changes between log4j and log4j2 introduces the following changes:
- From log4j2, the name of the root logger becomes empty string from 'root'. It impacts Kafka connect's dynamic logging control feature. (And should be documented.)
- From log4j2, the logging level can't be null; GET `/admin/loggers` has been returning loggers with a non-null level (i.e., includes loggers with OFF level) but from log4j2, it returns the loggers with non-OFF levels only.
- If the user sets the root logger with PUT `/admin/loggers/{logger}`, all descendant loggers without the null level were affected. From log4j2, they will be affected since null level is regared as OFF level.
4. Streams
Archetype log4j configuration will be updated into log4j2 equivalent (log4j2.properties).
5. Log4j-appender
Log4j-appender is the only module that does not affected by this update, since it provides a log4j 1.x appender.
Its log4j2 counterpart should be provided in near future. However, it is above the scope of this KIP.
6. Tools
Like core and connect, it will run with log4j configuration by default, but the users can use it by setting `export KAFKA_LOG4J_OPTS="-Dlog4j.configurationFile={log4j2-config-file-path}"`. A log4j2 equivalent for traditional log4j config (tools-log4j2.properties) will also be provided.
7. ETC
All template properties for test scripts (see tests/ directory) will be updated into log4j2 equivalent.
Compatibility, Deprecation, and Migration Plan
1. Core
Thanks to log4j12-api, a compatibility bridge between log4j and log4j2, Kafka broker can be run without any changes; However, if the user runs `bin/kafka-server-start.sh ` or `bin/zookeeper-server-start.sh ` with log4j configuration it will show a deprecation message.
2. Client
None.
3. Connect
Like core, if the user runs 'connect-standalone.sh' or 'bin/connect-distributed.sh' with log4j configuration it will show a deprecation message.
4. Strams
None.
5. Log4j-appender
None.
6. Tools
Same as core and connect; Running 'bin/connect-mirror-maker.sh' with log4j configuration will show a deprecation message.
7. ETC
None.
Rejected Alternatives
None.