However, in our experience customers of Kafka expect to be able to immediately enable tiering on a topic once their cluster upgrade is complete. Once they do this, however, they start seeing NPEs and no data is uploaded to Tiered Storage (https://github.com/apache/kafka/blob/trunk/storage/api/src/main/java/org/apache/kafka/server/log/remote/storage/LogSegmentData.java#L61 and no data is uploaded to Tiered Storage).

To provide a smooth upgrade experience achieve this, we propose to change changing Kafka to create an empty producer snapshot file and upload it whenever a segment is due to be archived and lacks one.

Public Interfaces

Briefly list any new interfaces that will be introduced as part of this proposal or any existing interfaces that will be removed or changed. The purpose of this section is to concisely call out the public contract that will come along with this feature.

...

We propose to create a segment-aligned empty producer snapshot whenever we detect that the value here https://github.com/apache/kafka/blob/trunk/core/src/main/java/kafka/log/remote/RemoteLogManager.java#L581 is null. The rest of Tiered Storage's logic should pick it up for upload from then on. No changes will be required on the read path.

Why is adding an empty snapshot file safe?

An empty snapshot file means that Kafka has no knowledge of idempotent producers prior to the offset of the snapshot file.

What is Kafka's behaviour when it encounters an empty snapshot on read?

Does Kafka deal with empty snapshots someplace else in the code as well?

Compatibility, Deprecation, and Migration Plan

...

1. Generate a correct producer snapshot prior to upload - we rejected this because we either have to reply the log from the beginning or choose an arbitrary earlier segment as the starting point to start calculating said snapshot from.
2. Make Kafka not upload segments to remote storage until it has expired all segments lacking a producer snapshot - we think this is just as unexpected (especially if customers aren't well-aware of what producer snapshots are used for) as what the current approach is.
3. Do not allow a topic to have its tiering configuration set to true until all of its segments have an associated producer snapshot - the limitation here is that this condition needs to hold true across all brokers and additional synchronisation will be required.
4. Do not archive snapshot files - like indeciesindices, snapshot files can be recreated by rereading the log. However, in the case of Tiered Storage we make the assumption that replaying the whole log will be quite costly.
5. Create empty snapshot files on read if a snapshot file is not found - this is a close second runner, but we chose to discard it. It would not be immediately obvious whether a snapshot is not presented because of an upgrade of Kafka version, because there is a bug in the plugin implementation or because the remote storage itself has been tampered with - if we explicitly write an empty file we reduce some of this ambiguity.