Broker Configuration Properties

Broker configuration properties are applied individually to each broker in a cluster. You can find and modify these properties in the redpanda.yaml configuration file.

For information on how to edit broker properties, see Configure Broker Properties.

All broker properties require that you restart Redpanda for any update to take effect.

Broker configuration

admin

Network address for the Admin API server.

Visibility: user

Default: 127.0.0.1:9644


admin_api_doc_dir

Path to the API specifications for the Admin API.

Visibility: user

Type: string

Default: /usr/share/redpanda/admin-api-doc


admin_api_tls

Specifies the TLS configuration for the HTTP Admin API.

Visibility: user

Default: null


crash_loop_limit

A limit on the number of consecutive times a broker can crash within one hour before its crash-tracking logic is reset. This limit prevents a broker from getting stuck in an infinite cycle of crashes.

If null, the property is disabled and no limit is applied.

The crash-tracking logic is reset (to zero consecutive crashes) by any of the following conditions:

  • The broker shuts down cleanly.

  • One hour passes since the last crash.

  • The redpanda.yaml broker configuration file is updated.

  • The startup_log file in the broker’s data_directory is manually deleted.

Unit: number of consecutive crashes of a broker

Visibility: user

Type: integer

Accepted values: [0, 4294967295]

Default: 5


data_directory

Path to the directory for storing Redpanda’s streaming data files.

Visibility: user

Type: string

Default: null


developer_mode

Enabling developer_mode isn’t recommended for production use.

Enable developer mode, which skips most of the checks performed at startup.

Visibility: tunable

Type: boolean

Default: false


emergency_disable_data_transforms

Override the cluster property data_transforms_enabled and disable Wasm-powered data transforms. This is an emergency shutoff button.

Visibility: user

Type: boolean

Default: false


empty_seed_starts_cluster

Controls how a new cluster is formed. All brokers in a cluster must have the same value.

For backward compatibility, true is the default. Redpanda recommends using false in production environments to prevent accidental cluster formation.

Visibility: user

Type: boolean

Default: true


fips_mode

Controls whether Redpanda starts in FIPS mode. This property allows for three values:

  • Disabled - Redpanda does not start in FIPS mode.

  • Permissive - Redpanda performs the same check as enabled, but a warning is logged, and Redpanda continues to run. Redpanda loads the OpenSSL FIPS provider into the OpenSSL library. After this completes, Redpanda is operating in FIPS mode, which means that the TLS cipher suites available to users are limited to the TLSv1.2 and TLSv1.3 NIST-approved cryptographic methods.

  • Enabled - Redpanda verifies that the operating system is enabled for FIPS by checking /proc/sys/crypto/fips_enabled. If the file does not exist or does not return 1, Redpanda immediately exits.

Visibility: user

Accepted values: 0 (disabled), 1 (permissive), 2 (enabled)

Default: 0 (disabled)


kafka_api

IP address and port of the Kafka API endpoint that handles requests.

Visibility: user

Default: 127.0.0.1:9092


kafka_api_tls

Transport Layer Security (TLS) configuration for the Kafka API endpoint.

Visibility: user

Default: null


memory_allocation_warning_threshold

Threshold for log messages that contain a larger memory allocation than specified.

Unit: bytes Visibility: tunable

Type: integer

Default: 131073 (128_kib + 1)


node_id

A number that uniquely identifies the broker within the cluster. If null (the default value), Redpanda automatically assigns an ID. If set, it must be non-negative value.

Do not set node_id manually.

Redpanda assigns unique IDs automatically to prevent issues such as:

  • Brokers with empty disks rejoining the cluster.

  • Conflicts during recovery or scaling.

Manually setting or reusing node_id values, even for decommissioned brokers, can cause cluster inconsistencies and operational failures.

Broker IDs are immutable. After a broker joins the cluster, its node_id cannot be changed.

Accepted values: [0, 4294967295]

Type: integer

Visibility: user

Default: null


openssl_config_file

Path to the configuration file used by OpenSSL to properly load the FIPS-compliant module.

Visibility: user

Type: string

Default: null


openssl_module_directory

Path to the directory that contains the OpenSSL FIPS-compliant module. The filename that Redpanda looks for is fips.so.

Visibility: user

Type: string

Default: null


rack

A label that identifies a failure zone. Apply the same label to all brokers in the same failure zone. When enable_rack_awareness is set to true at the cluster level, the system uses the rack labels to spread partition replicas across different failure zones.

Visibility: user

Default: null


recovery_mode_enabled

If true, start Redpanda in recovery mode, where user partitions are not loaded and only administrative operations are allowed.

Visibility: user

Type: boolean

Default: false


rpc_server

IP address and port for the Remote Procedure Call (RPC) server.

Visibility: user

Default: 127.0.0.1:33145


rpc_server_tls

TLS configuration for the RPC server.

Visibility: user


seed_servers

List of the seed servers used to join current cluster. If the seed_servers list is empty the node will be a cluster root and it will form a new cluster.

  • When empty_seed_starts_cluster is true, Redpanda enables one broker with an empty seed_servers list to initiate a new cluster. The broker with an empty seed_servers becomes the cluster root, to which other brokers must connect to join the cluster. Brokers looking to join the cluster should have their seed_servers populated with the cluster root’s address, facilitating their connection to the cluster.

    Only one broker, the designated cluster root, should have an empty seed_servers list during the initial cluster bootstrapping. This ensures a single initiation point for cluster formation.

  • When empty_seed_starts_cluster is false, Redpanda requires all brokers to start with a known set of brokers listed in seed_servers. The seed_servers list must not be empty and should be identical across these initial seed brokers, containing the addresses of all seed brokers. Brokers not included in the seed_servers list use it to discover and join the cluster, allowing for expansion beyond the foundational members.

    The seed_servers list must be consistent across all seed brokers to prevent cluster fragmentation and ensure stable cluster formation.

Visibility: user

Type: array

Default: null


storage_failure_injection_config_path

Path to the configuration file used for low level storage failure injection.

Visibility: tunable

Type: string

Default: null


storage_failure_injection_enabled

If true, inject low level storage failures on the write path. Do not use for production instances.

Visibility: tunable

Type: boolean

Default: false


upgrade_override_checks

Whether to violate safety checks when starting a Redpanda version newer than the cluster’s consensus version.

Visibility: tunable

Type: boolean

Default: false


verbose_logging_timeout_sec_max

Maximum duration in seconds for verbose (TRACE or DEBUG) logging. Values configured above this will be clamped. If null (the default) there is no limit. Can be overridden in the Admin API on a per-request basis.

Unit: seconds

Visibility: tunable

Type: integer

Accepted values: [-17179869184, 17179869183]

Default: null


Schema Registry

The Schema Registry provides configuration properties to help you enable producers and consumers to share information needed to serialize and deserialize producer and consumer messages.

For information on how to edit broker properties for the Schema Registry, see Configure Broker Properties.

api_doc_dir

API doc directory.

Visibility: user

Type: string

Default: /usr/share/redpanda/proxy-api-doc


mode_mutability

Enable modifications to the read-only mode of the Schema Registry. When set to true, the entire Schema Registry or its subjects can be switched to READONLY or READWRITE. This property is useful for preventing unwanted changes to the entire Schema Registry or specific subjects.

Visibility: user

Type: boolean

Default: true


schema_registry_api

Schema Registry API listener address and port.

Visibility: user

Default: 0.0.0.0:8081


schema_registry_api_tls

TLS configuration for Schema Registry API.

Visibility: user

Default: null


schema_registry_replication_factor

Replication factor for internal _schemas topic. If unset, defaults to default_topic_replication.

Visibility: user

Type: integer

Accepted values: [-32768, 32767]

Default: null

Related topics:


HTTP Proxy

Redpanda HTTP Proxy allows access to your data through a REST API. For example, you can list topics or brokers, get events, produce events, subscribe to events from topics using consumer groups, and commit offsets for a consumer.

advertised_pandaproxy_api

Network address for the HTTP Proxy API server to publish to clients.

Visibility: user

Default: null


client_cache_max_size

The maximum number of Kafka client connections that Redpanda can cache in the LRU (least recently used) cache. The LRU cache helps optimize resource utilization by keeping the most recently used clients in memory, facilitating quicker reconnections for frequent clients while limiting memory usage.

Visibility: user

Type: integer

Default: 10


client_keep_alive

Time, in milliseconds, that an idle client connection may remain open to the HTTP Proxy API.

Unit: milliseconds

Visibility: user

Type: integer

Accepted values: [-17592186044416, 17592186044415]

Default: 300000 (5min)


consumer_instance_timeout_ms

How long to wait for an idle consumer before removing it. A consumer is considered idle when it’s not making requests or heartbeats.

Unit: milliseconds

Visibility: user

Type: integer

Accepted values: [-17592186044416, 17592186044415]

Default: 300000


pandaproxy_api

Rest API listener address and port.

Visibility: user

Default: 0.0.0.0:8082


pandaproxy_api_tls

TLS configuration for Pandaproxy api.

Visibility: user

Default: null


HTTP Proxy Client

Configuration options for HTTP Proxy Client.

broker_tls

TLS configuration for the Kafka API servers to which the HTTP Proxy client should connect.

Visibility: user


brokers

Network addresses of the Kafka API servers to which the HTTP Proxy client should connect.

Visibility: user

Type: array

Default: ['127.0.0.1:9092']


client_identifier

Custom identifier to include in the Kafka request header for the HTTP Proxy client. This identifier can help debug or monitor client activities.

Visibility: user

Type: string

Default: test_client


consumer_heartbeat_interval_ms

Interval (in milliseconds) for consumer heartbeats.

Unit: milliseconds

Visibility: user

Type: integer

Accepted values: [-17592186044416, 17592186044415]

Default: 500


consumer_rebalance_timeout_ms

Timeout (in milliseconds) for consumer rebalance.

Unit: milliseconds

Visibility: user

Type: integer

Accepted values: [-17592186044416, 17592186044415]

Default: 2000


consumer_request_max_bytes

Maximum bytes to fetch per request.

Unit: bytes

Visibility: user

Type: integer

Accepted values: [-2147483648, 2147483647]

Default: 1048576


consumer_request_min_bytes

Minimum bytes to fetch per request.

Unit: bytes

Visibility: user

Type: integer

Accepted values: [-2147483648, 2147483647]

Default: 1


consumer_request_timeout_ms

Interval (in milliseconds) for consumer request timeout.

Unit: milliseconds

Visibility: user

Type: integer

Accepted values: [-17592186044416, 17592186044415]

Default: 100


consumer_session_timeout_ms

Timeout (in milliseconds) for consumer session.

Unit: milliseconds

Visibility: user

Type: integer

Accepted values: [-17592186044416, 17592186044415]

Default: 10000


produce_ack_level

Number of acknowledgments the producer requires the leader to have received before considering a request complete.

Visibility: user

Type: integer

Accepted values: -1,0,1

Default: -1


produce_batch_delay_ms

Delay (in milliseconds) to wait before sending batch.

Unit: milliseconds

Visibility: user

Type: integer

Accepted values: [-17592186044416, 17592186044415]

Default: 100


produce_batch_record_count

Number of records to batch before sending to broker.

Visibility: user

Type: integer

Accepted values: [-2147483648, 2147483647]

Default: 1000


produce_batch_size_bytes

Number of bytes to batch before sending to broker.

Unit: bytes

Visibility: user

Type: integer

Accepted values: [-2147483648, 2147483647]

Default: 1048576


produce_compression_type

Enable or disable compression by the Kafka client. Specify none to disable compression or one of the supported types [gzip, snappy, lz4, zstd].

Visibility: user

Type: string

Default: none


produce_shutdown_delay_ms

Delay (in milliseconds) to allow for final flush of buffers before shutting down.

Unit: milliseconds

Visibility: user

Type: integer

Accepted values: [-17592186044416, 17592186044415]

Default: 0


retries

Number of times to retry a request to a broker.

Visibility: user

Type: integer

Default: 5


retry_base_backoff_ms

Delay (in milliseconds) for initial retry backoff.

Unit: milliseconds

Visibility: user

Type: integer

Accepted values: [-17592186044416, 17592186044415]

Default: 100


sasl_mechanism

The SASL mechanism to use when connecting.

Visibility: user

Type: string

Default: null


scram_password

Password to use for SCRAM authentication mechanisms.

Visibility: user

Type: string

Default: null


scram_username

Username to use for SCRAM authentication mechanisms.

Visibility: user

Type: string

Default: null