Thank Bowen, In my opinion, the authorization information should be deleted
after the topic been deleted no matter the topic is deleted automatically
or manually. If the topic auto-creation and auto-deletion enabled, the new
created topic might with the same topic name but different topics. And from
the user perspective, if they are looking for the topic level
authorization, inactive topic auto-deletion and auto-creation should be
disabled.
Thanks
Penghui
Bowen Li <libw...@qq.com.invalid>于2021年9月13日 周一11:19写道:
> Dear Apache Pulsar community members,
> In Pulsar, when a partitioned topic is deleted, the relevant authorization
> information in ZooKeeper remains. Specifically, if I1. Create a partitioned
> topic "persistent://lbw-tenant/lbw-test-ns1/my.topic.5" with 5
> partitions.2. Grant it with consume and produce permissions.3. delete the
> topic using `pulsar-admin topics delete-partitioned-topic
> persistent://lbw-tenant/lbw-test-ns1/my.topic.5`Then the authorization
> information still remains in ZooKeeper, like```
> [zk: localhost:2181(CONNECTED) 8] get
> /admin/policies/lbw-tenant/lbw-test-ns1
>
>
> {"auth_policies":{"namespace_auth":{},"destination_auth":{"persistent://lbw-tenant/lbw-test-ns1/my.topic.5-partition-0":{"test-user":["consume"]},"persistent://lbw-tenant/lbw-test-ns1/my.topic.5-partition-1":{"test-user":["consume"]},"persistent://lbw-tenant/lbw-test-ns1/my.topic.5-partition-2":{"test-user":["consume"]},"persistent://lbw-tenant/lbw-test-ns1/my.topic.5-partition-3":{"test-user":["produce","consume"]},"persistent://lbw-tenant/lbw-test-ns1/my.topic.5-partition-4":{"test-user":["produce","consume"]},"persistent://lbw-tenant/lbw-test-ns1/my.topic.5":{"test-user":["consume"]}},"subscription_auth_roles":{}},"replication_clusters":["standalone"],"bundles":{"boundaries":["0x00000000","0x40000000","0x80000000","0xc0000000","0xffffffff"],"numBundles":4},"backlog_quota_map":{},"clusterDispatchRate":{},"topicDispatchRate":{},"subscriptionDispatchRate":{},"replicatorDispatchRate":{},"clusterSubscribeRate":{},"publishMaxMessageRate":{},"latency_stats_sample_rate":{},"deleted":false,"encryption_required":false,"subscription_auth_mode":"None","offload_threshold":-1,"schema_auto_update_compatibility_strategy":"Full","schema_compatibility_strategy":"UNDEFINED","is_allow_auto_update_schema":true,"schema_validation_enforced":false,"subscription_types_enabled":[],"properties":{}}
> ```
> If the number of topics is large, this is obviously a waste of storage. So
> maybe we need to consider to delete the relevant authorization information
> when the topic is deleted.But on the other hand, we have some configuration
> like "brokerDeleteInactiveTopicsEnabled" and "allowAutoTopicCreation" which
> will automatically create and delete the topic at some time, so we need to
> be cautious to delete the relevant authorization information.In conclude,
> maybe we need to discuss whether the authorization information of a topic
> should be deleted when the topic is deleted. What's your opinion?
