You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Note that this KIP proposal is derived from a proposal by Grant Henke that was part of KIP-4 - Command line and centralized administrative operations.

Status

Current state: Draft

Discussion thread: TBD

JIRA Unable to render Jira issues macro, execution error.

Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).

Motivation

KIP-4 - Command line and centralized administrative operations outlines the motivation for exposing admin operations via the protocol:

  • Allows clients in any language to administrate Kafka
    • Wire protocol is supported by any language
  • Provides public client for performing admin operations
    • Ensures integration test code in other projects and clients maintains compatibility
    • Prevents users from needing to use the Command classes and work around standard output and system exits
  • Removing the need for admin scripts (kafka-configs.sh, kafka-topics.sh, etc) to talk directly to Zookeeper. 
    • Allows ZNodes to be completely locked down via ACLs
    • Further hides the Zookeeper details of Kafka

A couple of specific use cases are worth pointing out:

  1. The Metadata request exposes topic metadata, but it does not expose topic configs. ListConfigs will make that information available to any client of the Kafka protocol (including the upcoming Java AdminClient).
  2. AlterConfigs would make it possible to update topic configs, but also client and replication quotas via the protocol.

Public Interfaces

List Configs

ListConfigs Request
ListConfigs Request (Version: 0) => [entities]   
  entities => entity_type entity_name
    entity_type => INT8
    entity_name => STRING

Request semantics:

  1. Can be sent to any broker
  2. If there are multiple instructions for the same entity in one request the extra request will be ignored
    • This is because the list of entities is modeled server side as a set
    • Multiple entities results in the same end goal, so handling this error for the user should be okay
    • This is similar to how delete topics handles requests
  3. Entity types are "Topic", "Client", and "Broker".
  4. If entity_type is "Broker" and entity_name matches the broker that has received the request, read-only configs for this broker are also returned.
  5. Below are the authorization requirements for each type:
    • Broker: Must be authorized to the "Describe" Operation on the "Cluster" resource
    • Topic: Must be authorized to the "Describe" Operation on the "Topic" resource
    • Client: Must be authorized to the "Describe" Operation on the "Client" resource
      • This is a new resource needed
      • TODO: best way to handle this...
  6. Arbitrary configurations are allowed
    • This provides flexibility for custom clients, and allows all "plugin" or extra configs to be shown
    • The user can validate the configs after the describe command in their client to check for errors, but the wire protocol should relay all information.
ListConfigs Response
ListConfigs Response (Version: 0) => [entities]   
  entities => entity_type entity_name error_code [configs]
    entity_type => INT8
    entity_name => STRING
    error_code => INT16
    configs =>
      config_name => STRING
      config_value => STRING
      read_only => BOOLEAN
      is_default => BOOLEAN
      is_sensitive => BOOLEAN

For each config, If is_sensitive is true, config_value will always be null to ensure that we don't leak sensitive information like passwords.

Alter Configs

AlterConfigs Request
AlterConfigs Request (Version: 0) => [entities] validate_only
  validate_only => BOOLEAN
  entities => entity_type entity_name [configs]
    entity_type => INT8
    entity_name => STRING
    configs =>
      config_name => STRING
      config_value => STRING

Request Semantics

  1. Can be sent to any broker
  2. If there are multiple instructions for the same entity in one request, an InvalidRequestException will be logged on the broker and a single error code for that topic will be returned to the client
    • This is because the list of entities is modeled server side as a map with entity as the key
  3. Entity types are "Topic", "Client", and "Broker".
  4. Below are the authorization requirements for each type:
    1. The principal must be authorized to the "Create" Operation on the "Cluster" resource to create topics. 
    • Unauthorized requests will receive a ClusterAuthorizationException
  5. If an Alter operation is attempted on a read-only config, an UnsupportedOperation error will be returned for the relevant entity.
  6. The request is not transactional. 
    1. If an error occurs for an entity, others could still be updated.
    2. Errors are reported independently per entity.
AlterConfigs Response
AlterConfigs Response (Version: 0) => [responses]   
  responses => entity_type entity_name error_code error_message
    entity_type => INT8
    entity_name => STRING
    error_code => INT16
    error_message => STRING


Proposed Changes

TBD

Compatibility, Deprecation, and Migration Plan

TBD

Rejected Alternatives

TBD

Future work

  • Forward requests to the relevant brokers in order to return `read-only` broker configs.

 

  • No labels