KIP-1015 — Limit number of ssl connections in brokers
Discussion SecurityBroker
Adds a new `max.connections.ssl` broker and listener configuration to cap the number of active TLS connections independently of plaintext connections. An SSL connection consumes ~100KB of memory vs ~250 bytes for plaintext, so the existing unified `max.connections` limit does not prevent OOM from TLS-heavy workloads.
Details
| Author | Jimmy Wang |
| Status | Discussion |
| JIRA | KAFKA-16081 |
| Wiki | View on Apache Wiki |
| Created | 2024-01-06 |
| Last Modified | 2024-01-08 |
Explore how this KIP affects the Kafka protocol in the Protocol Explorer, or see the full KIP database.