We are debugging a bug and we need to prevent all producers to produce messages to a specific kafka-topic. There are alot of producers and I can't control them.
How can I do that on the kafka-side?
Asked
Active
Viewed 269 times
1 Answers
0
Firewalling a port would block all traffic.
Setting up a TCP proxy and dropping packets would require a bit of work to understand the inner Kafka protocol.
Therefore, you would need to enable client authorization (SASL) or other authentication mechanisms on the broker(s), then modify certificates and/or ACL policies to limit server connections per topic
Refer authorizer.class.name config property
https://kafka.apache.org/documentation/#security
Alternatively, topic quotas or max.message.bytes can be configured such that clients will be unable to send data, but they'll still be able to connect
OneCricketeer
- 179,855
- 19
- 132
- 245
-
is `max.message.bytes` for producing or for consuming or for both? – Stav Alfi Nov 03 '21 at 10:31
-
It's a topic config, so both, but it only makes sense for producers because it limits how large any message batch can be https://kafka.apache.org/documentation/#brokerconfigs_message.max.bytes – OneCricketeer Nov 03 '21 at 13:00