Pulsar configuration

BookKeeper
Client
Standalone
Pulsar proxy

BookKeeper is a replicated log storage system that Pulsar uses for durable storage of all messages.

Broker

Pulsar brokers are responsible for handling incoming messages from producers, dispatching messages to consumers, replicating data between clusters, and more.

Name	Description	Default
advertisedListeners	Specify multiple advertised listeners for the broker. The format is `<listener_name>:pulsar://<host>:<port>`. If there are multiple listeners, separate them with commas. Note: do not use this configuration with `advertisedAddress` and `brokerServicePort`. If the value of this configuration is empty, the broker uses `advertisedAddress` and `brokerServicePort`	/
internalListenerName	Specify the internal listener name for the broker. Note: the listener name must be contained in `advertisedListeners`. If the value of this configuration is empty, the broker uses the first listener as the internal listener.	/
authenticateOriginalAuthData	If this flag is set to `true`, the broker authenticates the original Auth data; else it just accepts the originalPrincipal and authorizes it (if required).	false
enablePersistentTopics	Whether persistent topics are enabled on the broker	true
enableNonPersistentTopics	Whether non-persistent topics are enabled on the broker	true
functionsWorkerEnabled	Whether the Pulsar Functions worker service is enabled in the broker	false
exposePublisherStats	Whether to enable topic level metrics.	true
statsUpdateFrequencyInSecs		60
statsUpdateInitialDelayInSecs		60
metadataStoreUrl	Metadata store quorum connection string
metadataStoreCacheExpirySeconds	Metadata store cache expiry time in seconds	300
configurationMetadataStoreUrl	Configuration store connection string (as a comma-separated list)
brokerServicePort	Broker data port	6650
brokerServicePortTls	Broker data port for TLS	6651
webServicePort	Port to use to server HTTP request	8080
webServicePortTls	Port to use to server HTTPS request	8443
webSocketServiceEnabled	Enable the WebSocket API service in broker	false
webSocketNumIoThreads	The number of IO threads in Pulsar Client used in WebSocket proxy.	Runtime.getRuntime().availableProcessors()
webSocketConnectionsPerBroker	The number of connections per Broker in Pulsar Client used in WebSocket proxy.	Runtime.getRuntime().availableProcessors()
webSocketSessionIdleTimeoutMillis	Time in milliseconds that idle WebSocket session times out.	300000
webSocketMaxTextFrameSize	The maximum size of a text message during parsing in WebSocket proxy.	1048576
exposeTopicLevelMetricsInPrometheus	Whether to enable topic level metrics.	true
exposeConsumerLevelMetricsInPrometheus	Whether to enable consumer level metrics.	false
jvmGCMetricsLoggerClassName	Classname of Pluggable JVM GC metrics logger that can log GC specific metrics.	N/A
bindAddress	Hostname or IP address the service binds on, default is 0.0.0.0.	0.0.0.0
bindAddresses	Additional Hostname or IP addresses the service binds on: `listener_name:scheme://host:port,…`.
advertisedAddress	Hostname or IP address the service advertises to the outside world. If not set, the value of `InetAddress.getLocalHost().getHostName()` is used.
clusterName	Name of the cluster to which this broker belongs to
maxTenants	The maximum number of tenants that can be created in each Pulsar cluster. When the number of tenants reaches the threshold, the broker rejects the request of creating a new tenant. The default value 0 disables the check.	0
brokerDeduplicationEnabled	Sets the default behavior for message deduplication in the broker. If enabled, the broker will reject messages that were already stored in the topic. This setting can be overridden on a per-namespace basis.	false
brokerDeduplicationMaxNumberOfProducers	The maximum number of producers for which information will be stored for deduplication purposes.	10000
brokerDeduplicationEntriesInterval	The number of entries after which a deduplication informational snapshot is taken. A larger interval will lead to fewer snapshots being taken, though this would also lengthen the topic recovery time (the time required for entries published after the snapshot to be replayed).	1000
brokerDeduplicationSnapshotIntervalSeconds	The time period after which a deduplication informational snapshot is taken. It runs simultaneously with `brokerDeduplicationEntriesInterval`.	120
brokerDeduplicationProducerInactivityTimeoutMinutes	The time of inactivity (in minutes) after which the broker will discard deduplication information related to a disconnected producer.	360
brokerDeduplicationSnapshotFrequencyInSeconds	How often is the thread pool scheduled to check whether a snapshot needs to be taken. The value of `0` means it is disabled.	120
dispatchThrottlingRateInMsg	Dispatch throttling-limit of messages for a broker (per second). 0 means the dispatch throttling-limit is disabled.	0
dispatchThrottlingRateInByte	Dispatch throttling-limit of bytes for a broker (per second). 0 means the dispatch throttling-limit is disabled.	0
dispatchThrottlingRatePerTopicInMsg	Dispatch throttling-limit of messages for every topic (per second). 0 means the dispatch throttling-limit is disabled.	0
dispatchThrottlingRatePerTopicInByte	Dispatch throttling-limit of bytes for every topic (per second). 0 means the dispatch throttling-limit is disabled.	0
dispatchThrottlingOnBatchMessageEnabled	Apply dispatch rate limiting on batch message instead individual messages with in batch message. (Default is disabled).	false
dispatchThrottlingRateRelativeToPublishRate	Enable dispatch rate-limiting relative to publish rate.	false
dispatchThrottlingRatePerSubscriptionInMsg	Dispatch throttling-limit of messages for a subscription. 0 means the dispatch throttling-limit is disabled.	0
dispatchThrottlingRatePerSubscriptionInByte	Dispatch throttling-limit of bytes for a subscription. 0 means the dispatch throttling-limit is disabled.	0
dispatchThrottlingRatePerReplicatorInMsg	The default messages per second dispatch throttling-limit for every replicator in replication. The value of `0` means disabling replication message dispatch-throttling	0
dispatchThrottlingRatePerReplicatorInByte	The default bytes per second dispatch throttling-limit for every replicator in replication. The value of `0` means disabling replication message-byte dispatch-throttling	0
metadataStoreSessionTimeoutMillis	Metadata store session timeout in milliseconds	30000
brokerShutdownTimeoutMs	Time to wait for broker graceful shutdown. After this time elapses, the process will be killed	60000
skipBrokerShutdownOnOOM	Flag to skip broker shutdown when broker handles Out of memory error.	false
backlogQuotaCheckEnabled	Enable backlog quota check. Enforces action on topic when the quota is reached	true
backlogQuotaCheckIntervalInSeconds	How often to check for topics that have reached the quota	60
backlogQuotaDefaultLimitBytes	The default per-topic backlog quota limit. Being less than 0 means no limitation. By default, it is -1.	-1
backlogQuotaDefaultRetentionPolicy	The defaulted backlog quota retention policy. By Default, it is `producer_request_hold`. ‘producer_request_hold’ Policy which holds producer’s send request until the resource becomes available (or holding times out) ‘producer_exception’ Policy which throws `javax.jms.ResourceAllocationException` to the producer ‘consumer_backlog_eviction’ Policy which evicts the oldest message from the slowest consumer’s backlog	producer_request_hold
allowAutoTopicCreation	Enable topic auto creation if a new producer or consumer connected	true
allowAutoTopicCreationType	The type of topic that is allowed to be automatically created.(partitioned/non-partitioned)	non-partitioned
allowAutoSubscriptionCreation	Enable subscription auto creation if a new consumer connected	true
defaultNumPartitions	The number of partitioned topics that is allowed to be automatically created if `allowAutoTopicCreationType` is partitioned	1
brokerDeleteInactiveTopicsEnabled	Enable the deletion of inactive topics. If topics are not consumed for some while, these inactive topics might be cleaned up. Deleting inactive topics is enabled by default. The default period is 1 minute.	true
brokerDeleteInactiveTopicsFrequencySeconds	How often to check for inactive topics	60
brokerDeleteInactiveTopicsMode	Set the mode to delete inactive topics. `delete_when_no_subscriptions`: delete the topic which has no subscriptions or active producers. `delete_when_subscriptions_caught_up`: delete the topic whose subscriptions have no backlogs and which has no active producers or consumers.	`delete_when_no_subscriptions`
brokerDeleteInactiveTopicsMaxInactiveDurationSeconds	Set the maximum duration for inactive topics. If it is not specified, the `brokerDeleteInactiveTopicsFrequencySeconds` parameter is adopted.	N/A
forceDeleteTenantAllowed	Enable you to delete a tenant forcefully.	false
forceDeleteNamespaceAllowed	Enable you to delete a namespace forcefully.	false
messageExpiryCheckIntervalInMinutes	The frequency of proactively checking and purging expired messages.	5
brokerServiceCompactionMonitorIntervalInSeconds	Interval between checks to determine whether topics with compaction policies need compaction.	60
brokerServiceCompactionThresholdInBytes	If the estimated backlog size is greater than this threshold, compression is triggered. Set this threshold to 0 means disabling the compression check.	N/A
delayedDeliveryEnabled	Whether to enable the delayed delivery for messages. If disabled, messages will be immediately delivered and there will be no tracking overhead.	true
delayedDeliveryTickTimeMillis	Control the tick time for retrying on delayed delivery, which affects the accuracy of the delivery time compared to the scheduled time. By default, it is 1 second.	1000
activeConsumerFailoverDelayTimeMillis	How long to delay rewinding cursor and dispatching messages when active consumer is changed.	1000
clientLibraryVersionCheckEnabled	Enable check for minimum allowed client library version	false
clientLibraryVersionCheckAllowUnversioned	Allow client libraries with no version information	true
statusFilePath	Path for the file used to determine the rotation status for the broker when responding to service discovery health checks
preferLaterVersions	If true, (and ModularLoadManagerImpl is being used), the load manager will attempt to use only brokers running the latest software version (to minimize impact to bundles)	false
maxNumPartitionsPerPartitionedTopic	Max number of partitions per partitioned topic. Use 0 or negative number to disable the check	0
maxSubscriptionsPerTopic	Maximum number of subscriptions allowed to subscribe to a topic. Once this limit reaches, the broker rejects new subscriptions until the number of subscriptions decreases. When the value is set to 0, the limit check is disabled.	0
maxProducersPerTopic	Maximum number of producers allowed to connect to a topic. Once this limit reaches, the broker rejects new producers until the number of connected producers decreases. When the value is set to 0, the limit check is disabled.	0
maxConsumersPerTopic	Maximum number of consumers allowed to connect to a topic. Once this limit reaches, the broker rejects new consumers until the number of connected consumers decreases. When the value is set to 0, the limit check is disabled.	0
maxConsumersPerSubscription	Maximum number of consumers allowed to connect to a subscription. Once this limit reaches, the broker rejects new consumers until the number of connected consumers decreases. When the value is set to 0, the limit check is disabled.	0
tlsCertificateFilePath	Path for the TLS certificate file
tlsKeyFilePath	Path for the TLS private key file
tlsTrustCertsFilePath	Path for the trusted TLS certificate file. This cert is used to verify that any certs presented by connecting clients are signed by a certificate authority. If this verification fails, then the certs are untrusted and the connections are dropped.
tlsAllowInsecureConnection	Accept untrusted TLS certificate from client. If it is set to `true`, a client with a cert which cannot be verified with the ‘tlsTrustCertsFilePath’ cert will be allowed to connect to the server, though the cert will not be used for client authentication.	false
tlsProtocols	Specify the tls protocols the broker will use to negotiate during TLS Handshake. Multiple values can be specified, separated by commas. Example:- `TLSv1.3`, `TLSv1.2`
tlsCiphers	Specify the tls cipher the broker will use to negotiate during TLS Handshake. Multiple values can be specified, separated by commas. Example:- `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256`
tlsEnabledWithKeyStore	Enable TLS with KeyStore type configuration in broker	false
tlsProvider	TLS Provider for KeyStore type
tlsKeyStoreType	LS KeyStore type configuration in broker: JKS, PKCS12	JKS
tlsKeyStore	TLS KeyStore path in broker
tlsKeyStorePassword	TLS KeyStore password for broker
brokerClientTlsEnabledWithKeyStore	Whether internal client use KeyStore type to authenticate with Pulsar brokers	false
brokerClientSslProvider	The TLS Provider used by internal client to authenticate with other Pulsar brokers
brokerClientTlsTrustStoreType	TLS TrustStore type configuration for internal client: JKS, PKCS12, used by the internal client to authenticate with Pulsar brokers	JKS
brokerClientTlsTrustStore	TLS TrustStore path for internal client, used by the internal client to authenticate with Pulsar brokers
brokerClientTlsTrustStorePassword	TLS TrustStore password for internal client, used by the internal client to authenticate with Pulsar brokers
brokerClientTlsCiphers	Specify the tls cipher the internal client will use to negotiate during TLS Handshake. (a comma-separated list of ciphers) e.g. [TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
brokerClientTlsProtocols	Specify the tls protocols the broker will use to negotiate during TLS handshake. (a comma-separated list of protocol names). e.g. `TLSv1.3`, `TLSv1.2`
metadataStoreBatchingEnabled	Enable metadata operations batching.	true
metadataStoreBatchingMaxDelayMillis	Maximum delay to impose on batching grouping.	5
metadataStoreBatchingMaxOperations	Maximum number of operations to include in a singular batch.	1000
metadataStoreBatchingMaxSizeKb	Maximum size of a batch.	128
ttlDurationDefaultInSeconds	The default Time to Live (TTL) for namespaces if the TTL is not configured at namespace policies. When the value is set to `0`, TTL is disabled. By default, TTL is disabled.	0
tokenSettingPrefix	Configure the prefix of the token-related settings, such as `tokenSecretKey`, , `tokenAuthClaim`, `tokenPublicAlg`, `tokenAudienceClaim`, and `tokenAudience`.
tokenSecretKey	Configure the secret key to be used to validate auth tokens. The key can be specified like: `tokenSecretKey=data:;base64,xxxxxxxxx` or `tokenSecretKey=file:///my/secret.key`. Note: key file must be DER-encoded.
tokenPublicKey	Configure the public key to be used to validate auth tokens. The key can be specified like: `tokenPublicKey=data:;base64,xxxxxxxxx` or `tokenPublicKey=file:///my/secret.key`. Note: key file must be DER-encoded.
tokenPublicAlg	Configure the algorithm to be used to validate auth tokens. This can be any of the asymettric algorithms supported by Java JWT ()	RS256
tokenAuthClaim	Specify which of the token’s claims will be used as the authentication “principal” or “role”. The default “sub” claim will be used if this is left blank
tokenAudienceClaim	The token audience “claim” name, e.g. “aud”, that will be used to get the audience from token. If not set, audience will not be verified.
tokenAudience	The token audience stands for this broker. The field `tokenAudienceClaim` of a valid token, need contains this.
maxUnackedMessagesPerConsumer	Max number of unacknowledged messages allowed to receive messages by a consumer on a shared subscription. Broker will stop sending messages to consumer once, this limit reaches until consumer starts acknowledging messages back. Using a value of 0, is disabling unackeMessage limit check and consumer can receive messages without any restriction	50000
maxUnackedMessagesPerSubscription	Max number of unacknowledged messages allowed per shared subscription. Broker will stop dispatching messages to all consumers of the subscription once this limit reaches until consumer starts acknowledging messages back and unack count reaches to limit/2. Using a value of 0, is disabling unackedMessage-limit check and dispatcher can dispatch messages without any restriction	200000
subscriptionRedeliveryTrackerEnabled	Enable subscription message redelivery tracker	true
subscriptionExpirationTimeMinutes	How long to delete inactive subscriptions from last consuming. Setting this configuration to a value greater than 0 deletes inactive subscriptions automatically. Setting this configuration to 0 does not delete inactive subscriptions automatically. Since this configuration takes effect on all topics, if there is even one topic whose subscriptions should not be deleted automatically, you need to set it to 0. Instead, you can set a subscription expiration time for each namespace using the pulsar-admin namespaces set-subscription-expiration-time options command.	0
maxConcurrentLookupRequest	Max number of concurrent lookup request broker allows to throttle heavy incoming lookup traffic	50000
maxConcurrentTopicLoadRequest	Max number of concurrent topic loading request broker allows to control number of zk-operations	5000
authenticationEnabled	Enable authentication	false
authenticationProviders	Authentication provider name list, which is comma separated list of class names
authenticationRefreshCheckSeconds	Interval of time for checking for expired authentication credentials	60
authorizationEnabled	Enforce authorization	false
superUserRoles	Role names that are treated as “super-user”, meaning they will be able to do all admin operations and publish/consume from all topics
brokerClientAuthenticationPlugin	Authentication settings of the broker itself. Used when the broker connects to other brokers, either in same or other clusters
brokerClientAuthenticationParameters
athenzDomainNames	Supported Athenz provider domain names(comma separated) for authentication
exposePreciseBacklogInPrometheus	Enable expose the precise backlog stats, set false to use published counter and consumed counter to calculate, this would be more efficient but may be inaccurate.	false
schemaRegistryStorageClassName	The schema storage implementation used by this broker.	org.apache.pulsar.broker.service.schema.BookkeeperSchemaStorageFactory
isSchemaValidationEnforced	Whether to enable schema validation, when schema validation is enabled, if a producer without a schema attempts to produce the message to a topic with schema, the producer is rejected and disconnected.	false
isAllowAutoUpdateSchemaEnabled	Allow schema to be auto updated at broker level.	true
schemaCompatibilityStrategy	The schema compatibility strategy at broker level, see for available values.	FULL
systemTopicSchemaCompatibilityStrategy	The schema compatibility strategy is used for system topics, see here for available values.	ALWAYS_COMPATIBLE
topicFencingTimeoutSeconds	If a topic remains fenced for a certain time period (in seconds), it is closed forcefully. If set to 0 or a negative number, the fenced topic is not closed.	0
offloadersDirectory	The directory for all the offloader implementations.	./offloaders
bookkeeperMetadataServiceUri	Metadata service uri that bookkeeper is used for loading corresponding metadata driver and resolving its metadata service location. This value can be fetched using `bookkeeper shell whatisinstanceid` command in BookKeeper cluster. For example: zk+hierarchical://localhost:2181/ledgers. The metadata service uri list can also be semicolon separated values like below: zk+hierarchical://zk1:2181;zk2:2181;zk3:2181/ledgers
bookkeeperClientAuthenticationPlugin	Authentication plugin to use when connecting to bookies
bookkeeperClientAuthenticationParametersName	BookKeeper auth plugin implementation specifics parameters name and values
bookkeeperClientAuthenticationParameters
bookkeeperClientNumWorkerThreads	Number of BookKeeper client worker threads. Default is Runtime.getRuntime().availableProcessors()
bookkeeperClientTimeoutInSeconds	Timeout for BK add / read operations	30
bookkeeperClientSpeculativeReadTimeoutInMillis	Speculative reads are initiated if a read request doesn’t complete within a certain time Using a value of 0, is disabling the speculative reads	0
bookkeeperNumberOfChannelsPerBookie	Number of channels per bookie	16
bookkeeperClientHealthCheckEnabled	Enable bookies health check. Bookies that have more than the configured number of failure within the interval will be quarantined for some time. During this period, new ledgers won’t be created on these bookies	true
bookkeeperClientHealthCheckIntervalSeconds		60
bookkeeperClientHealthCheckErrorThresholdPerInterval		5
bookkeeperClientHealthCheckQuarantineTimeInSeconds		1800
bookkeeperClientRackawarePolicyEnabled	Enable rack-aware bookie selection policy. BK will chose bookies from different racks when forming a new bookie ensemble	true
bookkeeperClientRegionawarePolicyEnabled	Enable region-aware bookie selection policy. BK will chose bookies from different regions and racks when forming a new bookie ensemble. If enabled, the value of bookkeeperClientRackawarePolicyEnabled is ignored	false
bookkeeperClientMinNumRacksPerWriteQuorum	Minimum number of racks per write quorum. BK rack-aware bookie selection policy will try to get bookies from at least ‘bookkeeperClientMinNumRacksPerWriteQuorum’ racks for a write quorum.	2
bookkeeperClientEnforceMinNumRacksPerWriteQuorum	Enforces rack-aware bookie selection policy to pick bookies from ‘bookkeeperClientMinNumRacksPerWriteQuorum’ racks for a writeQuorum. If BK can’t find bookie then it would throw BKNotEnoughBookiesException instead of picking random one.	false
bookkeeperClientReorderReadSequenceEnabled	Enable/disable reordering read sequence on reading entries.	false
bookkeeperClientIsolationGroups	Enable bookie isolation by specifying a list of bookie groups to choose from. Any bookie outside the specified groups will not be used by the broker
bookkeeperClientSecondaryIsolationGroups	Enable bookie secondary-isolation group if bookkeeperClientIsolationGroups doesn’t have enough bookie available.
bookkeeperClientMinAvailableBookiesInIsolationGroups	Minimum bookies that should be available as part of bookkeeperClientIsolationGroups else broker will include bookkeeperClientSecondaryIsolationGroups bookies in isolated list.
bookkeeperClientGetBookieInfoIntervalSeconds	Set the interval to periodically check bookie info	86400
bookkeeperClientGetBookieInfoRetryIntervalSeconds	Set the interval to retry a failed bookie info lookup	60
bookkeeperEnableStickyReads	Enable/disable having read operations for a ledger to be sticky to a single bookie. If this flag is enabled, the client will use one single bookie (by preference) to read all entries for a ledger.	true
managedLedgerDefaultEnsembleSize	Number of bookies to use when creating a ledger	2
managedLedgerDefaultWriteQuorum	Number of copies to store for each message	2
managedLedgerDefaultAckQuorum	Number of guaranteed copies (acks to wait before write is complete)	2
managedLedgerCacheSizeMB	Amount of memory to use for caching data payload in managed ledger. This memory is allocated from JVM direct memory and it’s shared across all the topics running in the same broker. By default, uses 1/5th of available direct memory
managedLedgerCacheCopyEntries	Whether we should make a copy of the entry payloads when inserting in cache	false
managedLedgerCacheEvictionWatermark	Threshold to which bring down the cache level when eviction is triggered	0.9
managedLedgerCacheEvictionFrequency	Configure the cache eviction frequency for the managed ledger cache (evictions/sec)	100.0
managedLedgerCacheEvictionTimeThresholdMillis	All entries that have stayed in cache for more than the configured time, will be evicted	1000
managedLedgerCursorBackloggedThreshold	Configure the threshold (in number of entries) from where a cursor should be considered ‘backlogged’ and thus should be set as inactive.	1000
managedLedgerDefaultMarkDeleteRateLimit	Rate limit the amount of writes per second generated by consumer acking the messages	1.0
managedLedgerMaxEntriesPerLedger	The max number of entries to append to a ledger before triggering a rollover. A ledger rollover is triggered after the min rollover time has passed and one of the following conditions is true: The max rollover time has been reached The max entries have been written to the ledger The max ledger size has been written to the ledger	50000
managedLedgerMinLedgerRolloverTimeMinutes	Minimum time between ledger rollover for a topic	10
managedLedgerMaxLedgerRolloverTimeMinutes	Maximum time before forcing a ledger rollover for a topic	240
managedLedgerInactiveLedgerRolloverTimeSeconds	Time to rollover ledger for inactive topic	0
managedLedgerCursorMaxEntriesPerLedger	Max number of entries to append to a cursor ledger	50000
managedLedgerCursorRolloverTimeInSeconds	Max time before triggering a rollover on a cursor ledger	14400
managedLedgerMaxUnackedRangesToPersist	Max number of “acknowledgment holes” that are going to be persistently stored. When acknowledging out of order, a consumer will leave holes that are supposed to be quickly filled by acking all the messages. The information of which messages are acknowledged is persisted by compressing in “ranges” of messages that were acknowledged. After the max number of ranges is reached, the information will only be tracked in memory and messages will be redelivered in case of crashes.	1000
autoSkipNonRecoverableData	Skip reading non-recoverable/unreadable data-ledger under managed-ledger’s list.It helps when data-ledgers gets corrupted at bookkeeper and managed-cursor is stuck at that ledger.	false
loadBalancerEnabled	Enable load balancer	true
loadBalancerPlacementStrategy	Strategy to assign a new bundle weightedRandomSelection
loadBalancerReportUpdateThresholdPercentage	Percentage of change to trigger load report update	10
loadBalancerReportUpdateMaxIntervalMinutes	Maximum interval to update load report	15
loadBalancerHostUsageCheckIntervalMinutes	Frequency of report to collect	1
loadBalancerSheddingIntervalMinutes	Load shedding interval. Broker periodically checks whether some traffic should be offload from some over-loaded broker to other under-loaded brokers	30
loadBalancerSheddingGracePeriodMinutes	Prevent the same topics to be shed and moved to other broker more than once within this timeframe	30
loadBalancerBrokerMaxTopics	Usage threshold to allocate max number of topics to broker	50000
loadBalancerBrokerUnderloadedThresholdPercentage	Usage threshold to determine a broker as under-loaded	1
loadBalancerBrokerOverloadedThresholdPercentage	Usage threshold to determine a broker as over-loaded	85
loadBalancerResourceQuotaUpdateIntervalMinutes	Interval to update namespace bundle resource quota	15
loadBalancerBrokerComfortLoadLevelPercentage	Usage threshold to determine a broker is having just right level of load	65
loadBalancerAutoBundleSplitEnabled	enable/disable namespace bundle auto split	false
loadBalancerNamespaceBundleMaxTopics	maximum topics in a bundle, otherwise bundle split will be triggered	1000
loadBalancerNamespaceBundleMaxSessions	maximum sessions (producers + consumers) in a bundle, otherwise bundle split will be triggered	1000
loadBalancerNamespaceBundleMaxMsgRate	maximum msgRate (in + out) in a bundle, otherwise bundle split will be triggered	1000
loadBalancerNamespaceBundleMaxBandwidthMbytes	maximum bandwidth (in + out) in a bundle, otherwise bundle split will be triggered	100
loadBalancerNamespaceMaximumBundles	maximum number of bundles in a namespace	128
loadBalancerLoadSheddingStrategy	The shedding strategy of load balance. Available values: `org.apache.pulsar.broker.loadbalance.impl.ThresholdShedder` `org.apache.pulsar.broker.loadbalance.impl.OverloadShedder` `org.apache.pulsar.broker.loadbalance.impl.UniformLoadShedder` For the comparisons of the shedding strategies, see .	`org.apache.pulsar.broker.loadbalance.impl.ThresholdShedder`
replicationMetricsEnabled	Enable replication metrics	true
replicationConnectionsPerBroker	Max number of connections to open for each broker in a remote cluster More connections host-to-host lead to better throughput over high-latency links.	16
replicationProducerQueueSize	Replicator producer queue size	1000
replicatorPrefix	Replicator prefix used for replicator producer name and cursor name pulsar.repl
transactionCoordinatorEnabled	Whether to enable transaction coordinator in broker.	true
transactionMetadataStoreProviderClassName		org.apache.pulsar.transaction.coordinator.impl.InMemTransactionMetadataStoreProvider
defaultRetentionTimeInMinutes	Default message retention time	0
defaultRetentionSizeInMB	Default retention size	0
keepAliveIntervalSeconds	How often to check whether the connections are still alive	30
bootstrapNamespaces	The bootstrap name.	N/A
loadManagerClassName	Name of load manager to use	org.apache.pulsar.broker.loadbalance.impl.SimpleLoadManagerImpl
supportedNamespaceBundleSplitAlgorithms	Supported algorithms name for namespace bundle split	[range_equally_divide,topic_count_equally_divide]
defaultNamespaceBundleSplitAlgorithm	Default algorithm name for namespace bundle split	range_equally_divide
managedLedgerOffloadDriver	The directory for all the offloader implementations `offloadersDirectory=./offloaders`. Driver to use to offload old data to long term storage (Possible values: S3, aws-s3, google-cloud-storage). When using google-cloud-storage, Make sure both Google Cloud Storage and Google Cloud Storage JSON API are enabled for the project (check from Developers Console -> Api&auth -> APIs).
managedLedgerOffloadMaxThreads	Maximum number of thread pool threads for ledger offloading	2
managedLedgerOffloadPrefetchRounds	The maximum prefetch rounds for ledger reading for offloading.	1
managedLedgerUnackedRangesOpenCacheSetEnabled	Use Open Range-Set to cache unacknowledged messages	true
managedLedgerOffloadDeletionLagMs	Delay between a ledger being successfully offloaded to long term storage and the ledger being deleted from bookkeeper	14400000
managedLedgerOffloadAutoTriggerSizeThresholdBytes	The number of bytes before triggering automatic offload to long term storage	-1 (disabled)
s3ManagedLedgerOffloadRegion	For Amazon S3 ledger offload, AWS region
s3ManagedLedgerOffloadBucket	For Amazon S3 ledger offload, Bucket to place offloaded ledger into
s3ManagedLedgerOffloadServiceEndpoint	For Amazon S3 ledger offload, Alternative endpoint to connect to (useful for testing)
s3ManagedLedgerOffloadMaxBlockSizeInBytes	For Amazon S3 ledger offload, Max block size in bytes. (64MB by default, 5MB minimum)	67108864
s3ManagedLedgerOffloadReadBufferSizeInBytes	For Amazon S3 ledger offload, Read buffer size in bytes (1MB by default)	1048576
gcsManagedLedgerOffloadRegion	For Google Cloud Storage ledger offload, region where offload bucket is located. Go to this page for more details: https://cloud.google.com/storage/docs/bucket-locations .	N/A
gcsManagedLedgerOffloadBucket	For Google Cloud Storage ledger offload, Bucket to place offloaded ledger into.	N/A
gcsManagedLedgerOffloadMaxBlockSizeInBytes	For Google Cloud Storage ledger offload, the maximum block size in bytes. (64MB by default, 5MB minimum)	67108864
gcsManagedLedgerOffloadReadBufferSizeInBytes	For Google Cloud Storage ledger offload, Read buffer size in bytes. (1MB by default)	1048576
gcsManagedLedgerOffloadServiceAccountKeyFile	For Google Cloud Storage, path to json file containing service account credentials. For more details, see the “Service Accounts” section of .	N/A
fileSystemProfilePath	For File System Storage, file system profile path.	../conf/filesystem_offload_core_site.xml
fileSystemURI	For File System Storage, file system uri.	N/A
s3ManagedLedgerOffloadRole	For Amazon S3 ledger offload, provide a role to assume before writing to s3
s3ManagedLedgerOffloadRoleSessionName	For Amazon S3 ledger offload, provide a role session name when using a role	pulsar-s3-offload
acknowledgmentAtBatchIndexLevelEnabled	Enable or disable the batch index acknowledgement.	false
enableReplicatedSubscriptions	Whether to enable tracking of replicated subscriptions state across clusters.	true
replicatedSubscriptionsSnapshotFrequencyMillis	The frequency of snapshots for replicated subscriptions tracking.	1000
replicatedSubscriptionsSnapshotTimeoutSeconds	The timeout for building a consistent snapshot for tracking replicated subscriptions state.	30
replicatedSubscriptionsSnapshotMaxCachedPerSubscription	The maximum number of snapshot to be cached per subscription.	10
maxMessagePublishBufferSizeInMB	The maximum memory size for a broker to handle messages that are sent by producers. If the processing message size exceeds this value, the broker stops reading data from the connection. The processing messages refer to the messages that are sent to the broker but the broker has not sent response to the client. Usually the messages are waiting to be written to bookies. It is shared across all the topics running in the same broker. The value `-1` disables the memory limitation. By default, it is 50% of direct memory.	N/A
messagePublishBufferCheckIntervalInMillis	Interval between checks to see if message publish buffer size exceeds the maximum. Use `0` or negative number to disable the max publish buffer limiting.	100
retentionCheckIntervalInSeconds	Check between intervals to see if consumed ledgers need to be trimmed. Use 0 or negative number to disable the check.	120
maxMessageSize	Set the maximum size of a message.	5242880
preciseTopicPublishRateLimiterEnable	Enable precise topic publish rate limiting.	false
lazyCursorRecovery	Whether to recover cursors lazily when trying to recover a managed ledger backing a persistent topic. It can improve write availability of topics. The caveat is now when recovered ledger is ready to write we’re not sure if all old consumers’ last mark delete position(ack position) can be recovered or not. So user can make the trade off or have custom logic in application to checkpoint consumer state.	false
haProxyProtocolEnabled	Enable or disable the HAProxy protocol.	false
maxNamespacesPerTenant	The maximum number of namespaces that can be created in each tenant. When the number of namespaces reaches this threshold, the broker rejects the request of creating a new tenant. The default value 0 disables the check.	0
maxTopicsPerNamespace	The maximum number of persistent topics that can be created in the namespace. When the number of topics reaches this threshold, the broker rejects the request of creating a new topic, including the auto-created topics by the producer or consumer, until the number of connected consumers decreases. The default value 0 disables the check.	0
subscriptionTypesEnabled	Enable all subscription types, which are exclusive, shared, failover, and key_shared.	Exclusive, Shared, Failover, Key_Shared
managedLedgerInfoCompressionType	Compression type of managed ledger information. Available options are `NONE`, `LZ4`, `ZLIB`, `ZSTD`, and `SNAPPY`). If this value is `NONE` or invalid, the `managedLedgerInfo` is not compressed. Note that after enabling this configuration, if you want to degrade a broker, you need to change the value to `NONE` and make sure all ledger metadata is saved without compression.	None
additionalServlets	Additional servlet name. If you have multiple additional servlets, separate them by commas. For example, additionalServlet_1, additionalServlet_2	N/A
additionalServletDirectory	Location of broker additional servlet NAR directory	./brokerAdditionalServlet
brokerEntryMetadataInterceptors	Set broker entry metadata interceptors. Multiple interceptors should be separated by commas. Available values: org.apache.pulsar.common.intercept.AppendIndexMetadataInterceptor Example brokerEntryMetadataInterceptors=org.apache.pulsar.common.intercept.AppendBrokerTimestampMetadataInterceptor, org.apache.pulsar.common.intercept.AppendIndexMetadataInterceptor	N/A
enableExposingBrokerEntryMetadataToClient	Whether to expose broker entry metadata to client or not. Available values: true false Example enableExposingBrokerEntryMetadataToClient=true	false
strictBookieAffinityEnabled	Enable or disable the strict bookie isolation strategy. If enabled, - `bookie-ensemble` first tries to choose bookies that belong to a namespace’s affinity group. If the number of bookies is not enough, then the rest bookies are chosen. - If namespace has no affinity group, `bookie-ensemble` only chooses bookies that belong to no region. If the number of bookies is not enough, `BKNotEnoughBookiesException` is thrown.	false

Deprecated parameters of Broker

The following parameters have been deprecated in the conf/broker.conf file.

Name	Description	Default
backlogQuotaDefaultLimitGB	Use `backlogQuotaDefaultLimitBytes` instead.	-1
brokerServicePurgeInactiveFrequencyInSeconds	Use `brokerDeleteInactiveTopicsFrequencySeconds`.	60
tlsEnabled	Use `webServicePortTls` and `brokerServicePortTls` instead.	false
replicationTlsEnabled	Enable TLS when talking with other clusters to replicate messages. Use `brokerClientTlsEnabled` instead.	false
subscriptionKeySharedEnable	Whether to enable the Key_Shared subscription. Use `subscriptionTypesEnabled` instead.	true
zookeeperServers	Zookeeper quorum connection string. Use `metadataStoreUrl` instead.	N/A
configurationStoreServers	Configuration store connection string (as a comma-separated list). Use `configurationMetadataStoreUrl` instead.	N/A
zooKeeperSessionTimeoutMillis	Zookeeper session timeout in milliseconds. Use `metadataStoreSessionTimeoutMillis` instead.	30000
zooKeeperCacheExpirySeconds	ZooKeeper cache expiry time in seconds. Use `metadataStoreCacheExpirySeconds` instead.	300

Client

Name	Description	Default
webServiceUrl	The web URL for the cluster.
brokerServiceUrl	The Pulsar protocol URL for the cluster.	pulsar://localhost:6650/
authPlugin	The authentication plugin.
authParams	The authentication parameters for the cluster, as a comma-separated string.
useTls	Whether to enforce the TLS authentication in the cluster.	false
tlsAllowInsecureConnection	Allow TLS connections to servers whose certificate cannot be verified to have been signed by a trusted certificate authority.	false
tlsEnableHostnameVerification	Whether the server hostname must match the common name of the certificate that is used by the server.	false
tlsTrustCertsFilePath
useKeyStoreTls	Enable TLS with KeyStore type configuration in the broker.	false
tlsTrustStoreType	TLS TrustStore type configuration. JKS PKCS12	JKS
tlsTrustStore	TLS TrustStore path.
tlsTrustStorePassword	TLS TrustStore password.

You can set the log level and configuration in the log4j2.yaml file. The following logging configuration parameters are available.

Log4j shell

Name	Default
bookkeeper.root.logger	ERROR,CONSOLE
log4j.rootLogger	${bookkeeper.root.logger}
log4j.appender.CONSOLE	org.apache.log4j.ConsoleAppender
log4j.appender.CONSOLE.Threshold	DEBUG
log4j.appender.CONSOLE.layout	org.apache.log4j.PatternLayout
log4j.appender.CONSOLE.layout.ConversionPattern	%d{ABSOLUTE} %-5p %m%n
log4j.logger.org.apache.zookeeper	ERROR
log4j.logger.org.apache.bookkeeper	ERROR
log4j.logger.org.apache.bookkeeper.bookie.BookieShell	INFO

Standalone

Name	Description	Default
authenticateOriginalAuthData	If this flag is set to `true`, the broker authenticates the original Auth data; else it just accepts the originalPrincipal and authorizes it (if required).	false
metadataStoreUrl	The quorum connection string for local metadata store
metadataStoreCacheExpirySeconds	Metadata store cache expiry time in seconds	300
configurationMetadataStoreUrl	Configuration store connection string (as a comma-separated list)
brokerServicePort	The port on which the standalone broker listens for connections	6650
webServicePort	The port used by the standalone broker for HTTP requests	8080
bindAddress	The hostname or IP address on which the standalone service binds	0.0.0.0
bindAddresses	Additional Hostname or IP addresses the service binds on: `listener_name:scheme://host:port,…`.
advertisedAddress	The hostname or IP address that the standalone service advertises to the outside world. If not set, the value of `InetAddress.getLocalHost().getHostName()` is used.
numAcceptorThreads	Number of threads to use for Netty Acceptor	1
numIOThreads	Number of threads to use for Netty IO	2 Runtime.getRuntime().availableProcessors()
numHttpServerThreads	Number of threads to use for HTTP requests processing	2 Runtime.getRuntime().availableProcessors()
isRunningStandalone	This flag controls features that are meant to be used when running in standalone mode.	N/A
clusterName	The name of the cluster that this broker belongs to.	standalone
failureDomainsEnabled	Enable cluster’s failure-domain which can distribute brokers into logical region.	false
metadataStoreSessionTimeoutMillis	Metadata store session timeout, in milliseconds.	30000
metadataStoreOperationTimeoutSeconds	Metadata store operation timeout in seconds.	30
brokerShutdownTimeoutMs	The time to wait for graceful broker shutdown. After this time elapses, the process will be killed.	60000
skipBrokerShutdownOnOOM	Flag to skip broker shutdown when broker handles Out of memory error.	false
backlogQuotaCheckEnabled	Enable the backlog quota check, which enforces a specified action when the quota is reached.	true
backlogQuotaCheckIntervalInSeconds	How often to check for topics that have reached the backlog quota.	60
backlogQuotaDefaultLimitBytes	The default per-topic backlog quota limit. Being less than 0 means no limitation. By default, it is -1.	-1
ttlDurationDefaultInSeconds	The default Time to Live (TTL) for namespaces if the TTL is not configured at namespace policies. When the value is set to `0`, TTL is disabled. By default, TTL is disabled.	0
brokerDeleteInactiveTopicsEnabled	Enable the deletion of inactive topics. If topics are not consumed for some while, these inactive topics might be cleaned up. Deleting inactive topics is enabled by default. The default period is 1 minute.	true
brokerDeleteInactiveTopicsFrequencySeconds	How often to check for inactive topics, in seconds.	60
maxPendingPublishRequestsPerConnection	Maximum pending publish requests per connection to avoid keeping large number of pending requests in memory	1000
messageExpiryCheckIntervalInMinutes	How often to proactively check and purged expired messages.	5
activeConsumerFailoverDelayTimeMillis	How long to delay rewinding cursor and dispatching messages when active consumer is changed.	1000
subscriptionExpirationTimeMinutes	How long to delete inactive subscriptions from last consumption. When it is set to 0, inactive subscriptions are not deleted automatically	0
subscriptionRedeliveryTrackerEnabled	Enable subscription message redelivery tracker to send redelivery count to consumer.	true
subscriptionKeySharedUseConsistentHashing	In Key_Shared subscription type, with default AUTO_SPLIT mode, use splitting ranges or consistent hashing to reassign keys to new consumers.	false
subscriptionKeySharedConsistentHashingReplicaPoints	In Key_Shared subscription type, the number of points in the consistent-hashing ring. The greater the number, the more equal the assignment of keys to consumers.	100
subscriptionExpiryCheckIntervalInMinutes	How frequently to proactively check and purge expired subscription	5
brokerDeduplicationEnabled	Set the default behavior for message deduplication in the broker. This can be overridden per-namespace. If it is enabled, the broker rejects messages that are already stored in the topic.	false
brokerDeduplicationMaxNumberOfProducers	Maximum number of producer information that it’s going to be persisted for deduplication purposes	10000
brokerDeduplicationEntriesInterval	Number of entries after which a deduplication information snapshot is taken. A greater interval leads to less snapshots being taken though it would increase the topic recovery time, when the entries published after the snapshot need to be replayed.	1000
brokerDeduplicationProducerInactivityTimeoutMinutes	The time of inactivity (in minutes) after which the broker discards deduplication information related to a disconnected producer.	360
defaultNumberOfNamespaceBundles	When a namespace is created without specifying the number of bundles, this value is used as the default setting.	4
clientLibraryVersionCheckEnabled	Enable checks for minimum allowed client library version.	false
clientLibraryVersionCheckAllowUnversioned	Allow client libraries with no version information	true
statusFilePath	The path for the file used to determine the rotation status for the broker when responding to service discovery health checks	/usr/local/apache/htdocs
maxUnackedMessagesPerConsumer	The maximum number of unacknowledged messages allowed to be received by consumers on a shared subscription. The broker will stop sending messages to a consumer once this limit is reached or until the consumer begins acknowledging messages. A value of 0 disables the unacked message limit check and thus allows consumers to receive messages without any restrictions.	50000
maxUnackedMessagesPerSubscription	The same as above, except per subscription rather than per consumer.	200000
maxUnackedMessagesPerBroker	Maximum number of unacknowledged messages allowed per broker. Once this limit reaches, the broker stops dispatching messages to all shared subscriptions which has a higher number of unacknowledged messages until subscriptions start acknowledging messages back and unacknowledged messages count reaches to limit/2. When the value is set to 0, unacknowledged message limit check is disabled and broker does not block dispatchers.	0
maxUnackedMessagesPerSubscriptionOnBrokerBlocked	Once the broker reaches maxUnackedMessagesPerBroker limit, it blocks subscriptions which have higher unacknowledged messages than this percentage limit and subscription does not receive any new messages until that subscription acknowledges messages back.	0.16
unblockStuckSubscriptionEnabled	Broker periodically checks if subscription is stuck and unblock if flag is enabled.	false
topicPublisherThrottlingTickTimeMillis	Tick time to schedule task that checks topic publish rate limiting across all topics. A lower value can improve accuracy while throttling publish but it uses more CPU to perform frequent check. (Disable publish throttling with value 0)	10
brokerPublisherThrottlingTickTimeMillis	Tick time to schedule task that checks broker publish rate limiting across all topics. A lower value can improve accuracy while throttling publish but it uses more CPU to perform frequent check. When the value is set to 0, publish throttling is disabled.	50
brokerPublisherThrottlingMaxMessageRate	Maximum rate (in 1 second) of messages allowed to publish for a broker if the message rate limiting is enabled. When the value is set to 0, message rate limiting is disabled.	0
brokerPublisherThrottlingMaxByteRate	Maximum rate (in 1 second) of bytes allowed to publish for a broker if the byte rate limiting is enabled. When the value is set to 0, the byte rate limiting is disabled.	0
subscribeThrottlingRatePerConsumer	Too many subscribe requests from a consumer can cause broker rewinding consumer cursors and loading data from bookies, hence causing high network bandwidth usage. When the positive value is set, broker will throttle the subscribe requests for one consumer. Otherwise, the throttling will be disabled. By default, throttling is disabled.	0
subscribeRatePeriodPerConsumerInSecond	Rate period for {subscribeThrottlingRatePerConsumer}. By default, it is 30s.	30
dispatchThrottlingRateInMsg	Dispatch throttling-limit of messages for a broker (per second). 0 means the dispatch throttling-limit is disabled.	0
dispatchThrottlingRateInByte	Dispatch throttling-limit of bytes for a broker (per second). 0 means the dispatch throttling-limit is disabled.	0
dispatchThrottlingRatePerTopicInMsg	Default messages (per second) dispatch throttling-limit for every topic. When the value is set to 0, default message dispatch throttling-limit is disabled.	0
dispatchThrottlingRatePerTopicInByte	Default byte (per second) dispatch throttling-limit for every topic. When the value is set to 0, default byte dispatch throttling-limit is disabled.	0
dispatchThrottlingOnBatchMessageEnabled	Apply dispatch rate limiting on batch message instead individual messages with in batch message. (Default is disabled).	false
dispatchThrottlingRateRelativeToPublishRate	Enable dispatch rate-limiting relative to publish rate.	false
dispatchThrottlingRatePerSubscriptionInMsg	The defaulted number of message dispatching throttling-limit for a subscription. The value of 0 disables message dispatch-throttling.	0
dispatchThrottlingRatePerSubscriptionInByte	The default number of message-bytes dispatching throttling-limit for a subscription. The value of 0 disables message-byte dispatch-throttling.	0
dispatchThrottlingRatePerReplicatorInMsg	Dispatch throttling-limit of messages for every replicator in replication (per second). 0 means the dispatch throttling-limit in replication is disabled.	0
dispatchThrottlingRatePerReplicatorInByte	Dispatch throttling-limit of bytes for every replicator in replication (per second). 0 means the dispatch throttling-limit is disabled.	0
dispatchThrottlingOnNonBacklogConsumerEnabled	Enable dispatch-throttling for both caught up consumers as well as consumers who have backlogs.	true
dispatcherMaxReadBatchSize	The maximum number of entries to read from BookKeeper. By default, it is 100 entries.	100
dispatcherMaxReadSizeBytes	The maximum size in bytes of entries to read from BookKeeper. By default, it is 5MB.	5242880
dispatcherMinReadBatchSize	The minimum number of entries to read from BookKeeper. By default, it is 1 entry. When there is an error occurred on reading entries from bookkeeper, the broker will backoff the batch size to this minimum number.	1
dispatcherMaxRoundRobinBatchSize	The maximum number of entries to dispatch for a shared subscription. By default, it is 20 entries.	20
preciseDispatcherFlowControl	Precise dispathcer flow control according to history message number of each entry.	false
streamingDispatch	Whether to use streaming read dispatcher. It can be useful when there’s a huge backlog to drain and instead of read with micro batch we can streamline the read from bookkeeper to make the most of consumer capacity till we hit bookkeeper read limit or consumer process limit, then we can use consumer flow control to tune the speed. This feature is currently in preview and can be changed in subsequent release.	false
maxConcurrentLookupRequest	Maximum number of concurrent lookup request that the broker allows to throttle heavy incoming lookup traffic.	50000
maxConcurrentTopicLoadRequest	Maximum number of concurrent topic loading request that the broker allows to control the number of zk-operations.	5000
maxConcurrentNonPersistentMessagePerConnection	Maximum number of concurrent non-persistent message that can be processed per connection.	1000
numWorkerThreadsForNonPersistentTopic	Number of worker threads to serve non-persistent topic.	8
enablePersistentTopics	Enable broker to load persistent topics.	true
enableNonPersistentTopics	Enable broker to load non-persistent topics.	true
maxSubscriptionsPerTopic	Maximum number of subscriptions allowed to subscribe to a topic. Once this limit reaches, the broker rejects new subscriptions until the number of subscriptions decreases. When the value is set to 0, the limit check is disabled.	0
maxProducersPerTopic	Maximum number of producers allowed to connect to a topic. Once this limit reaches, the broker rejects new producers until the number of connected producers decreases. When the value is set to 0, the limit check is disabled.	0
maxConsumersPerTopic	Maximum number of consumers allowed to connect to a topic. Once this limit reaches, the broker rejects new consumers until the number of connected consumers decreases. When the value is set to 0, the limit check is disabled.	0
maxConsumersPerSubscription	Maximum number of consumers allowed to connect to a subscription. Once this limit reaches, the broker rejects new consumers until the number of connected consumers decreases. When the value is set to 0, the limit check is disabled.	0
maxNumPartitionsPerPartitionedTopic	Maximum number of partitions per partitioned topic. When the value is set to a negative number or is set to 0, the check is disabled.	0
metadataStoreBatchingEnabled	Enable metadata operations batching.	true
metadataStoreBatchingMaxDelayMillis	Maximum delay to impose on batching grouping.	5
metadataStoreBatchingMaxOperations	Maximum number of operations to include in a singular batch.	1000
metadataStoreBatchingMaxSizeKb	Maximum size of a batch.	128
tlsCertRefreshCheckDurationSec	TLS certificate refresh duration in seconds. When the value is set to 0, check the TLS certificate on every new connection.	300
tlsCertificateFilePath	Path for the TLS certificate file.
tlsKeyFilePath	Path for the TLS private key file.
tlsTrustCertsFilePath	Path for the trusted TLS certificate file.
tlsAllowInsecureConnection	Accept untrusted TLS certificate from the client. If it is set to true, a client with a certificate which cannot be verified with the ‘tlsTrustCertsFilePath’ certificate is allowed to connect to the server, though the certificate is not be used for client authentication.	false
tlsProtocols	Specify the TLS protocols the broker uses to negotiate during TLS handshake.
tlsCiphers	Specify the TLS cipher the broker uses to negotiate during TLS Handshake.
tlsRequireTrustedClientCertOnConnect	Trusted client certificates are required for to connect TLS. Reject the Connection if the client certificate is not trusted. In effect, this requires that all connecting clients perform TLS client authentication.	false
tlsEnabledWithKeyStore	Enable TLS with KeyStore type configuration in broker.	false
tlsProvider	TLS Provider for KeyStore type.
tlsKeyStoreType	TLS KeyStore type configuration in the broker. JKS PKCS12	JKS
tlsKeyStore	TLS KeyStore path in the broker.
tlsKeyStorePassword	TLS KeyStore password for the broker.
tlsTrustStoreType	TLS TrustStore type configuration in the broker JKS PKCS12	JKS
tlsTrustStore	TLS TrustStore path in the broker.
tlsTrustStorePassword	TLS TrustStore password for the broker.
brokerClientTlsEnabledWithKeyStore	Configure whether the internal client uses the KeyStore type to authenticate with Pulsar brokers.	false
brokerClientSslProvider	The TLS Provider used by the internal client to authenticate with other Pulsar brokers.
brokerClientTlsTrustStoreType	TLS TrustStore type configuration for the internal client to authenticate with Pulsar brokers. JKS PKCS12	JKS
brokerClientTlsTrustStore	TLS TrustStore path for the internal client to authenticate with Pulsar brokers.
brokerClientTlsTrustStorePassword	TLS TrustStore password for the internal client to authenticate with Pulsar brokers.
brokerClientTlsCiphers	Specify the TLS cipher that the internal client uses to negotiate during TLS Handshake.
brokerClientTlsProtocols	Specify the TLS protocols that the broker uses to negotiate during TLS handshake.
systemTopicEnabled	Enable/Disable system topics.	false
topicLevelPoliciesEnabled	Enable or disable topic level policies. Topic level policies depends on the system topic. Please enable the system topic first.	false
topicFencingTimeoutSeconds	If a topic remains fenced for a certain time period (in seconds), it is closed forcefully. If set to 0 or a negative number, the fenced topic is not closed.	0
proxyRoles	Role names that are treated as “proxy roles”. If the broker sees a request with role as proxyRoles, it demands to see a valid original principal.
authenticationEnabled	Enable authentication for the broker.	false
authenticationProviders	A comma-separated list of class names for authentication providers.	false
authorizationEnabled	Enforce authorization in brokers.	false
authorizationProvider	Authorization provider fully qualified class-name.	org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider
authorizationAllowWildcardsMatching	Allow wildcard matching in authorization. Wildcard matching is applicable only when the wildcard-character () presents at the first* or last position.	false
superUserRoles	Role names that are treated as “superusers.” Superusers are authorized to perform all admin tasks.
brokerClientAuthenticationPlugin	The authentication settings of the broker itself. Used when the broker connects to other brokers either in the same cluster or from other clusters.
brokerClientAuthenticationParameters	The parameters that go along with the plugin specified using brokerClientAuthenticationPlugin.
athenzDomainNames	Supported Athenz authentication provider domain names as a comma-separated list.
anonymousUserRole	When this parameter is not empty, unauthenticated users perform as anonymousUserRole.
tokenSettingPrefix	Configure the prefix of the token related setting like `tokenSecretKey`, `tokenPublicKey`, `tokenAuthClaim`, `tokenPublicAlg`, `tokenAudienceClaim`, and `tokenAudience`.
tokenSecretKey	Configure the secret key to be used to validate auth tokens. The key can be specified like: `tokenSecretKey=data:;base64,xxxxxxxxx` or `tokenSecretKey=file:///my/secret.key`. Note: key file must be DER-encoded.
tokenPublicKey	Configure the public key to be used to validate auth tokens. The key can be specified like: or `tokenPublicKey=file:///my/secret.key`. Note: key file must be DER-encoded.
tokenAuthClaim	Specify the token claim that will be used as the authentication “principal” or “role”. The “subject” field will be used if this is left blank
tokenAudienceClaim	The token audience “claim” name, e.g. “aud”. It is used to get the audience from token. If it is not set, the audience is not verified.
tokenAudience	The token audience stands for this broker. The field `tokenAudienceClaim` of a valid token need contains this parameter.
saslJaasClientAllowedIds	This is a regexp, which limits the range of possible ids which can connect to the Broker using SASL. By default, it is set to `SaslConstants.JAAS_CLIENT_ALLOWED_IDS_DEFAULT`, which is “.pulsar.“, so only clients whose id contains ‘pulsar’ are allowed to connect.	N/A
saslJaasBrokerSectionName	Service Principal, for login context name. By default, it is set to `SaslConstants.JAAS_DEFAULT_BROKER_SECTION_NAME`, which is “Broker”.	N/A
httpMaxRequestSize	If the value is larger than 0, it rejects all HTTP requests with bodies larged than the configured limit.	-1
exposePreciseBacklogInPrometheus	Enable expose the precise backlog stats, set false to use published counter and consumed counter to calculate, this would be more efficient but may be inaccurate.	false
bookkeeperMetadataServiceUri	Metadata service uri is what BookKeeper used for loading corresponding metadata driver and resolving its metadata service location. This value can be fetched using `bookkeeper shell whatisinstanceid` command in BookKeeper cluster. For example: `zk+hierarchical://localhost:2181/ledgers`. The metadata service uri list can also be semicolon separated values like: `zk+hierarchical://zk1:2181;zk2:2181;zk3:2181/ledgers`.	N/A
bookkeeperClientAuthenticationPlugin	Authentication plugin to be used when connecting to bookies (BookKeeper servers).
bookkeeperClientAuthenticationParametersName	BookKeeper authentication plugin implementation parameters and values.
bookkeeperClientAuthenticationParameters	Parameters associated with the bookkeeperClientAuthenticationParametersName
bookkeeperClientNumWorkerThreads	Number of BookKeeper client worker threads. Default is Runtime.getRuntime().availableProcessors()
bookkeeperClientTimeoutInSeconds	Timeout for BookKeeper add and read operations.	30
bookkeeperClientSpeculativeReadTimeoutInMillis	Speculative reads are initiated if a read request doesn’t complete within a certain time. A value of 0 disables speculative reads.	0
bookkeeperUseV2WireProtocol	Use older Bookkeeper wire protocol with bookie.	true
bookkeeperClientHealthCheckEnabled	Enable bookie health checks.	true
bookkeeperClientHealthCheckIntervalSeconds	The time interval, in seconds, at which health checks are performed. New ledgers are not created during health checks.	60
bookkeeperClientHealthCheckErrorThresholdPerInterval	Error threshold for health checks.	5
bookkeeperClientHealthCheckQuarantineTimeInSeconds	If bookies have more than the allowed number of failures within the time interval specified by bookkeeperClientHealthCheckIntervalSeconds	1800
bookkeeperClientGetBookieInfoIntervalSeconds	Specify options for the GetBookieInfo check. This setting helps ensure the list of bookies that are up to date on the brokers.	86400
bookkeeperClientGetBookieInfoRetryIntervalSeconds	Specify options for the GetBookieInfo check. This setting helps ensure the list of bookies that are up to date on the brokers.	60
bookkeeperClientRackawarePolicyEnabled		true
bookkeeperClientRegionawarePolicyEnabled		false
bookkeeperClientMinNumRacksPerWriteQuorum		2
bookkeeperClientMinNumRacksPerWriteQuorum		false
bookkeeperClientReorderReadSequenceEnabled		false
bookkeeperClientIsolationGroups
bookkeeperClientSecondaryIsolationGroups	Enable bookie secondary-isolation group if bookkeeperClientIsolationGroups doesn’t have enough bookie available.
bookkeeperClientMinAvailableBookiesInIsolationGroups	Minimum bookies that should be available as part of bookkeeperClientIsolationGroups else broker will include bookkeeperClientSecondaryIsolationGroups bookies in isolated list.
bookkeeperTLSProviderFactoryClass	Set the client security provider factory class name.	org.apache.bookkeeper.tls.TLSContextFactory
bookkeeperTLSClientAuthentication	Enable TLS authentication with bookie.	false
bookkeeperTLSKeyFileType	Supported type: PEM, JKS, PKCS12.	PEM
bookkeeperTLSTrustCertTypes	Supported type: PEM, JKS, PKCS12.	PEM
bookkeeperTLSKeyStorePasswordPath	Path to file containing keystore password, if the client keystore is password protected.
bookkeeperTLSTrustStorePasswordPath	Path to file containing truststore password, if the client truststore is password protected.
bookkeeperTLSKeyFilePath	Path for the TLS private key file.
bookkeeperTLSCertificateFilePath	Path for the TLS certificate file.
bookkeeperTLSTrustCertsFilePath	Path for the trusted TLS certificate file.
bookkeeperTlsCertFilesRefreshDurationSeconds	Tls cert refresh duration at bookKeeper-client in seconds (0 to disable check).
bookkeeperDiskWeightBasedPlacementEnabled	Enable/Disable disk weight based placement.	false
bookkeeperExplicitLacIntervalInMills	Set the interval to check the need for sending an explicit LAC. When the value is set to 0, no explicit LAC is sent.	0
bookkeeperClientExposeStatsToPrometheus	Expose BookKeeper client managed ledger stats to Prometheus.	false
managedLedgerDefaultEnsembleSize		1
managedLedgerDefaultWriteQuorum		1
managedLedgerDefaultAckQuorum		1
managedLedgerDigestType	Default type of checksum to use when writing to BookKeeper.	CRC32C
managedLedgerNumSchedulerThreads	Number of threads to be used for managed ledger scheduled tasks.	Runtime.getRuntime().availableProcessors()
managedLedgerCacheSizeMB		N/A
managedLedgerCacheCopyEntries	Whether to copy the entry payloads when inserting in cache.	false
managedLedgerCacheEvictionWatermark		0.9
managedLedgerCacheEvictionFrequency	Configure the cache eviction frequency for the managed ledger cache (evictions/sec)	100.0
managedLedgerCacheEvictionTimeThresholdMillis	All entries that have stayed in cache for more than the configured time, will be evicted	1000
managedLedgerCursorBackloggedThreshold	Configure the threshold (in number of entries) from where a cursor should be considered ‘backlogged’ and thus should be set as inactive.	1000
managedLedgerUnackedRangesOpenCacheSetEnabled	Use Open Range-Set to cache unacknowledged messages	true
managedLedgerDefaultMarkDeleteRateLimit		0.1
managedLedgerMaxEntriesPerLedger		50000
managedLedgerMinLedgerRolloverTimeMinutes		10
managedLedgerMaxLedgerRolloverTimeMinutes		240
managedLedgerCursorMaxEntriesPerLedger		50000
managedLedgerCursorRolloverTimeInSeconds		14400
managedLedgerMaxSizePerLedgerMbytes	Maximum ledger size before triggering a rollover for a topic.	2048
managedLedgerMaxUnackedRangesToPersist	Maximum number of “acknowledgment holes” that are going to be persistently stored. When acknowledging out of order, a consumer leaves holes that are supposed to be quickly filled by acknowledging all the messages. The information of which messages are acknowledged is persisted by compressing in “ranges” of messages that were acknowledged. After the max number of ranges is reached, the information is only tracked in memory and messages are redelivered in case of crashes.	10000
managedLedgerMaxUnackedRangesToPersistInZooKeeper	Maximum number of “acknowledgment holes” that can be stored in Zookeeper. If the number of unacknowledged message range is higher than this limit, the broker persists unacknowledged ranges into bookkeeper to avoid additional data overhead into Zookeeper.	1000
autoSkipNonRecoverableData		false
managedLedgerMetadataOperationsTimeoutSeconds	Operation timeout while updating managed-ledger metadata.	60
managedLedgerReadEntryTimeoutSeconds	Read entries timeout when the broker tries to read messages from BookKeeper.	0
managedLedgerAddEntryTimeoutSeconds	Add entry timeout when the broker tries to publish message to BookKeeper.	0
managedLedgerNewEntriesCheckDelayInMillis	New entries check delay for the cursor under the managed ledger. If no new messages in the topic, the cursor tries to check again after the delay time. For consumption latency sensitive scenario, you can set the value to a smaller value or 0. Of course, a smaller value may degrade consumption throughput.	10 ms
managedLedgerPrometheusStatsLatencyRolloverSeconds	Managed ledger prometheus stats latency rollover seconds.	60
managedLedgerTraceTaskExecution	Whether to trace managed ledger task execution time.	true
managedLedgerNewEntriesCheckDelayInMillis	New entries check delay for the cursor under the managed ledger. If no new messages in the topic, the cursor will try to check again after the delay time. For consumption latency sensitive scenario, it can be set to a smaller value or 0. A smaller value degrades consumption throughput. By default, it is 10ms.	10
loadBalancerEnabled		false
loadBalancerPlacementStrategy		weightedRandomSelection
loadBalancerReportUpdateThresholdPercentage		10
loadBalancerReportUpdateMaxIntervalMinutes		15
loadBalancerHostUsageCheckIntervalMinutes		1
loadBalancerSheddingIntervalMinutes		30
loadBalancerSheddingGracePeriodMinutes		30
loadBalancerBrokerMaxTopics		50000
loadBalancerBrokerUnderloadedThresholdPercentage		1
loadBalancerBrokerOverloadedThresholdPercentage		85
loadBalancerResourceQuotaUpdateIntervalMinutes		15
loadBalancerBrokerComfortLoadLevelPercentage		65
loadBalancerAutoBundleSplitEnabled		false
loadBalancerAutoUnloadSplitBundlesEnabled	Enable/Disable automatic unloading of split bundles.	true
loadBalancerNamespaceBundleMaxTopics		1000
loadBalancerNamespaceBundleMaxSessions	Maximum sessions (producers + consumers) in a bundle, otherwise bundle split will be triggered. To disable the threshold check, set the value to -1.	1000
loadBalancerNamespaceBundleMaxMsgRate		1000
loadBalancerNamespaceBundleMaxBandwidthMbytes		100
loadBalancerNamespaceMaximumBundles		128
loadBalancerBrokerThresholdShedderPercentage	The broker resource usage threshold. When the broker resource usage is greater than the pulsar cluster average resource usage, the threshold shedder is triggered to offload bundles from the broker. It only takes effect in the ThresholdShedder strategy.	10
loadBalancerMsgRateDifferenceShedderThreshold	Message-rate percentage threshold between highest and least loaded brokers for uniform load shedding.	50
loadBalancerMsgThroughputMultiplierDifferenceShedderThreshold	Message-throughput threshold between highest and least loaded brokers for uniform load shedding.	4
loadBalancerHistoryResourcePercentage	The history usage when calculating new resource usage. It only takes effect in the ThresholdShedder strategy.	0.9
loadBalancerBandwithInResourceWeight	The BandWithIn usage weight when calculating new resource usage. It only takes effect in the ThresholdShedder strategy.	1.0
loadBalancerBandwithOutResourceWeight	The BandWithOut usage weight when calculating new resource usage. It only takes effect in the ThresholdShedder strategy.	1.0
loadBalancerCPUResourceWeight	The CPU usage weight when calculating new resource usage. It only takes effect in the ThresholdShedder strategy.	1.0
loadBalancerMemoryResourceWeight	The heap memory usage weight when calculating new resource usage. It only takes effect in the ThresholdShedder strategy.	1.0
loadBalancerDirectMemoryResourceWeight	The direct memory usage weight when calculating new resource usage. It only takes effect in the ThresholdShedder strategy.	1.0
loadBalancerBundleUnloadMinThroughputThreshold	Bundle unload minimum throughput threshold. Avoid bundle unload frequently. It only takes effect in the ThresholdShedder strategy.	10
namespaceBundleUnloadingTimeoutMs	Time to wait for the unloading of a namespace bundle in milliseconds.	60000
replicationMetricsEnabled		true
replicationConnectionsPerBroker		16
replicationProducerQueueSize		1000
replicationPolicyCheckDurationSeconds	Duration to check replication policy to avoid replicator inconsistency due to missing ZooKeeper watch. When the value is set to 0, disable checking replication policy.	600
defaultRetentionTimeInMinutes		0
defaultRetentionSizeInMB		0
keepAliveIntervalSeconds		30
haProxyProtocolEnabled	Enable or disable the protocol.	false
bookieId	If you want to custom a bookie ID or use a dynamic network address for a bookie, you can set the `bookieId`. Bookie advertises itself using the `bookieId` rather than the `BookieSocketAddress` (`hostname:port` or `IP:port`). The `bookieId` is a non-empty string that can contain ASCII digits and letters ([a-zA-Z9-0]), colons, dashes, and dots. For more information about `bookieId`, see here.	/
maxTopicsPerNamespace	The maximum number of persistent topics that can be created in the namespace. When the number of topics reaches this threshold, the broker rejects the request of creating a new topic, including the auto-created topics by the producer or consumer, until the number of connected consumers decreases. The default value 0 disables the check.	0
metadataStoreConfigPath	The configuration file path of the local metadata store. Standalone Pulsar uses as the local metadata store. The format is `/xxx/xx/rocksdb.ini`.	N/A
schemaRegistryStorageClassName	The schema storage implementation used by this broker.	org.apache.pulsar.broker.service.schema.BookkeeperSchemaStorageFactory
isSchemaValidationEnforced	Whether to enable schema validation, when schema validation is enabled, if a producer without a schema attempts to produce the message to a topic with schema, the producer is rejected and disconnected.	false
isAllowAutoUpdateSchemaEnabled	Allow schema to be auto updated at broker level.	true
schemaCompatibilityStrategy	The schema compatibility strategy at broker level, see here for available values.	FULL
systemTopicSchemaCompatibilityStrategy	The schema compatibility strategy is used for system topics, see for available values.	ALWAYS_COMPATIBLE

Deprecated parameters of standalone Pulsar

The following parameters have been deprecated in the conf/standalone.conf file.

Name	Description	Default
zookeeperServers	The quorum connection string for local metadata store. Use `metadataStoreUrl` instead.	N/A
configurationStoreServers	Configuration store connection string (as a comma-separated list). Use `configurationMetadataStoreUrl` instead.	N/A
zooKeeperOperationTimeoutSeconds	ZooKeeper operation timeout in seconds. Use `metadataStoreOperationTimeoutSeconds` instead.	30
zooKeeperCacheExpirySeconds	ZooKeeper cache expiry time in seconds. Use `metadataStoreCacheExpirySeconds` instead.	300
zooKeeperSessionTimeoutMillis	The ZooKeeper session timeout, in milliseconds. Use `metadataStoreSessionTimeoutMillis` instead.	30000

Deprecated parameters of WebSocket

Name	Description	Default
zooKeeperSessionTimeoutMillis	The ZooKeeper session timeout in milliseconds. Use `metadataStoreSessionTimeoutMillis` instead.	30000
zooKeeperCacheExpirySeconds	ZooKeeper cache expiry time in seconds. Use `metadataStoreCacheExpirySeconds` instead.	300
configurationStoreServers	Configuration Store connection string. Use `configurationMetadataStoreUrl` instead.	N/A

Pulsar proxy

The can be configured in the conf/proxy.conf file.

Name	Description	Default
forwardAuthorizationCredentials	Forward client authorization credentials to Broker for re-authorization, and make sure authentication is enabled for this to take effect.	false
metadataStoreUrl	Metadata store quorum connection string (as a comma-separated list)
configurationMetadataStoreUrl	Configuration store connection string (as a comma-separated list)
brokerServiceURL	The service URL pointing to the broker cluster. Must begin with `pulsar://`.
brokerServiceURLTLS	The TLS service URL pointing to the broker cluster. Must begin with `pulsar+ssl://`.
brokerWebServiceURL	The Web service URL pointing to the broker cluster
brokerWebServiceURLTLS	The TLS Web service URL pointing to the broker cluster
functionWorkerWebServiceURL	The Web service URL pointing to the function worker cluster. It is only configured when you setup function workers in a separate cluster.
functionWorkerWebServiceURLTLS	The TLS Web service URL pointing to the function worker cluster. It is only configured when you setup function workers in a separate cluster.
metadataStoreSessionTimeoutMillis	Metadata store session timeout (in milliseconds)	30000
metadataStoreCacheExpirySeconds	Metadata store cache expiry time in seconds	300
advertisedAddress	Hostname or IP address the service advertises to the outside world. If not set, the value of `InetAddress.getLocalHost().getHostname()` is used.	N/A
servicePort	The port to use for server binary Protobuf requests	6650
servicePortTls	The port to use to server binary Protobuf TLS requests	6651
statusFilePath	Path for the file used to determine the rotation status for the proxy instance when responding to service discovery health checks
proxyLogLevel	Proxy log level 0: Do not log any TCP channel information. 1: Parse and log any TCP channel information and command information without message body. 2: Parse and log channel information, command information and message body.	0
authenticationEnabled	Whether authentication is enabled for the Pulsar proxy	false
authenticateMetricsEndpoint	Whether the ‘/metrics’ endpoint requires authentication. Defaults to true. ‘authenticationEnabled’ must also be set for this to take effect.	true
authenticationProviders	Authentication provider name list (a comma-separated list of class names)
authorizationEnabled	Whether authorization is enforced by the Pulsar proxy	false
authorizationProvider	Authorization provider as a fully qualified class name	org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider
anonymousUserRole	When this parameter is not empty, unauthenticated users perform as anonymousUserRole.
brokerClientAuthenticationPlugin	The authentication plugin used by the Pulsar proxy to authenticate with Pulsar brokers
brokerClientAuthenticationParameters	The authentication parameters used by the Pulsar proxy to authenticate with Pulsar brokers
brokerClientTrustCertsFilePath	The path to trusted certificates used by the Pulsar proxy to authenticate with Pulsar brokers
superUserRoles	Role names that are treated as “super-users,” meaning that they will be able to perform all admin
maxConcurrentInboundConnections	Max concurrent inbound connections. The proxy will reject requests beyond that.	10000
maxConcurrentLookupRequests	Max concurrent outbound connections. The proxy will error out requests beyond that.	50000
tlsEnabledWithBroker	Whether TLS is enabled when communicating with Pulsar brokers.	false
tlsCertRefreshCheckDurationSec	TLS certificate refresh duration in seconds. If the value is set 0, check TLS certificate every new connection.	300
tlsCertificateFilePath	Path for the TLS certificate file
tlsKeyFilePath	Path for the TLS private key file
tlsTrustCertsFilePath	Path for the trusted TLS certificate pem file
tlsHostnameVerificationEnabled	Whether the hostname is validated when the proxy creates a TLS connection with brokers	false
tlsRequireTrustedClientCertOnConnect	Whether client certificates are required for TLS. Connections are rejected if the client certificate isn’t trusted.	false
tlsProtocols	Specify the tls protocols the broker will use to negotiate during TLS Handshake. Multiple values can be specified, separated by commas. Example:- `TLSv1.3`, `TLSv1.2`
tlsCiphers	Specify the tls cipher the broker will use to negotiate during TLS Handshake. Multiple values can be specified, separated by commas. Example:- `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256`
httpReverseProxyConfigs	HTTP directs to redirect to non-pulsar services
httpOutputBufferSize	HTTP output buffer size. The amount of data that will be buffered for HTTP requests before it is flushed to the channel. A larger buffer size may result in higher HTTP throughput though it may take longer for the client to see data. If using HTTP streaming via the reverse proxy, this should be set to the minimum value (1) so that clients see the data as soon as possible.	32768
httpNumThreads	Number of threads to use for HTTP requests processing	2 * Runtime.getRuntime().availableProcessors()
tokenSettingPrefix	Configure the prefix of the token related setting like `tokenSecretKey`, `tokenPublicKey`, `tokenAuthClaim`, `tokenPublicAlg`, `tokenAudienceClaim`, and `tokenAudience`.
tokenSecretKey	Configure the secret key to be used to validate auth tokens. The key can be specified like: `tokenSecretKey=data:;base64,xxxxxxxxx` or `tokenSecretKey=file:///my/secret.key`. Note: key file must be DER-encoded.
tokenPublicKey	Configure the public key to be used to validate auth tokens. The key can be specified like: `tokenPublicKey=data:;base64,xxxxxxxxx` or `tokenPublicKey=file:///my/secret.key`. Note: key file must be DER-encoded.
tokenAuthClaim	Specify the token claim that will be used as the authentication “principal” or “role”. The “subject” field will be used if this is left blank
tokenAudienceClaim	The token audience “claim” name, e.g. “aud”. It is used to get the audience from token. If it is not set, the audience is not verified.
tokenAudience	The token audience stands for this broker. The field `tokenAudienceClaim` of a valid token need contains this parameter.
haProxyProtocolEnabled	Enable or disable the HAProxy protocol.	false

Deprecated parameters of Pulsar proxy

The following parameters have been deprecated in the conf/proxy.conf file.

Name	Description	Default
tlsEnabledInProxy	Deprecated - use `servicePortTls` and `webServicePortTls` instead.	false
zookeeperSessionTimeoutMs	ZooKeeper session timeout (in milliseconds). Use `metadataStoreSessionTimeoutMillis` instead.	30000
zooKeeperCacheExpirySeconds	ZooKeeper cache expiry time in seconds. Use `metadataStoreCacheExpirySeconds` instead.	300

ZooKeeper

ZooKeeper handles a broad range of essential configuration- and coordination-related tasks for Pulsar. The default configuration file for ZooKeeper is in the conf/zookeeper.conf file in your Pulsar installation. The following parameters are available:

We strongly recommend consulting the for a more thorough and comprehensive introduction to ZooKeeper configuration