Current state: "Accepted"
Discussion thread: here
JIRA: here
Released: 2.1.0
Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).
KIP-226 added support for dynamic update of broker configuration. In this KIP, we propose to extend the support to dynamic update of max.connections.per.ip/max.connections.per.ip.overrides configs. This will be useful in the situations where a particular host (or set of hosts) is causing some trouble for the brokers. Administrators can dynamically update these configs to restrict the connections coming from faulty hosts (or) enable connections only from allowed hosts.
Use case: To restrict the connections coming from faulty clients/hosts (or) to configure IP-based filtering of incoming connections (max.connections.per.ip = 0 and valid max.connections.per.ip.overrides config value)
Config scope: Default for whole cluster (/configs/brokers/<default>)
Config options:
max.connections.per.ip
max.connections.per.ip.overrides
Dynamic update changes:
SocketServer ConnectionQuotas will be updated with the new values. Existing connections will not be affected, restrictions will be applied on
new connection creations.