Cluster discovery using load balancers

In case of more complex Kafka cluster setups, you might need a cluster discovery solution more sophisticated than a DNS server. In such cases, you should consider using a load balancer.

Cluster discovery using load balancers is less lightweight than using DNS servers, but a viable solution for more complex cases. With a load balancer, it is possible to poll the nodes, check their health status and exclude stopped nodes from targets, automatically redirect requests to living nodes. When using a load balancer the requests are forwarded to a broker as shown in the figure:

Because the client connects to the load balancer and is then forwarded to a broker, SSL handshake and SASL authentication errors can occur (this is a defending mechanism to avoid man-in-the-middle attacks), therefore, additional setup is needed.

The configuration depends on your security protocol:

  • No security in the cluster (security protocol is PLAINTEXT)

    Setup steps are not required before connecting to the Kafka cluster, the load balancers should work out of the box with Kafka.

  • SASL with Kerberos enabled

    Perform the setup described in section Setup for SASL with Kerberos.

  • TLS/SSL encryption is enabled

    Perform the setup described in section Setup for TLS/SSL encryption.

  • SASL with Kerberos and TLS/SSL are both enabled

    Perform the setup described in Setup for SASL with Kerberos and Setup for TLS/SSL encryption.