search

grepplabs / kafka-proxy

Proxy connections to Kafka cluster. Connect through SOCKS Proxy, HTTP Proxy or to cluster running in Kubernetes.
Apache License 2.0
488 stars 83 forks source link

Does the proxy support rotation of certificates? #86

Open james-bjss opened 3 years ago

james-bjss commented 3 years ago

We have a requirement for short-lived client certs, unfortunately the Kafka Java clients do not support hot-swapping of certs so this requires us to restart the consumers which subsequently trigger re-balances of the consumer group.

I was looking into a proxy option and wondered if such a setup would be possible with kafka-proxy? Feel like there must be others with this issue and this could be a great use for the proxy.

It looks like there is a PR for librdkafka to achieve this for clients which use this lib, though this is not yet merged. https://github.com/edenhill/librdkafka/issues/2868

everesio commented 3 years ago

Rotation of certificates is not supported so far.