Behavioral Changes in Apache Kafka
Learn about the change in certain functionality of Kafka that has resulted in a change in behavior from the previously released version to this version of Cloudera Runtime.
- Summary:
- Previously, Kafka data directories were configured as world-readable on the filesystem of the broker host. From now on, they are only readable by Kafka.
- Summary:
- JMX authentication is enabled by default for the Kafka service. Additionally random passwords are now generated for both JMX users by default.
- Summary:
- The default TLS protocol when using Java 11 or later is updated to TLS 1.3. TLS 1.2 remains the default for earlier Java versions. For more information, see KIP-573.
- Summary:
- The
client.dns.lookup
client property is now set touse_all_dns_ips
by default. With this option set, clients attempt to connect to the broker using all possible IP addresses of a hostname. This option reduces connection failure rates and is better suited for cloud and containerized environments where a single hostname might resolve to multiple IP addresses. For more information, see KIP-602. - Summary:
- The default value for the following Kafka Connect properties is
increased to 3:
- Offset Storage Topic Replication Factor
(
offset.storage.replication.factor
) - Configuration Storage Topic Replication Factor
(
config.storage.replication.factor
) - Status Storage Topic Replication Factor
(
status.storage.replication.factor
)
- Offset Storage Topic Replication Factor
(
- Summary:
- The FileStream example connectors (FileStreamSourceConnector and FileStreamsSinkConnector) are no longer available for deployment by default using the Kafka Connect Rest API, SMM UI, or SMM REST API. The JAR file of the connector is still shipped with Cloudera Runtime, but the connectors must be installed before they can be deployed. For more information on how to install Kafka Connect connectors, see Installing Connectors