Breath

这样就都有权限了。https://www.orchome.com/185

Because of the way replication of topic partitions work internally, it is also important to grant topic access to brokers. Brokers replicating a partition will need to be authorized for both READ and DESCRIBE on that topic. DESCRIBE is granted by default with the READ authorization.

我在 https://docs.confluent.io 找到了这一段话，然后把新建topic的权限赋予所有brokers，这样就没问题了。

1、acl和ssl不是独立的么？
2、我只想用acl，这里需要改么？如果需要，应该怎么改？

你不是用的acl么，listeners=PLAINTEXT://172.16.40.117:9092 这个就不对了呀

zk是用的3.4.9的，kafka_2.11-0.10.2.1