Kafka-2.配置-Broker Configs

Kafka在 property file format 使用键值对作为配置。这些值无论来自文件还是以编程的方式,都被支持。

1. Broker Configs

必要配置如下:

  • broker.id
  • log.dirs
  • zookeeper.connect

更详细的Topic-level的配置和默认值如下

NAME DESCRIPTION TYPE DEFAULT VALID VALUES IMPORTANCE DYNAMIC UPDATE MODE
zookeeper.connect 用hostname:port的格式指定ZK连接串。
为了让ZK服务器down掉的时候能够连接上其他的ZK节点,能指定多个hosts:hostname1:port1,hostname2:port2,hostname3:port3
服务器还可以将ZooKeeper chroot路径作为其ZooKeeper连接字符串的一部分,该字符串将其数据放在全局ZooKeeper命名空间中的某个路径下。例如,一个chroot路径:/chroot/path,需要指定如下连接串:hostname1:port1,hostname2:port2,hostname3:port3/chroot/path.
string 只读
advertised.host.name 废弃,只有在advertised.listeners或者listeners没有指定的时候使用,请用advertised.listeners替代它。要发布到ZK以供客户端使用的主机名。在Iaas环境下,需要和broker绑定的接口不同。如果没有设置,如果设置了host.name就用这个值。否则将使用从java.net.InetAddress.getCanonicalHostName()返回的值。 string null 只读
advertised.listeners 如果和监听器配置的属性不同,发布到ZK以供用户使用的监听器。在IaaS环境下,需要和broker绑定的接口不同。如果没有设置,会使用监听器的值。和监听器不同,公开的0.0.0.0的元地址无效。 string null per-broker
advertised.port 废弃,仅在advertised.listeners or listeners 未设置时使用。改用advertised.listeners。发布到ZK的接口以供用户使用。在IaaS环境下,需要和broker板顶的端口不同。如果没有设置,将发布和broker绑定的接口相同。 int null 只读
auto.create.topics.enable 在服务器开启自动创建topic boolean true 只读
auto.leader.rebalance.enable 开启自动均衡,一个定时检查和触发leader平衡的后台进程 boolean true 只读
background.threads 开启的后台处理任务的线程数 int 10 [1,...] cluster-wide
broker.id 服务器的broker id,如果未设置,会生成一个唯一brokerid。为了避免ZK生成的broker id和用户生成的产生id冲突,生成的broker id从reserved.broker.max.id + 1开始 int -1 只读
compression.type 指定给定topic的最终压缩类型。这个配置接受标准压缩编码('gzip', 'snappy', 'lz4', 'zstd')。还接受“ uncompressed”,也就是不压缩。也接受“ producer“,也就是保留生产者设置的原始压缩编码。 string producer cluster-wide
control.plane.listener.name 用于controller和brokers之间的通信的监听器的名称。Broker将使用control.plane.listener.name 来定位监听器列表中的终端,监听来自控制器的连接。
例如,如果broker的配置是:listeners = INTERNAL://192.1.1.8:9092, EXTERNAL://10.1.1.5:9093, CONTROLLER://192.1.1.8:9094
listener.security.protocol.map = INTERNAL:PLAINTEXT, EXTERNAL:SSL, CONTROLLER:SSL control.plane.listener.name = CONTROLLER
启动时,broker将使用SSL安全协议在"192.1.1.8:9094"上监听。在控制器端,当它发现一个broker通过ZK发布了终端,将会使用control.plane.listener.name来找到这个终端,以此建立和broker的连接。
例如:如果一个broker在ZK发布的终端是:"endpoints" : ["INTERNAL://broker1.example.com:9092","EXTERNAL://broker1.example.com:9093","CONTROLLER://broker1.example.com:9094"] ;控制器配置是:listener.security.protocol.map = INTERNAL:PLAINTEXT, EXTERNAL:SSL, CONTROLLER:SSL control.plane.listener.name = CONTROLLER 那么控制器将在“broker1.example.com:9094”上使用SSL安全协议连接到broker。如果没有明确配置,默认值是null,并且控制器连接没有专用端点。
string null 只读
delete.topic.enable 启用删除主题。如果关闭,通过admin工具删除主题将没有作用 boolean true 只读
host.name 废弃,仅在未设置listeners时使用,改为使用listeners,broker的hostname。如果设置了,就只绑定到这个地址。如果没有设置,就绑定到所有接口 string "" 只读
leader.imbalance.check.interval.seconds 控制器触发分区重新平衡检查的频率 long 300 只读
leader.imbalance.per.broker.percentage 每个broker允许的leader的不平衡的比率。如果每个broker超过了这个值,控制器将触发一次leader平衡。这个值用百分比指定 int 100 只读
listeners 监听器列表,将监听用逗号分隔的URI列表和监听器名称。如果监听器名称不是一个安全协议,必须设置listener.security.protocol.map。将主机名指定为0.0.0.0以绑定到所有接口。保留hostname为空以绑定到默认接口。
合法的监听器列表示例:PLAINTEXT://myhost:9092,SSL://:9091 CLIENT://0.0.0.0:9092,REPLICATION://localhost:9093
string null per-broker
log.dir 保存日志数据的目录(log.dirs属性的补充) string /tmp/kafka-logs high read-only
log.dirs 保存日志数据的目录,如果没有设置,使用log.dir设置的值 string null high read-only
log.flush.interval.messages 消息刷新到磁盘之前在日志分区上积累的消息数 long 9223372036854775807 [1,...] high cluster-wide
log.flush.interval.ms 刷新到磁盘之前,任何主题中的消息将会被存放在内存中的最大毫秒数,如果未设置,使用long.flush.scheduler.interval.ms中的值 long null high cluster-wide
log.flush.offset.checkpoint.interval.ms 更新上次flush的持久化记录的频率,该记录作为日志恢复点 int 60000 [0,...] high read-only
log.flush.scheduler.interval.ms 日志刷新器检查是否需要将一些日志flush到磁盘的频率 long 9223372036854775807 high read-only
log.flush.start.offset.checkpoint.interval.ms 更新日志开始偏移的持久化记录的频率 int 60000 [0,...] high read-only
log.retention.bytes 删除之前的最大日志大小 long -1 high cluster-wide
log.retention.hours 删除之前保留日志文件的小时数,是log.retention.ms 属性的第三级 int 168 high read-only
log.retention.minutes 删除之前保留日志文件的分钟数,是log.retention.ms属性的第二级,如果不设置,使用log.retention.hours 属性 int null high read-only
log.retention.ms 删除之前保留日志文件的毫秒数,如果不设置,使用log.retention.hours 属性 long null high cluster-wide
log.roll.hours 新日志段推出之前的最长小时数,log.roll.ms 属性的第二级 int 168 [1,...] high read-only
log.roll.jitter.hours 从logRollTimeMillis(以小时为单位)中间去的最大抖动,log.roll.jitter.ms属性的第二级 int 0 [0,...] high read-only
log.roll.jitter.ms 从logRollTimeMillis(以毫秒为单位)减去的最大抖动,如果不设置,使用log.roll.jitter.hours的值 long null high cluster-wide
log.roll.ms 新日志段推出之前的最长毫秒数,如果不设置,使用log.roll.hours的值 long null high cluster-wide
log.segment.bytes 单个日志文件的 int 1073741824 [14,...] high cluster-wide
log.segment.delete.delay.ms 从文件系统中删除文件之前等待的最长时间 long 60000 [0,...] high cluster-wide
message.max.bytes Kafka允许的最大记录批量大小。如果它增加了并且消费者版本大于0.10.2,消费者获取的大小也必须增加,以便他们能获取到这么大量的数据。
在最新的消息格式版本中,记录始终按批次分组以提高效率。之前的版本中,未压缩的记录不会被记录到批次中,并且仅限制这种情况下的单个记录
可以用主题级别的max.message.bytes配置来设置到每一个主题
int 1000012 [0,...] high cluster-wide
min.insync.replicas 当生产者将acks值设置为"all"(或"-1"),min.insync.replicas指定为 确认被认为写入成功的最小副本数。如果无法满足此最小值,生产者将会抛出一个异常(NotEnoughReplicas或者NotEnoughReplicasAfterAppend)。在一起使用时,min.insync.replicas和acks允许强制执行更大的持久性保证。典型的情况是创建一个复制因子为3的主题,将min.insync.replicas设置为2,并使用“all”来生成acks。如果大部分的副本没有收到写入,这将确保生产者会引发一个异常。 int 1 [1,...] high cluster-wide
num.io.threads 服务器用于请求的线程数,包括磁盘IO int 8 [1,...] high cluster-wide
num.network.threads 服务器用于从网络接受请求并向网络发送响应的线程数 int 3 [1,...] high cluster-wide
num.recovery.threads.per.data.dir 每个数据目录的线程数,用于启动时的日志恢复和关闭时的刷新 int 1 [1,...] high cluster-wide
num.replica.alter.log.dirs.threads 可以在日志目录之间移动副本的线程数,可能包括磁盘IO int null high read-only
num.replica.fetchers 用于从源代理复制消息的提取程序线程数。增加这个值能够增加跟随broker的并行IO级别 int 1 high cluster-wide
offset.metadata.max.bytes 与偏移提交关联的数据条目的最大大小 int 4096 high read-only
offsets.commit.required.acks 提交之前可以接受的acks。默认值(-1)通常不会被覆盖 short -1 high read-only
offsets.commit.timeout.ms 偏移提交将延迟,知道偏移主题的所有副本都受到提交或者达到此超时时间。类似于生产者请求超时。 int 5000 [1,...] high read-only
offsets.load.buffer.size 将偏移量加载到缓存中时从偏移端读取的批量大小(软限制,如果记录太大则覆盖) int 5242880 [1,...] high read-only
offsets.retention.check.interval.ms 检查旧偏移量的频率 long 600000 [1,...] high read-only
offsets.retention.minutes 在消费者组失去所有消费者(即变为空白)之后,其偏移量建辉被保留期间保留,然后被丢弃。对于独立消费者(使用手动分配)偏移量将在提交时间加上此保留时间后过期 int 10080 [1,...] high read-only
offsets.topic.compression.codec 偏移主题的压缩编码器-压缩可用于实现“原子”提交 int 0 high read-only
offsets.topic.num.partitions 便宜提交主题的分区数(部署后不能更改) int 50 [1,...] high read-only
offsets.topic.replication.factor 偏移主题的重复因子(设高一点确保可用性)内部主题创建会失败,直到集群大小和这个重复因子需要的相等。 short 3 [1,...] high read-only
offsets.topic.segment.bytes The offsets topic segment bytes should be kept relatively small in order to facilitate faster log compaction and cache loads int 104857600 [1,...] high read-only
port DEPRECATED: only used when listenersis not set. Use listenersinstead. the port to listen and accept connections on int 9092 high read-only
queued.max.requests The number of queued requests allowed for data-plane, before blocking the network threads int 500 [1,...] high read-only
quota.consumer.default DEPRECATED: Used only when dynamic default quotas are not configured for <user, <client-id="">or <user, client-id="">in Zookeeper. Any consumer distinguished by clientId/consumer group will get throttled if it fetches more bytes than this value per-second</user,></user,> long 9223372036854775807 [1,...] high read-only
quota.producer.default DEPRECATED: Used only when dynamic default quotas are not configured for <user>, <client-id>or <user, client-id="">in Zookeeper. Any producer distinguished by clientId will get throttled if it produces more bytes than this value per-second</user,></client-id></user> long 9223372036854775807 [1,...] high read-only
replica.fetch.min.bytes Minimum bytes expected for each fetch response. If not enough bytes, wait up to replicaMaxWaitTimeMs int 1 high read-only
replica.fetch.wait.max.ms max wait time for each fetcher request issued by follower replicas. This value should always be less than the replica.lag.time.max.ms at all times to prevent frequent shrinking of ISR for low throughput topics int 500 high read-only
replica.high.watermark.checkpoint.interval.ms The frequency with which the high watermark is saved out to disk long 5000 high read-only
replica.lag.time.max.ms If a follower hasn't sent any fetch requests or hasn't consumed up to the leaders log end offset for at least this time, the leader will remove the follower from isr long 10000 high read-only
replica.socket.receive.buffer.bytes The socket receive buffer for network requests int 65536 high read-only
replica.socket.timeout.ms The socket timeout for network requests. Its value should be at least replica.fetch.wait.max.ms int 30000 high read-only
request.timeout.ms The configuration controls the maximum amount of time the client will wait for the response of a request. If the response is not received before the timeout elapses the client will resend the request if necessary or fail the request if retries are exhausted. int 30000 high read-only
socket.receive.buffer.bytes The SO_RCVBUF buffer of the socket sever sockets. If the value is -1, the OS default will be used. int 102400 high read-only
socket.request.max.bytes The maximum number of bytes in a socket request int 104857600 [1,...] high read-only
socket.send.buffer.bytes The SO_SNDBUF buffer of the socket sever sockets. If the value is -1, the OS default will be used. int 102400 high read-only
transaction.max.timeout.ms The maximum allowed timeout for transactions. If a client’s requested transaction time exceed this, then the broker will return an error in InitProducerIdRequest. This prevents a client from too large of a timeout, which can stall consumers reading from topics included in the transaction. int 900000 [1,...] high read-only
transaction.state.log.load.buffer.size Batch size for reading from the transaction log segments when loading producer ids and transactions into the cache (soft-limit, overridden if records are too large). int 5242880 [1,...] high read-only
transaction.state.log.min.isr Overridden min.insync.replicas config for the transaction topic. int 2 [1,...] high read-only
transaction.state.log.num.partitions The number of partitions for the transaction topic (should not change after deployment). int 50 [1,...] high read-only
transaction.state.log.replication.factor The replication factor for the transaction topic (set higher to ensure availability). Internal topic creation will fail until the cluster size meets this replication factor requirement. short 3 [1,...] high read-only
transaction.state.log.segment.bytes The transaction topic segment bytes should be kept relatively small in order to facilitate faster log compaction and cache loads int 104857600 [1,...] high read-only
transactional.id.expiration.ms The maximum amount of time in ms that the transaction coordinator will wait before proactively expire a producer's transactional id without receiving any transaction status updates from it. int 604800000 [1,...] high read-only
unclean.leader.election.enable Indicates whether to enable replicas not in the ISR set to be elected as leader as a last resort, even though doing so may result in data loss boolean false high cluster-wide
zookeeper.connection.timeout.ms The max time that the client waits to establish a connection to zookeeper. If not set, the value in zookeeper.session.timeout.ms is used int null high read-only
zookeeper.max.in.flight.requests The maximum number of unacknowledged requests the client will send to Zookeeper before blocking. int 10 [1,...] high read-only
zookeeper.session.timeout.ms Zookeeper session timeout int 6000 high read-only
zookeeper.set.acl Set client to use secure ACLs boolean false high read-only
broker.id.generation.enable Enable automatic broker id generation on the server. When enabled the value configured for reserved.broker.max.id should be reviewed. boolean true medium read-only
broker.rack Rack of the broker. This will be used in rack aware replication assignment for fault tolerance. Examples: RACK1, us-east-1d string null medium read-only
connections.max.idle.ms Idle connections timeout: the server socket processor threads close the connections that idle more than this long 600000 medium read-only
connections.max.reauth.ms When explicitly set to a positive number (the default is 0, not a positive number), a session lifetime that will not exceed the configured value will be communicated to v2.2.0 or later clients when they authenticate. The broker will disconnect any such connection that is not re-authenticated within the session lifetime and that is then subsequently used for any purpose other than re-authentication. Configuration names can optionally be prefixed with listener prefix and SASL mechanism name in lower-case. For example, listener.name.sasl_ssl.oauthbearer.connections.max.reauth.ms=3600000 long 0 medium read-only
controlled.shutdown.enable Enable controlled shutdown of the server boolean true medium read-only
controlled.shutdown.max.retries Controlled shutdown can fail for multiple reasons. This determines the number of retries when such failure happens int 3 medium read-only
controlled.shutdown.retry.backoff.ms Before each retry, the system needs time to recover from the state that caused the previous failure (Controller fail over, replica lag etc). This config determines the amount of time to wait before retrying. long 5000 medium read-only
controller.socket.timeout.ms The socket timeout for controller-to-broker channels int 30000 medium read-only
default.replication.factor default replication factors for automatically created topics int 1 medium read-only
delegation.token.expiry.time.ms The token validity time in miliseconds before the token needs to be renewed. Default value 1 day. long 86400000 [1,...] medium read-only
delegation.token.master.key Master/secret key to generate and verify delegation tokens. Same key must be configured across all the brokers. If the key is not set or set to empty string, brokers will disable the delegation token support. password null medium read-only
delegation.token.max.lifetime.ms The token has a maximum lifetime beyond which it cannot be renewed anymore. Default value 7 days. long 604800000 [1,...] medium read-only
delete.records.purgatory.purge.interval.requests The purge interval (in number of requests) of the delete records request purgatory int 1 medium read-only
fetch.purgatory.purge.interval.requests The purge interval (in number of requests) of the fetch request purgatory int 1000 medium read-only
group.initial.rebalance.delay.ms The amount of time the group coordinator will wait for more consumers to join a new group before performing the first rebalance. A longer delay means potentially fewer rebalances, but increases the time until processing begins. int 3000 medium read-only
group.max.session.timeout.ms The maximum allowed session timeout for registered consumers. Longer timeouts give consumers more time to process messages in between heartbeats at the cost of a longer time to detect failures. int 300000 medium read-only
group.max.size The maximum number of consumers that a single consumer group can accommodate. int 2147483647 [1,...] medium read-only
group.min.session.timeout.ms The minimum allowed session timeout for registered consumers. Shorter timeouts result in quicker failure detection at the cost of more frequent consumer heartbeating, which can overwhelm broker resources. int 6000 medium read-only
inter.broker.listener.name Name of listener used for communication between brokers. If this is unset, the listener name is defined by security.inter.broker.protocol. It is an error to set this and security.inter.broker.protocol properties at the same time. string null medium read-only
inter.broker.protocol.version Specify which version of the inter-broker protocol will be used. This is typically bumped after all brokers were upgraded to a new version. Example of some valid values are: 0.8.0, 0.8.1, 0.8.1.1, 0.8.2, 0.8.2.0, 0.8.2.1, 0.9.0.0, 0.9.0.1 Check ApiVersion for the full list. string 2.2-IV1 [0.8.0, 0.8.1, 0.8.2, 0.9.0, 0.10.0-IV0, 0.10.0-IV1, 0.10.1-IV0, 0.10.1-IV1, 0.10.1-IV2, 0.10.2-IV0, 0.11.0-IV0, 0.11.0-IV1, 0.11.0-IV2, 1.0-IV0, 1.1-IV0, 2.0-IV0, 2.0-IV1, 2.1-IV0, 2.1-IV1, 2.1-IV2, 2.2-IV0, 2.2-IV1] medium read-only
log.cleaner.backoff.ms The amount of time to sleep when there are no logs to clean long 15000 [0,...] medium cluster-wide
log.cleaner.dedupe.buffer.size The total memory used for log deduplication across all cleaner threads long 134217728 medium cluster-wide
log.cleaner.delete.retention.ms How long are delete records retained? long 86400000 medium cluster-wide
log.cleaner.enable Enable the log cleaner process to run on the server. Should be enabled if using any topics with a cleanup.policy=compact including the internal offsets topic. If disabled those topics will not be compacted and continually grow in size. boolean true medium read-only
log.cleaner.io.buffer.load.factor Log cleaner dedupe buffer load factor. The percentage full the dedupe buffer can become. A higher value will allow more log to be cleaned at once but will lead to more hash collisions double 0.9 medium cluster-wide
log.cleaner.io.buffer.size The total memory used for log cleaner I/O buffers across all cleaner threads int 524288 [0,...] medium cluster-wide
log.cleaner.io.max.bytes.per.second The log cleaner will be throttled so that the sum of its read and write i/o will be less than this value on average double 1.7976931348623157E308 medium cluster-wide
log.cleaner.min.cleanable.ratio The minimum ratio of dirty log to total log for a log to eligible for cleaning double 0.5 medium cluster-wide
log.cleaner.min.compaction.lag.ms The minimum time a message will remain uncompacted in the log. Only applicable for logs that are being compacted. long 0 medium cluster-wide
log.cleaner.threads The number of background threads to use for log cleaning int 1 [0,...] medium cluster-wide
log.cleanup.policy The default cleanup policy for segments beyond the retention window. A comma separated list of valid policies. Valid policies are: "delete" and "compact" list delete [compact, delete] medium cluster-wide
log.index.interval.bytes The interval with which we add an entry to the offset index int 4096 [0,...] medium cluster-wide
log.index.size.max.bytes The maximum size in bytes of the offset index int 10485760 [4,...] medium cluster-wide
log.message.format.version Specify the message format version the broker will use to append messages to the logs. The value should be a valid ApiVersion. Some examples are: 0.8.2, 0.9.0.0, 0.10.0, check ApiVersion for more details. By setting a particular message format version, the user is certifying that all the existing messages on disk are smaller or equal than the specified version. Setting this value incorrectly will cause consumers with older versions to break as they will receive messages with a format that they don't understand. string 2.2-IV1 [0.8.0, 0.8.1, 0.8.2, 0.9.0, 0.10.0-IV0, 0.10.0-IV1, 0.10.1-IV0, 0.10.1-IV1, 0.10.1-IV2, 0.10.2-IV0, 0.11.0-IV0, 0.11.0-IV1, 0.11.0-IV2, 1.0-IV0, 1.1-IV0, 2.0-IV0, 2.0-IV1, 2.1-IV0, 2.1-IV1, 2.1-IV2, 2.2-IV0, 2.2-IV1] medium read-only
log.message.timestamp.difference.max.ms The maximum difference allowed between the timestamp when a broker receives a message and the timestamp specified in the message. If log.message.timestamp.type=CreateTime, a message will be rejected if the difference in timestamp exceeds this threshold. This configuration is ignored if log.message.timestamp.type=LogAppendTime.The maximum timestamp difference allowed should be no greater than log.retention.ms to avoid unnecessarily frequent log rolling. long 9223372036854775807 medium cluster-wide
log.message.timestamp.type Define whether the timestamp in the message is message create time or log append time. The value should be either CreateTime or LogAppendTime string CreateTime [CreateTime, LogAppendTime] medium cluster-wide
log.preallocate Should pre allocate file when create new segment? If you are using Kafka on Windows, you probably need to set it to true. boolean false medium cluster-wide
log.retention.check.interval.ms The frequency in milliseconds that the log cleaner checks whether any log is eligible for deletion long 300000 [1,...] medium read-only
max.connections.per.ip The maximum number of connections we allow from each ip address. This can be set to 0 if there are overrides configured using max.connections.per.ip.overrides property int 2147483647 [0,...] medium cluster-wide
max.connections.per.ip.overrides A comma-separated list of per-ip or hostname overrides to the default maximum number of connections. An example value is "hostName:100,127.0.0.1:200" string "" medium cluster-wide
max.incremental.fetch.session.cache.slots The maximum number of incremental fetch sessions that we will maintain. int 1000 [0,...] medium read-only
num.partitions The default number of log partitions per topic int 1 [1,...] medium read-only
password.encoder.old.secret The old secret that was used for encoding dynamically configured passwords. This is required only when the secret is updated. If specified, all dynamically encoded passwords are decoded using this old secret and re-encoded using password.encoder.secret when broker starts up. password null medium read-only
password.encoder.secret The secret used for encoding dynamically configured passwords for this broker. password null medium read-only
principal.builder.class The fully qualified name of a class that implements the KafkaPrincipalBuilder interface, which is used to build the KafkaPrincipal object used during authorization. This config also supports the deprecated PrincipalBuilder interface which was previously used for client authentication over SSL. If no principal builder is defined, the default behavior depends on the security protocol in use. For SSL authentication, the principal will be derived using the rules defined by ssl.principal.mapping.rules applied on the distinguished name from the client certificate if one is provided; otherwise, if client authentication is not required, the principal name will be ANONYMOUS. For SASL authentication, the principal will be derived using the rules defined by sasl.kerberos.principal.to.local.rules if GSSAPI is in use, and the SASL authentication ID for other mechanisms. For PLAINTEXT, the principal will be ANONYMOUS. class null medium per-broker
producer.purgatory.purge.interval.requests The purge interval (in number of requests) of the producer request purgatory int 1000 medium read-only
queued.max.request.bytes The number of queued bytes allowed before no more requests are read long -1 medium read-only
replica.fetch.backoff.ms The amount of time to sleep when fetch partition error occurs. int 1000 [0,...] medium read-only
replica.fetch.max.bytes The number of bytes of messages to attempt to fetch for each partition. This is not an absolute maximum, if the first record batch in the first non-empty partition of the fetch is larger than this value, the record batch will still be returned to ensure that progress can be made. The maximum record batch size accepted by the broker is defined via message.max.bytes(broker config) or max.message.bytes (topic config). int 1048576 [0,...] medium read-only
replica.fetch.response.max.bytes Maximum bytes expected for the entire fetch response. Records are fetched in batches, and if the first record batch in the first non-empty partition of the fetch is larger than this value, the record batch will still be returned to ensure that progress can be made. As such, this is not an absolute maximum. The maximum record batch size accepted by the broker is defined via message.max.bytes(broker config) or max.message.bytes (topic config). int 10485760 [0,...] medium read-only
reserved.broker.max.id Max number that can be used for a broker.id int 1000 [0,...] medium read-only
sasl.client.callback.handler.class The fully qualified name of a SASL client callback handler class that implements the AuthenticateCallbackHandler interface. class null medium read-only
sasl.enabled.mechanisms The list of SASL mechanisms enabled in the Kafka server. The list may contain any mechanism for which a security provider is available. Only GSSAPI is enabled by default. list GSSAPI medium per-broker
sasl.jaas.config JAAS login context parameters for SASL connections in the format used by JAAS configuration files. JAAS configuration file format is described here. The format for the value is: 'loginModuleClass controlFlag (optionName=optionValue)*;'. For brokers, the config must be prefixed with listener prefix and SASL mechanism name in lower-case. For example, listener.name.sasl_ssl.scram-sha-256.sasl.jaas.config=com.example.ScramLoginModule required; password null medium per-broker
sasl.kerberos.kinit.cmd Kerberos kinit command path. string /usr/bin/kinit medium per-broker
sasl.kerberos.min.time.before.relogin Login thread sleep time between refresh attempts. long 60000 medium per-broker
sasl.kerberos.principal.to.local.rules A list of rules for mapping from principal names to short names (typically operating system usernames). The rules are evaluated in order and the first rule that matches a principal name is used to map it to a short name. Any later rules in the list are ignored. By default, principal names of the form {username}/{hostname}@{REALM} are mapped to {username}. For more details on the format please see security authorization and acls. Note that this configuration is ignored if an extension of KafkaPrincipalBuilder is provided by the principal.builder.classconfiguration. list DEFAULT medium per-broker
sasl.kerberos.service.name The Kerberos principal name that Kafka runs as. This can be defined either in Kafka's JAAS config or in Kafka's config. string null medium per-broker
sasl.kerberos.ticket.renew.jitter Percentage of random jitter added to the renewal time. double 0.05 medium per-broker
sasl.kerberos.ticket.renew.window.factor Login thread will sleep until the specified window factor of time from last refresh to ticket's expiry has been reached, at which time it will try to renew the ticket. double 0.8 medium per-broker
sasl.login.callback.handler.class The fully qualified name of a SASL login callback handler class that implements the AuthenticateCallbackHandler interface. For brokers, login callback handler config must be prefixed with listener prefix and SASL mechanism name in lower-case. For example, listener.name.sasl_ssl.scram-sha-256.sasl.login.callback.handler.class=com.example.CustomScramLoginCallbackHandler class null medium read-only
sasl.login.class The fully qualified name of a class that implements the Login interface. For brokers, login config must be prefixed with listener prefix and SASL mechanism name in lower-case. For example, listener.name.sasl_ssl.scram-sha-256.sasl.login.class=com.example.CustomScramLogin class null medium read-only
sasl.login.refresh.buffer.seconds The amount of buffer time before credential expiration to maintain when refreshing a credential, in seconds. If a refresh would otherwise occur closer to expiration than the number of buffer seconds then the refresh will be moved up to maintain as much of the buffer time as possible. Legal values are between 0 and 3600 (1 hour); a default value of 300 (5 minutes) is used if no value is specified. This value and sasl.login.refresh.min.period.seconds are both ignored if their sum exceeds the remaining lifetime of a credential. Currently applies only to OAUTHBEARER. short 300 medium per-broker
sasl.login.refresh.min.period.seconds The desired minimum time for the login refresh thread to wait before refreshing a credential, in seconds. Legal values are between 0 and 900 (15 minutes); a default value of 60 (1 minute) is used if no value is specified. This value and sasl.login.refresh.buffer.seconds are both ignored if their sum exceeds the remaining lifetime of a credential. Currently applies only to OAUTHBEARER. short 60 medium per-broker
sasl.login.refresh.window.factor Login refresh thread will sleep until the specified window factor relative to the credential's lifetime has been reached, at which time it will try to refresh the credential. Legal values are between 0.5 (50%) and 1.0 (100%) inclusive; a default value of 0.8 (80%) is used if no value is specified. Currently applies only to OAUTHBEARER. double 0.8 medium per-broker
sasl.login.refresh.window.jitter The maximum amount of random jitter relative to the credential's lifetime that is added to the login refresh thread's sleep time. Legal values are between 0 and 0.25 (25%) inclusive; a default value of 0.05 (5%) is used if no value is specified. Currently applies only to OAUTHBEARER. double 0.05 medium per-broker
sasl.mechanism.inter.broker.protocol SASL mechanism used for inter-broker communication. Default is GSSAPI. string GSSAPI medium per-broker
sasl.server.callback.handler.class The fully qualified name of a SASL server callback handler class that implements the AuthenticateCallbackHandler interface. Server callback handlers must be prefixed with listener prefix and SASL mechanism name in lower-case. For example, listener.name.sasl_ssl.plain.sasl.server.callback.handler.class=com.example.CustomPlainCallbackHandler. class null medium read-only
security.inter.broker.protocol Security protocol used to communicate between brokers. Valid values are: PLAINTEXT, SSL, SASL_PLAINTEXT, SASL_SSL. It is an error to set this and inter.broker.listener.name properties at the same time. string PLAINTEXT medium read-only
ssl.cipher.suites A list of cipher suites. This is a named combination of authentication, encryption, MAC and key exchange algorithm used to negotiate the security settings for a network connection using TLS or SSL network protocol. By default all the available cipher suites are supported. list "" medium per-broker
ssl.client.auth Configures kafka broker to request client authentication. The following settings are common:
* ssl.client.auth=required If set to required client authentication is required.
* ssl.client.auth=requestedThis means client authentication is optional. unlike requested , if this option is set client can choose not to provide authentication information about itself
* ssl.client.auth=none This means client authentication is not needed.
string none [required, requested, none] medium per-broker
ssl.enabled.protocols The list of protocols enabled for SSL connections. list TLSv1.2,TLSv1.1,TLSv1 medium per-broker
ssl.key.password The password of the private key in the key store file. This is optional for client. password null medium per-broker
ssl.keymanager.algorithm The algorithm used by key manager factory for SSL connections. Default value is the key manager factory algorithm configured for the Java Virtual Machine. string SunX509 medium per-broker
ssl.keystore.location The location of the key store file. This is optional for client and can be used for two-way authentication for client. string null medium per-broker
ssl.keystore.password The store password for the key store file. This is optional for client and only needed if ssl.keystore.location is configured. password null medium per-broker
ssl.keystore.type The file format of the key store file. This is optional for client. string JKS medium per-broker
ssl.protocol The SSL protocol used to generate the SSLContext. Default setting is TLS, which is fine for most cases. Allowed values in recent JVMs are TLS, TLSv1.1 and TLSv1.2. SSL, SSLv2 and SSLv3 may be supported in older JVMs, but their usage is discouraged due to known security vulnerabilities. string TLS medium per-broker
ssl.provider The name of the security provider used for SSL connections. Default value is the default security provider of the JVM. string null medium per-broker
ssl.trustmanager.algorithm The algorithm used by trust manager factory for SSL connections. Default value is the trust manager factory algorithm configured for the Java Virtual Machine. string PKIX medium per-broker
ssl.truststore.location The location of the trust store file. string null medium per-broker
ssl.truststore.password The password for the trust store file. If a password is not set access to the truststore is still available, but integrity checking is disabled. password null medium per-broker
ssl.truststore.type The file format of the trust store file. string JKS medium per-broker
alter.config.policy.class.name The alter configs policy class that should be used for validation. The class should implement the org.apache.kafka.server.policy.AlterConfigPolicy interface. class null low read-only
alter.log.dirs.replication.quota.window.num The number of samples to retain in memory for alter log dirs replication quotas int 11 [1,...] low read-only
alter.log.dirs.replication.quota.window.size.seconds The time span of each sample for alter log dirs replication quotas int 1 [1,...] low read-only
authorizer.class.name The authorizer class that should be used for authorization string "" low read-only
client.quota.callback.class The fully qualified name of a class that implements the ClientQuotaCallback interface, which is used to determine quota limits applied to client requests. By default, <user, client-id="">, <user>or <client-id>quotas stored in ZooKeeper are applied. For any given request, the most specific quota that matches the user principal of the session and the client-id of the request is applied.</client-id></user></user,> class null low read-only
connection.failed.authentication.delay.ms Connection close delay on failed authentication: this is the time (in milliseconds) by which connection close will be delayed on authentication failure. This must be configured to be less than connections.max.idle.ms to prevent connection timeout. int 100 [0,...] low read-only
create.topic.policy.class.name The create topic policy class that should be used for validation. The class should implement the org.apache.kafka.server.policy.CreateTopicPolicy interface. class null low read-only
delegation.token.expiry.check.interval.ms Scan interval to remove expired delegation tokens. long 3600000 [1,...] low read-only
kafka.metrics.polling.interval.secs The metrics polling interval (in seconds) which can be used in kafka.metrics.reporters implementations. int 10 [1,...] low read-only
kafka.metrics.reporters A list of classes to use as Yammer metrics custom reporters. The reporters should implement kafka.metrics.KafkaMetricsReportertrait. If a client wants to expose JMX operations on a custom reporter, the custom reporter needs to additionally implement an MBean trait that extends kafka.metrics.KafkaMetricsReporterMBean trait so that the registered MBean is compliant with the standard MBean convention. list "" low read-only
listener.security.protocol.map Map between listener names and security protocols. This must be defined for the same security protocol to be usable in more than one port or IP. For example, internal and external traffic can be separated even if SSL is required for both. Concretely, the user could define listeners with names INTERNAL and EXTERNAL and this property as: INTERNAL:SSL,EXTERNAL:SSL. As shown, key and value are separated by a colon and map entries are separated by commas. Each listener name should only appear once in the map. Different security (SSL and SASL) settings can be configured for each listener by adding a normalised prefix (the listener name is lowercased) to the config name. For example, to set a different keystore for the INTERNAL listener, a config with name listener.name.internal.ssl.keystore.locationwould be set. If the config for the listener name is not set, the config will fallback to the generic config (i.e. ssl.keystore.location). string PLAINTEXT:PLAINTEXT,SSL:SSL,SASL_PLAINTEXT:SASL_PLAINTEXT,SASL_SSL:SASL_SSL low per-broker
log.message.downconversion.enable This configuration controls whether down-conversion of message formats is enabled to satisfy consume requests. When set to false, broker will not perform down-conversion for consumers expecting an older message format. The broker responds with UNSUPPORTED_VERSIONerror for consume requests from such older clients. This configurationdoes not apply to any message format conversion that might be required for replication to followers. boolean true low cluster-wide
metric.reporters A list of classes to use as metrics reporters. Implementing the org.apache.kafka.common.metrics.MetricsReporter interface allows plugging in classes that will be notified of new metric creation. The JmxReporter is always included to register JMX statistics. list "" low cluster-wide
metrics.num.samples The number of samples maintained to compute metrics. int 2 [1,...] low read-only
metrics.recording.level The highest recording level for metrics. string INFO low read-only
metrics.sample.window.ms The window of time a metrics sample is computed over. long 30000 [1,...] low read-only
password.encoder.cipher.algorithm The Cipher algorithm used for encoding dynamically configured passwords. string AES/CBC/PKCS5Padding low read-only
password.encoder.iterations The iteration count used for encoding dynamically configured passwords. int 4096 [1024,...] low read-only
password.encoder.key.length The key length used for encoding dynamically configured passwords. int 128 [8,...] low read-only
password.encoder.keyfactory.algorithm The SecretKeyFactory algorithm used for encoding dynamically configured passwords. Default is PBKDF2WithHmacSHA512 if available and PBKDF2WithHmacSHA1 otherwise. string null low read-only
quota.window.num The number of samples to retain in memory for client quotas int 11 [1,...] low read-only
quota.window.size.seconds The time span of each sample for client quotas int 1 [1,...] low read-only
replication.quota.window.num The number of samples to retain in memory for replication quotas int 11 [1,...] low read-only
replication.quota.window.size.seconds The time span of each sample for replication quotas int 1 [1,...] low read-only
ssl.endpoint.identification.algorithm The endpoint identification algorithm to validate server hostname using server certificate. string https low per-broker
ssl.principal.mapping.rules A list of rules for mapping from distinguished name from the client certificate to short name. The rules are evaluated in order and the first rule that matches a principal name is used to map it to a short name. Any later rules in the list are ignored. By default, distinguished name of the X.500 certificate will be the principal. For more details on the format please see security authorization and acls. Note that this configuration is ignored if an extension of KafkaPrincipalBuilder is provided by the principal.builder.classconfiguration. list DEFAULT low read-only
ssl.secure.random.implementation The SecureRandom PRNG implementation to use for SSL cryptography operations. string null low per-broker
transaction.abort.timed.out.transaction.cleanup.interval.ms The interval at which to rollback transactions that have timed out int 60000 [1,...] low read-only
transaction.remove.expired.transaction.cleanup.interval.ms The interval at which to remove transactions that have expired due to transactional.id.expiration.mspassing`` int 3600000 [1,...] low read-only
zookeeper.sync.time.ms How far a ZK follower can be behind a ZK leader int 2000 low read-only

1.1 Updating Broker Configs

从Kafka1.1开始,一些broker的配置能在不重启broker的情况下更新。见配置表中的“Dynamic Update Mode”一列,描述了每个broker配置的更新方式。

  • read-only: 需要broker重启来更新;
  • per-broker: 每个broker都可以动态更新
  • cluster-wide: 可以作为集群范围内的动态更新,也可能作为测试的per-broker值。
    选择为broker id 0 选择当前的broker配置(例如,清空日志的线程数):
> bin/kafka-configs.sh --bootstrap-server localhost:9092 --entity-type brokers --entity-name 0 --alter --add-config log.cleaner.threads=2

为broker id 0描述当前动态broker配置:

> bin/kafka-configs.sh --bootstrap-server localhost:9092 --entity-type brokers --entity-name 0 --describe

为broker id 0 删除配置并重置为静态配置或者默认值(例如,日志清理的线程):

> bin/kafka-configs.sh --bootstrap-server localhost:9092 --entity-type brokers --entity-name 0 --alter --delete-config log.cleaner.threads

某些配置可以配置为集群范围的默认值,以在整个集群中保持一致的值,急群众的所有brokers都将处理集群更新。例如,要更新所有的brokers上的日志清理线程。

> bin/kafka-configs.sh --bootstrap-server localhost:9092 --entity-type brokers --entity-default --alter --add-config log.cleaner.threads=2`
描述当前配置的动态集群范围的默认配置:

bin/kafka-configs.sh --bootstrap-server localhost:9092 --entity-type brokers --entity-default --describe

所有可在集群级别配置的配置可以在per-broker级别配置(例如,用于测试)。如果在不同级别定义配置值,则用如下优先顺序:
*   Dynamic per-broker config stored in ZooKeeper
*   Dynamic cluster-wide default config stored in ZooKeeper
*   Static broker config from `server.properties`
*   Kafka default, see [broker configs](http://kafka.apache.org/documentation/#brokerconfigs)

最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
  • 序言:七十年代末,一起剥皮案震惊了整个滨河市,随后出现的几起案子,更是在滨河造成了极大的恐慌,老刑警刘岩,带你破解...
    沈念sama阅读 212,383评论 6 493
  • 序言:滨河连续发生了三起死亡事件,死亡现场离奇诡异,居然都是意外死亡,警方通过查阅死者的电脑和手机,发现死者居然都...
    沈念sama阅读 90,522评论 3 385
  • 文/潘晓璐 我一进店门,熙熙楼的掌柜王于贵愁眉苦脸地迎上来,“玉大人,你说我怎么就摊上这事。” “怎么了?”我有些...
    开封第一讲书人阅读 157,852评论 0 348
  • 文/不坏的土叔 我叫张陵,是天一观的道长。 经常有香客问我,道长,这世上最难降的妖魔是什么? 我笑而不...
    开封第一讲书人阅读 56,621评论 1 284
  • 正文 为了忘掉前任,我火速办了婚礼,结果婚礼上,老公的妹妹穿的比我还像新娘。我一直安慰自己,他们只是感情好,可当我...
    茶点故事阅读 65,741评论 6 386
  • 文/花漫 我一把揭开白布。 她就那样静静地躺着,像睡着了一般。 火红的嫁衣衬着肌肤如雪。 梳的纹丝不乱的头发上,一...
    开封第一讲书人阅读 49,929评论 1 290
  • 那天,我揣着相机与录音,去河边找鬼。 笑死,一个胖子当着我的面吹牛,可吹牛的内容都是我干的。 我是一名探鬼主播,决...
    沈念sama阅读 39,076评论 3 410
  • 文/苍兰香墨 我猛地睁开眼,长吁一口气:“原来是场噩梦啊……” “哼!你这毒妇竟也来了?” 一声冷哼从身侧响起,我...
    开封第一讲书人阅读 37,803评论 0 268
  • 序言:老挝万荣一对情侣失踪,失踪者是张志新(化名)和其女友刘颖,没想到半个月后,有当地人在树林里发现了一具尸体,经...
    沈念sama阅读 44,265评论 1 303
  • 正文 独居荒郊野岭守林人离奇死亡,尸身上长有42处带血的脓包…… 初始之章·张勋 以下内容为张勋视角 年9月15日...
    茶点故事阅读 36,582评论 2 327
  • 正文 我和宋清朗相恋三年,在试婚纱的时候发现自己被绿了。 大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
    茶点故事阅读 38,716评论 1 341
  • 序言:一个原本活蹦乱跳的男人离奇死亡,死状恐怖,灵堂内的尸体忽然破棺而出,到底是诈尸还是另有隐情,我是刑警宁泽,带...
    沈念sama阅读 34,395评论 4 333
  • 正文 年R本政府宣布,位于F岛的核电站,受9级特大地震影响,放射性物质发生泄漏。R本人自食恶果不足惜,却给世界环境...
    茶点故事阅读 40,039评论 3 316
  • 文/蒙蒙 一、第九天 我趴在偏房一处隐蔽的房顶上张望。 院中可真热闹,春花似锦、人声如沸。这庄子的主人今日做“春日...
    开封第一讲书人阅读 30,798评论 0 21
  • 文/苍兰香墨 我抬头看了看天上的太阳。三九已至,却和暖如春,着一层夹袄步出监牢的瞬间,已是汗流浃背。 一阵脚步声响...
    开封第一讲书人阅读 32,027评论 1 266
  • 我被黑心中介骗来泰国打工, 没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留,地道东北人。 一个月前我还...
    沈念sama阅读 46,488评论 2 361
  • 正文 我出身青楼,却偏偏与公主长得像,于是被迫代替她去往敌国和亲。 传闻我的和亲对象是个残疾皇子,可洞房花烛夜当晚...
    茶点故事阅读 43,612评论 2 350