[
https://issues.apache.org/jira/browse/KAFKA-12355?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17363679#comment-17363679
]
Colin McCabe commented on KAFKA-12355:
--------------------------------------
If the KRaft broker can't register itself with the active controller within a
certain time frame, it already shuts down. So I don't think we need to do
anything special here for authorization / authentication errors.
> Consider inter-broker authentication error handling
> ---------------------------------------------------
>
> Key: KAFKA-12355
> URL: https://issues.apache.org/jira/browse/KAFKA-12355
> Project: Kafka
> Issue Type: Improvement
> Reporter: Jason Gustafson
> Priority: Major
>
> Currently authentication errors between brokers are generally considered
> retriable. The broker will log an error, but continue trying to reach the
> other broker. This could be improved.
> For example, authentication errors (specifically from the broker to
> controller in KIP-500) should probably be considered fatal during some window
> during initialization. This makes it easy for users to detect problems
> quickly.
> On the other hand, if a broker has been running for some time, we probably do
> not want to fail it on the first authentication failure. If a user had added
> a misconfigured controller to the cluster, it could end up taking down the
> whole cluster through authentication failures.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
