Kafka Broker Properties
Broker Properties in Kafkaπ
broker.idπ
listenersπ
Example Config
# The address the socket server listens on. If not configured, the host name will be equal to the value of
# java.net.InetAddress.getCanonicalHostName(), with PLAINTEXT listener name, and port 9092.
# FORMAT:
# listeners = listener_name://host_name:port
# EXAMPLE:
# listeners = PLAINTEXT://your.host.name:9092
listeners=PLAINTEXT://localhost:9092
# Name of listener used for communication between brokers.
inter.broker.listener.name=PLAINTEXT
# Listener name, hostname and port the broker will advertise to clients.
# If not set, it uses the value for "listeners".
advertised.listeners=PLAINTEXT://localhost:9092
# A comma-separated list of the names of the listeners used by the controller.
# This is required if running in KRaft mode. On a node with `process.roles=broker`, only the first listed listener will be used by the broker.
controller.listener.names=CONTROLLER
# Maps listener names to security protocols, the default is for them to be the same. See the config documentation for more details
listener.security.protocol.map=CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT,SSL:SSL,SASL_PLAINTEXT:SASL_PLAINTEXT,SASL_SSL:SASL_SSL
You can think of this as explaining βhow Kafka knows which door to use when someone wants to talk to it.β
π 1. Kafka is like a house with doorsπ
Kafka brokers are like houses, and to talk to a broker (send messages, get data, etc.), you need to know which door to knock on.
Each door has:
- A name (like βPLAINTEXTβ or βSSLβ)
- A street address (hostname or IP)
- A door number (port)
πͺ 2. listeners=PLAINTEXT://localhost:9092π
This says:
βOpen a door called PLAINTEXT on address localhost, port 9092.β
That means:
- Kafka will listen on port
9092 - It will accept plain (unencrypted) connections
- Clients and other brokers can connect through that door.
So if a producer or consumer wants to connect, it says:
β Theyβre knocking on that door!
Think of this as the door Kafka listens at.
π£οΈ 3. inter.broker.listener.name=PLAINTEXTπ
Kafka brokers in the same cluster talk to each other β they need their own βprivate line.β
This setting says:
βWhen brokers talk to each other, use the PLAINTEXT door.β
So if you have multiple brokers:
- Broker 1, Broker 2, and Broker 3
- Theyβll all use the PLAINTEXT channel to sync data and share cluster info.
This just tells Kafka:
βWhich of the doors we opened should the brokers use to chat among themselves?β
π’ 4. advertised.listeners=PLAINTEXT://localhost:9092π
Imagine you live inside your house, and you tell your friends:
βHey, if you want to visit me, come to localhost:9092.β
Thatβs what this does.
Kafka uses advertised.listeners to tell clients and other brokers βthis is the address you should use to reach me.β
Why this matters:π
If Kafka runs inside Docker, Kubernetes, or the cloud, the listeners address might be something internal (like 0.0.0.0),
but the advertised.listeners should be the public or reachable hostname (like my-broker.company.com).
So:
listeners= the actual door inside Kafka.advertised.listeners= the address label you give out to the world.
π§ 5. controller.listener.names=CONTROLLERπ
Kafka needs a βcontrollerβ β one special broker that coordinates the cluster (decides leaders, handles elections, etc.).
This line says:
βThe controller will use a listener called CONTROLLER to do its work.β
In Kafkaβs new mode (called KRaft mode β Kafka without ZooKeeper),
the controller uses its own special private door (CONTROLLER) for cluster management.
You can ignore this if youβre running a simple single-node Kafka β itβs just for internal communication between controller nodes.
π 6. listener.security.protocol.map=...π
Now this is like a dictionary that tells Kafka:
βWhat kind of security each door uses.β
Hereβs what it means:
So:
- Door named PLAINTEXT β normal unencrypted connection
- Door named SSL β encrypted HTTPS-style connection
- Door named SASL_SSL β encrypted + username/password
- Door named CONTROLLER β internal plain connection for controller traffic
Basically, this says:
βEach door name matches its security type.β
π― 7. Putting it all togetherπ
| Config | Think of it as | What it does |
|---|---|---|
listeners |
π The doors Kafka opens | Where Kafka waits for connections |
inter.broker.listener.name |
π The door brokers use to talk to each other | Chooses which listener for broker-to-broker communication |
advertised.listeners |
π’ The address Kafka tells others to use | How clients and brokers find this broker |
controller.listener.names |
π§ The private control door | Used by the controller in KRaft mode |
listener.security.protocol.map |
πΊοΈ The security rulebook | Maps each door to its security protocol |
𧩠8. Simple example storyπ
Imagine:
- You (Kafka broker) live in a house.
-
You have a few doors:
-
βFront doorβ (PLAINTEXT) β anyone can visit
- βBack doorβ (CONTROLLER) β for your best friend (controller)
- βSecret doorβ (SSL) β only for trusted people with keys
You tell your friends:
βUse the front door at localhost:9092 to visit me!β
Thatβs:
And you decide that you and your best friend (another broker) will use the same door to talk:
β 9. In short β the βkidβ version:π
- listeners β Kafka opens this door to listen.
- advertised.listeners β Kafka tells everyone, βHey! Knock on this door.β
- inter.broker.listener.name β Brokers talk to each other through this door.
- controller.listener.names β The controller uses this door to manage the cluster.
- listener.security.protocol.map β Explains which door uses which kind of lock (security).
zookeeper.connectπ
log.dirsπ
num.recovery.thread.per.data.dirπ
Alright, letβs simplify this π
π Whatβs happening?π
- Kafka stores messages on disk in log segments (files).
- When a broker starts or shuts down, it needs to open, check, or close all these log files.
- To do this work, Kafka uses a pool of threads.
π Where threads are used:π
- Normal startup β open each partitionβs log files.
- Startup after a crash β carefully check + truncate log files (takes longer).
- Shutdown β close log files properly.
βοΈ Default settingπ
- By default, Kafka uses 1 thread per log directory.
- Example: if you have 3 log directories β 3 threads total.
π Why increase threads?π
- If you have many partitions and a broker crashed, recovery can take hours with just 1 thread per directory.
- Increasing threads allows parallel recovery β much faster startup.
π Important noteπ
The config is called:
- If you set it to
8and you have3log.dirs, total =8 Γ 3 = 24 threads. - More threads β faster startup/recovery.
π Layman analogy: Imagine you have 10,000 books (partitions) to put back on shelves after a storm (broker crash).
- With 1 librarian per shelf (default), it takes hours.
- With 8 librarians per shelf (more threads), all books are sorted much faster.
Why Truncate Log Segments?π
Great question π Letβs break it down simply.
π Why truncation is needed after a crashπ
- Kafka writes data to disk in log segments.
- Each segment has an ordered sequence of messages.
- When a broker crashes (power cut, OOM, kill -9, etc.), some data may have been partially written (corrupted, incomplete).
π What happens after restartπ
- Kafka reopens the log files.
- It checks the last segment for incomplete or corrupted records.
- If it finds bad records at the end of the file β it truncates (cuts off) the broken part so only valid data remains.
β Why this is importantπ
- Ensures data consistency: no half-written messages are exposed to consumers.
- Keeps the log index aligned with the actual data.
- Avoids strange errors like βmessage length mismatchβ or βinvalid checksum.β
π Exampleπ
Imagine writing messages to a notebook:
When you reopen, Kafka erases the half-written sentence on Page 3, so the notebook only contains complete entries.
π Safety netπ
- Kafka only truncates data that wasnβt fully acknowledged (not committed).
- So producers/consumers wonβt lose confirmed messages β only the garbage left behind by the crash.
π In short: Truncation after a crash = clean up the mess at the end of the log so the broker can continue safely.