Current state: "Accepted"
Discussion thread: here
Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).
KIP-226 added support for dynamic update of broker configuration. In this KIP, we propose to extend the support to dynamic update of max.connections.per.ip/max.connections.per.ip.overrides configs. This will be useful in the situations where a particular host (or set of hosts) is causing some trouble for the brokers. Administrators can dynamically update these configs to restrict the connections coming from faulty hosts (or) enable connections only from allowed hosts.
Use case: To restrict the connections coming from faulty clients/hosts (or) to configure IP-based filtering of incoming connections (max.connections.per.ip = 0 and valid max.connections.per.ip.overrides config value)
Config scope: Default for whole cluster (/configs/brokers/<default>)
Dynamic update changes:
SocketServer ConnectionQuotas will be updated with the new values. Existing connections will not be affected, restrictions will be applied on
new connection creations.
Compatibility, Deprecation, and Migration Plan
- There won't be any impact on existing users.
- There won't be any change of current behavior.
- No migration tool required