...
- SSL configs will be updated by reconfiguring
ChannelBuilderand creating a newSslFactory. If SSL is used for inter-broker communication, inconsistent changes (e.g changing CA) should be made by adding a new listener with the new properties. This is true for SASL as well. - SASL configuration updates will be supported using the dynamic JAAS configuration option
sasl.jaas.config - Updates to
advertised.listenerswill re-register the new listener in ZK. This update will be not allowed for the listener used in inter-broker communication. In addition to this,AdminClientwill not allow updates to the listener that was used to make the alter request. - When changes are made to listeners, additional logic will be required in the controller to broadcast the updated metadata to all brokers.
Limitations:
- Configuration updates will not be allowed for the listener used in inter-broker communication. To update inter-broker configs without restarting the broker, a new listener can be created with new configs and the inter-broker listener can be changed to the new listener (similar to the currently documented security upgrade process).
...