Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id C8DF9200B40 for ; Fri, 1 Jul 2016 10:32:11 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id C75E7160A61; Fri, 1 Jul 2016 08:32:11 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id E7491160A5D for ; Fri, 1 Jul 2016 10:32:10 +0200 (CEST) Received: (qmail 95797 invoked by uid 500); 1 Jul 2016 08:32:05 -0000 Mailing-List: contact dev-help@kafka.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@kafka.apache.org Delivered-To: mailing list dev@kafka.apache.org Received: (qmail 95785 invoked by uid 99); 1 Jul 2016 08:32:04 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd4-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 01 Jul 2016 08:32:04 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd4-us-west.apache.org (ASF Mail Server at spamd4-us-west.apache.org) with ESMTP id 44CC1C0168 for ; Fri, 1 Jul 2016 08:32:04 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 1.179 X-Spam-Level: * X-Spam-Status: No, score=1.179 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=2, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=disabled Authentication-Results: spamd4-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=googlemail.com Received: from mx2-lw-us.apache.org ([10.40.0.8]) by localhost (spamd4-us-west.apache.org [10.40.0.11]) (amavisd-new, port 10024) with ESMTP id ojnAh6Onb4Sc for ; Fri, 1 Jul 2016 08:32:00 +0000 (UTC) Received: from mail-qk0-f180.google.com (mail-qk0-f180.google.com [209.85.220.180]) by mx2-lw-us.apache.org (ASF Mail Server at mx2-lw-us.apache.org) with ESMTPS id 0E2055F1B8 for ; Fri, 1 Jul 2016 08:32:00 +0000 (UTC) Received: by mail-qk0-f180.google.com with SMTP id a125so190961540qkc.2 for ; Fri, 01 Jul 2016 01:32:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=mXm87ga7utNcPKAQPlRIwHwiC2KsDT21++qvE5HWjiU=; b=TNuQ4t8ClPbWEBGtab3FAPzpUH6Cm/lx9mLV3hQgg4nnRA9TwvXCgbV0PxGMytS34e eB7ly4Y9jPRV/tz+2k/nppXXA2O6dYbGutltkQyUBxAJu9TLkWKjuc2FivsMSKCTtnny 09heJVpjWHw22/xqjdCcXc2l+qDTvxNs06n3nioIwGwZh8g4jF3evCmHu1fbYtuUsouW zxJXFzHbqMjclR38SjbpGAp1Y50/2ch1CGoItA5LASzYwC0dqu8W9Ha/YsXfLgyvJuPe cZTR+iOA4qf8IlTPH+qGLxEJiRyjZqw7M6xE23ab6G1mcc/T5cZDAap1FjmrylLb2WvY 38YA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=mXm87ga7utNcPKAQPlRIwHwiC2KsDT21++qvE5HWjiU=; b=kyF/5cRfBxA5FDig7FyZhs103uEqlN+RvaSNN0nTCoORdHXpmyCTtqVLkIuxbIAx7N l5NeFt49AMAPg4mQVDxlhDnXzfLxfMT/o/HlPYKQmJBPh2MHAAYJCVAjdLYEHoasUIpd 5clnPpWdnwHm66xdvQr6BCRDRXo2We6ZkhS1F44iaKY9wHr7NPlBbDKKKlyooLBE/dG0 RR5bF680HBytTiAMm7wg3KhLd7+UYhpDawQYqQOAdwKCG7JBTQiFMCVxYDUHHzBQ0piF LS9DoHyV8sT6WZzZ2fCqCxrUNjUNGEf1aC7asNygSPh1PA7W8lC0mPfI0Bw+gl7UWsZk AmCA== X-Gm-Message-State: ALyK8tKwzBmV6yNN5n+KYEFbh17mFKpbwuAzwlQj6gLtidZSJgcABNVx79l0e1XeXvmdAO3RcsCPXcDzRgnzbQ== X-Received: by 10.37.94.138 with SMTP id s132mr8310881ybb.161.1467361919014; Fri, 01 Jul 2016 01:31:59 -0700 (PDT) MIME-Version: 1.0 Received: by 10.129.79.198 with HTTP; Fri, 1 Jul 2016 01:31:58 -0700 (PDT) In-Reply-To: References: <1466008222.3923934.638665201.273F7E46@webmail.messagingengine.com> From: Rajini Sivaram Date: Fri, 1 Jul 2016 09:31:58 +0100 Message-ID: Subject: Re: [VOTE] KIP-55: Secure quotas for authenticated users To: dev@kafka.apache.org Content-Type: multipart/alternative; boundary=001a11422e16f09a4405368ed119 archived-at: Fri, 01 Jul 2016 08:32:12 -0000 --001a11422e16f09a4405368ed119 Content-Type: text/plain; charset=UTF-8 Thank you, Jun. Hi all, Please let me know if you have any comments or suggestions on the updated KIP. If there are no objections, I will initiate voting next week. Thank you... On Thu, Jun 30, 2016 at 10:37 PM, Jun Rao wrote: > Rajini, > > The latest wiki looks good to me. Perhaps you want to ask other people to > also take a look and then we can start the voting. > > Thanks, > > Jun > > On Tue, Jun 28, 2016 at 6:27 AM, Rajini Sivaram < > rajinisivaram@googlemail.com> wrote: > > > Jun, > > > > Thank you for the review. I have changed all default property configs to > be > > stored with the node name . So the defaults are > > /config/clients/ for default client-id quota, > > /config/users/ for default user quota and > > /config/users/ for default > > quota. Hope that makes sense. > > > > On Mon, Jun 27, 2016 at 10:25 PM, Jun Rao wrote: > > > > > Rajini, > > > > > > Thanks for the update. Looks good to me. My only comment is that > > > instead of /config/users//clients, > > > would it be better to represent it as > > > /config/users//clients/ > > > so that it's more consistent? > > > > > > Jun > > > > > > > > > On Thu, Jun 23, 2016 at 2:16 PM, Rajini Sivaram < > > > rajinisivaram@googlemail.com> wrote: > > > > > > > Jun, > > > > > > > > Yes, I agree that it makes sense to retain the existing semantics for > > > > client-id quotas for compatibility. Especially if we can provide the > > > option > > > > to enable secure client-id quotas for multi-user clusters as well. > > > > > > > > I have updated the KIP - each of these levels can have defaults as > well > > > as > > > > specific entries: > > > > > > > > - /config/clients : Insecure quotas with the same > > > semantics > > > > as now > > > > - /config/users: User quotas > > > > - /config/users/userA/clients: quotas for userA > > > > - /config/users//clients: Default > quotas > > > > > > > > Now it is fully flexible as well as compatible with the current > > > > implementation. I used /config/users//clients rather than > > > > /config/users/clients since "clients" is a valid (unlikely, but still > > > > possible) user principal. I used , but it could be anything > > that > > > > is a valid Zookeeper node name, but not a valid URL-encoded name. > > > > > > > > Thank you, > > > > > > > > Rajini > > > > > > > > On Thu, Jun 23, 2016 at 3:43 PM, Jun Rao wrote: > > > > > > > > > Hi, Rajini, > > > > > > > > > > For the following statements, would it be better to allocate the > > quota > > > to > > > > > all connections whose client-id is clientX? This way, existing > > > client-id > > > > > quotas are fully compatible in the new release whether the cluster > is > > > in > > > > a > > > > > single user or multi-user environment. > > > > > > > > > > 4. If client-id quota override is defined for clientX in > > > > > /config/clients/clientX, this quota is allocated for the sole use > of > > > > > > > > > clientX> > > > > > 5. If dynamic client-id default is configured in /config/clients, > > this > > > > > default quota is allocated for the sole use of > > > > > 6. If quota.producer.default is configured for the broker in > > > > > server.properties, this default quota is allocated for the sole use > > of > > > > > > > > > clientX> > > > > > > > > > > We can potentially add a default quota for both user and client at > > path > > > > > /config/users/clients? > > > > > > > > > > Thanks, > > > > > > > > > > Jun > > > > > > > > > > On Wed, Jun 22, 2016 at 3:01 AM, Rajini Sivaram < > > > > > rajinisivaram@googlemail.com> wrote: > > > > > > > > > > > Ismael, Jun, > > > > > > > > > > > > Thank you both for the feedback. Have updated the KIP to add > > dynamic > > > > > > default quotas for client-id with deprecation of existing static > > > > default > > > > > > properties. > > > > > > > > > > > > > > > > > > On Wed, Jun 22, 2016 at 12:50 AM, Jun Rao > > wrote: > > > > > > > > > > > > > Yes, for consistency, perhaps we can allow client-id quota to > be > > > > > > configured > > > > > > > dynamically too and mark the static config in the broker as > > > > deprecated. > > > > > > If > > > > > > > both are set, the dynamic one wins. > > > > > > > > > > > > > > Thanks, > > > > > > > > > > > > > > Jun > > > > > > > > > > > > > > On Tue, Jun 21, 2016 at 3:56 AM, Ismael Juma < > ismael@juma.me.uk> > > > > > wrote: > > > > > > > > > > > > > > > On Tue, Jun 21, 2016 at 12:50 PM, Rajini Sivaram < > > > > > > > > rajinisivaram@googlemail.com> wrote: > > > > > > > > > > > > > > > > > It is actually quite tempting to do the same for client-id > > > quotas > > > > > as > > > > > > > > well, > > > > > > > > > but I suppose we can't break existing users who have > > configured > > > > > > > defaults > > > > > > > > in > > > > > > > > > server.properties and providing two ways of setting > client-id > > > > > > defaults > > > > > > > > > would be just too confusing. > > > > > > > > > > > > > > > > > > > > > > > > > Using two different approaches for client-id versus user > quota > > > > > defaults > > > > > > > is > > > > > > > > also not great. We could deprecate the server.properties > > default > > > > > > configs > > > > > > > > for client-id quotas and remove them in the future. In the > > > > meantime, > > > > > we > > > > > > > > would have to live with 2 level defaults. > > > > > > > > > > > > > > > > Jun, what are your thoughts on this? > > > > > > > > > > > > > > > > Ismael > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > Regards, > > > > > > > > > > > > Rajini > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > Regards, > > > > > > > > Rajini > > > > > > > > > > > > > > > -- > > Regards, > > > > Rajini > > > -- Regards, Rajini --001a11422e16f09a4405368ed119--