You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kafka.apache.org by jaikiran <gi...@git.apache.org> on 2016/09/06 05:31:15 UTC

[GitHub] kafka pull request #1825: MINOR: Reduce the log level when the peer isn't au...

GitHub user jaikiran opened a pull request:

    https://github.com/apache/kafka/pull/1825

    MINOR: Reduce the log level when the peer isn't authenticated but is using SSL

    The commit here changes the log level of a log message from WARN to DEBUG. As noted in the mail discussion here https://www.mail-archive.com/dev@kafka.apache.org/msg56035.html, in a pretty straightforward/typical and valid setup, the broker logs get flooded with the following message:
    
                   [2016-09-02 08:07:13,773] WARN SSL peer is not authenticated, returning ANONYMOUS instead (org.apache.kafka.common.network.SslTransportLayer)
    		[2016-09-02 08:07:15,710] WARN SSL peer is not authenticated, returning ANONYMOUS instead (org.apache.kafka.common.network.SslTransportLayer)
    		[2016-09-02 08:07:15,711] WARN SSL peer is not authenticated, returning ANONYMOUS instead (org.apache.kafka.common.network.SslTransportLayer)
    		[2016-09-02 08:07:15,711] WARN SSL peer is not authenticated, returning ANONYMOUS instead (org.apache.kafka.common.network.SslTransportLayer)
    		[2016-09-02 08:07:15,712] WARN SSL peer is not authenticated, returning ANONYMOUS instead (org.apache.kafka.common.network.SslTransportLayer) 
    		....
    
    
    and it goes on forever. 
    
    Personally, I would like to remove this log message altogether for two reasons:
    
    - It's a valid case for the peer to be not authenticated but still using SSL and the code rightly handles it to return anonymous principal
    - The fact that this method gets called way too frequently and irrespective of what log level it gets logged at, it will end up flooding the log if that level is enabled.
    
    Having said that I don't know if there will be an agreement on removing this log message altogether, hence just lowering the level for now.


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/jaikiran/kafka ssl-log-level

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/kafka/pull/1825.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #1825
    
----
commit 72919ce832ebf4437893993e16f3003bcd6eb941
Author: Jaikiran Pai <ja...@gmail.com>
Date:   2016-09-06T05:23:44Z

    Reduce the log level when the peer isn't authenticated but is using SSL (which is a valid case)

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] kafka pull request #1825: MINOR: Reduce the log level when the peer isn't au...

Posted by asfgit <gi...@git.apache.org>.

Github user asfgit closed the pull request at:

    https://github.com/apache/kafka/pull/1825


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---