THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Current state: Under Discussion
Discussion thread: here
JIRA: https://issues.apache.org/jira/browse/KAFKA-5693
...
New versions of existing network protocol protocol DeleteTopicsRequest and and DeleteRecordsRequest will be added, to add a validate_only flag.
New versions of existing network protocol protocol DeleteTopicsResponse and and DeleteRecordsResponse will be added to include an error message.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
/**
* Represents the state of a topic.
*/
interface TopicState {
/**
* The number of partitions of the topic.
*/
int numPartitions();
/**
* The replication factor of the topic. More precisely, the number of assigned replicas for partition 0.
* // TODO what about during reassignment
*/
short replicationFactor();
/**
* A map of the replica assignments of the topic, with partition ids as keys and
* the assigned brokers as the corresponding values.
* // TODO what about during reassignment
*/
Map<Integer, List<Integer>> replicasAssignments();
/**
* The topic config.
*/
Map<String,String> configs();
/**
* Returns whether the topic is marked for deletion.
*/
boolean markedForDeletion();
/**
* Returns whether the topic is an internal topic.
*/
boolean internal();
}
/**
* Represents the requested state of a topic.
*/
interface RequestedTopicState extends TopicState {
/**
* True if the {@link TopicState#replicasAssignments()}
* in this request we generated by the broker, false if
* they were explicitly requested by the client.
*/
boolean generatedReplicaAssignments();
}
/**
The current* stateThe oftopic theconfig topicsas init thewill cluster,be beforeif the request takesis effectsuccessful. */
interface ClusterState {
/**
This is effectively the *same Returnsas the currentvalue state of the given topic, or null if the topic does not exist.{@code configs}
* after the following computation:
*/ <pre><code>
TopicState topicState(String topicName);
/** * Map<String, String> configs = currentState.configs();
* Returns all the topics in the cluster, including internal topics if configs.putAll(requestedState.requestedConfigs();
* </code></pre>
*/
{@code includeInternal} is true, and including those marked for deletion @Override
* if {@code includeMarkedForDeletion} is true.
*/
Set<String> topics(boolean includeInternal, boolean includeMarkedForDeletionMap<String,String> configs();
/**
* The numbertopic ofconfigs brokerspresent in the clusterrequest.
*/
intMap<String,String> clusterSizerequestedConfigs();
}
/**
*The Acurrent policystate thatof isthe enforcedtopics onin topicthe creationcluster, before the alterationrequest and deletion,
takes effect. */
interface andClusterState for{
the deletion of messages/**
from a topic.
*
* AnReturns implementationthe ofcurrent thisstate policyof canthe begiven configuredtopic, onor anull brokerif via the
* {@code topic.management.policy.class.name} broker config.
* When this is configured the named class will be instantiated reflectively
* using its nullary constructor and will then pass the broker configs to
* its <code>configure()</code> method. During broker shutdown, the
* <code>close()</code> method will be invoked so that resources can be
* released (if necessary).
*
*/
interface TopicManagementPolicy extends Configurable, AutoCloseable {
static interface AbstractRequestMetadata {
/**
topic does not exist.
*/
TopicState topicState(String topicName);
/**
* Returns all the topics in the cluster, including internal topics if
* {@code includeInternal} is true, and including those marked for deletion
* if {@code includeMarkedForDeletion} is true.
*/
Set<String> topics(boolean includeInternal, boolean includeMarkedForDeletion);
/**
* The topicnumber theof actionbrokers isin beingthe performed uponcluster.
*/
public String topicint clusterSize();
/**
* Returns the *current The authenticated principal makingstate of the request,broker orin null ifwhich the sessionmethod is not authenticated.
called.
*/
public KafkaPrincipal principalBrokerState brokerState();
}
/**
* A policy staticthat interfaceis CreateTopicRequestenforced extendson AbstractRequestMetadatatopic {
creation, alteration and deletion,
* and for the /**
deletion of messages from a topic.
*
* TheAn requestedimplementation state of thethis topicpolicy tocan be created.
*/
public RequestedTopicState requestedState();
}
/**
* Validate the given request to create a topic
* and throw a <code>PolicyViolationException</code> with a suitable error
* message if the request does not satisfy this policy.
*
* Clients will receive the POLICY_VIOLATION error code along with the exception's message.
* Note that validation failure only affects the relevant topic,
* other topics in the request will still be processed.
configured on a broker via the
* {@code topic.management.policy.class.name} broker config.
* When this is configured the named class will be instantiated reflectively
* using its nullary constructor and will then pass the broker configs to
* its <code>configure()</code> method. During broker shutdown, the
* <code>close()</code> method will be invoked so that resources can be
* released (if necessary).
*
*/
interface TopicManagementPolicy extends Configurable, AutoCloseable {
static interface AbstractRequestMetadata {
/**
* The topic the action is being performed upon.
*/
public String topic();
/**
* @param requestMetadata the request* parameters forThe authenticated principal making the provided topicrequest.
* @param clusterState the current state of the cluster */
* @throws PolicyViolationException ifpublic the request parameters do not satisfy this policy.
*/
void validateCreateTopic(CreateTopicRequest requestMetadata, ClusterState clusterState) throws PolicyViolationException;
KafkaPrincipal principal();
}
static interface AlterTopicRequestCreateTopicRequest extends AbstractRequestMetadata {
/**
* The requested state of the topic willto have after the alterationbe created.
*/
public RequestedTopicState requestedState();
}
/**
* Validate the given request to altercreate ana existing topic
* and throw a <code>PolicyViolationException</code> with a suitable error
* message if the request does not satisfy this policy.
*
* The given {@code clusterState} can be used to discover the current state of the topic to be modified.
*
* Clients will receive the POLICY_VIOLATION error code along with the exception's message.
* Note that validation failure only affects the relevant topic,
* other topics in the request will still be processed.
*
* @param requestMetadata the request parameters for the provided topic.
* @param clusterState the current state of the cluster
* @throws PolicyViolationException if the request parameters do not satisfy this policy.
*/
void validateAlterTopicvalidateCreateTopic(AlterTopicRequestCreateTopicRequest requestMetadata, ClusterState clusterState) throws PolicyViolationException;
/**
static interface AlterTopicRequest extends AbstractRequestMetadata {
/**
* The Parametersstate forthe atopic requestwill tohave deleteafter the given topicalteration.
*/
static interface DeleteTopicRequest extendspublic AbstractRequestMetadata {RequestedTopicState requestedState();
}
/**
* Validate the given request to alter deletean aexisting topic
* and throw a <code>PolicyViolationException</code> with a suitable error
* message if the request does not satisfy this policy.
*
* The given {@code clusterState} can be used to discover the current state of the topic to be deletedmodified.
*
* Clients will receive the POLICY_VIOLATION error code along with the exception's message.
* Note that validation failure only affects the relevant topic,
* other topics in the request will still be processed.
*
* @param requestMetadata the request parameters for the provided topic.
* @param clusterState the current state of the cluster
* @throws PolicyViolationException if the request parameters do not satisfy this policy.
*/
void validateDeleteTopicvalidateAlterTopic(DeleteTopicRequestAlterTopicRequest requestMetadata, ClusterState clusterState) throws PolicyViolationException;
/**
* Parameters for a request to delete recordsthe fromgiven the topic.
*/
static interface DeleteRecordsRequestDeleteTopicRequest extends AbstractRequestMetadata {
}
/**
* Validate the given request *to Returnsdelete a map of topic
partitions and the corresponding offset* ofand thethrow last message
a <code>PolicyViolationException</code> with a suitable error
* tomessage beif retained.the Messagesrequest beforedoes thisnot offsetsatisfy willthis be deletedpolicy.
*
* PartitionsThe which won't have messages deleted won't be present in the map.
given {@code clusterState} can be used to discover the current state of the topic to be deleted.
*/
* Clients will Map<Integer,receive Long> deletedMessageOffsets();
}
/**the POLICY_VIOLATION error code along with the exception's message.
* ValidateNote thethat givenvalidation requestfailure toonly deleteaffects recordsthe from a topicrelevant topic,
* other andtopics throwin athe <code>PolicyViolationException</code>request withwill astill suitablebe errorprocessed.
*
message if the request does* not@param satisfyrequestMetadata thisthe policy.
request parameters for the provided *topic.
* The given {@code@param clusterState} can be used to discover the current state of the topiccluster
to have records deleted.
* @throws PolicyViolationException *if the request parameters do not satisfy this policy.
* Clients will receive the POLICY_VIOLATION error code along with the exception's message./
void validateDeleteTopic(DeleteTopicRequest requestMetadata, ClusterState clusterState) throws PolicyViolationException;
/**
* Parameters for Notea thatrequest validationto failuredelete onlyrecords affectsfrom the relevant topic,.
*/
other topics in thestatic requestinterface willDeleteRecordsRequest stillextends beAbstractRequestMetadata processed.{
*
/**
@param requestMetadata the request parameters for the provided topic.
* Returns a map of *topic @parampartitions clusterStateand the currentcorresponding stateoffset of the clusterlast message
* @throws PolicyViolationException if the* requestto parametersbe doretained. notMessages satisfybefore this policy offset will be deleted.
*/
void validateDeleteRecords(DeleteRecordsRequest requestMetadata, ClusterState clusterState) * Partitions which won't have messages deleted won't be present in the map.
*/
Map<Integer, Long> deletedMessageOffsets();
}
/**
* Validate the given request to delete records from a topic
* and throw a <code>PolicyViolationException</code> with a suitable error
* message if the request does not satisfy this policy.
*
* The given {@code clusterState} can be used to discover the current state of the topic to have records deleted.
*
* Clients will receive the POLICY_VIOLATION error code along with the exception's message.
* Note that validation failure only affects the relevant topic,
* other topics in the request will still be processed.
*
* @param requestMetadata the request parameters for the provided topic.
* @param clusterState the current state of the cluster
* @throws PolicyViolationException if the request parameters do not satisfy this policy.
*/
void validateDeleteRecords(DeleteRecordsRequest requestMetadata, ClusterState clusterState) throws PolicyViolationException;
}
/**
* Represents the state of a broker
*/
interface BrokerState {
/**
* The broker config.
*/
Map<String,String> configs();
}
interface RequestedBrokerState extends BrokerState {
/**
* The topic config as it will be if the request is successful.
* This is effectively the same as the value of {@code configs}
* after the following computation:
* <pre><code>
* Map<String, String> configs = currentState.configs();
* configs.putAll(requestedState.requestedConfigs();
* </code></pre>
*/
@Override
Map<String,String> configs();
/**
* The broker configs present in the request.
*/
Map<String,String> requestedConfigs();
}
/**
* A policy that is enforced on broker alteration.
*
* An implementation of this policy can be configured on a broker via the
* {@code broker.management.policy.class.name} broker config.
* When this is configured the named class will be instantiated reflectively
* using its nullary constructor and will then pass the broker configs to
* its <code>configure()</code> method. During broker shutdown, the
* <code>close()</code> method will be invoked so that resources can be
* released (if necessary).
*
* TODO: Fully define the lifecycle since the policy is configured by broker config which changes, so a means of reconfiguration is required.
*/
interface BrokerManagementPolicy extends Configurable, AutoCloseable {
static interface AbstractRequestMetadata {
/**
* The id of the broker the action is being performed upon.
* This is always the same as the id of the broker in which the
* broker management policy is executing.
*/
public int brokerId();
/**
* The principal making the request.
*/
public KafkaPrincipal principal();
}
static interface AlterBrokerRequest extends AbstractRequestMetadata {
/**
* The requested state of the broker to be altered.
*/
public RequestedBrokerState requestedState();
}
/**
* Validate the given request to alter a broker
* and throw a <code>PolicyViolationException</code> with a suitable error
* message if the request does not satisfy this policy.
*
* Clients will receive the POLICY_VIOLATION error code along with the exception's message.
* Note that validation failure only affects the relevant broker,
* other topics in the request will still be processed.
*
* @param requestMetadata the request parameters for the provided broker.
* @param clusterState the current state of the cluster
* @throws PolicyViolationException if the request parameters do not satisfy this policy.
*/
void validateAlterBroker(AlterBrokerRequest requestMetadata,
ClusterState clusterState)
throws PolicyViolationException;
} |
...
- On topic creation, i.e. when processing a
CreateTopicsRequest - On topic modification
- Change in topic config, ie. when processing
AlterConfigsRequest, for topic configs (this change done as part of this KIP). - Adding partitions to topics, i.e. when processing a
CreatePartitionsRequest(see KIP-195, but (see KIP-195, but this change done as part of this KIP) - Reassigning partitions to brokers, and/or changing the replication factor when processing
ReassignPartitionsRequest(as part of KIP-179)
- Change in topic config, ie. when processing
- On topic deletion, i.e. when processing a
DeleteTopicsRequest(this change done as part of this KIP). - On message deletion, i.e. when processing a
DeleteRecordsRequest(this change done as part of this KIP) - Reassigning partitions to brokers, and/or changing the replication factor when processing
ReassignPartitionsRequest(see KIP-179) - On topic deletion, i.e. when processing a
DeleteTopicsRequest. - .
The BrokerManagementPolicy will be applied:
- On broker startup
- This is to ensure that brokers start in a valid state; without this it would be possible for a later alter broker request to be denied even though the request itself was not the cause of the policy violation.
- On broker modification, ie. when processing a
AlterConfigsRequestfor broker configsOn message deletion, i.e. when processing aDeleteRecordsRequest.
Deprecate existing policies
...
It will be a configuration-time error if both create.topic.policy.class.name and topic.management.policy.class.name are used at the same time, or both alter.config.policy.class.name and topic. are used at the same time.management.policy.class.name
...
| No Format |
|---|
DeleteTopics Response (Version: 2) => throttle_time_ms [topic_error_codes]
throttle_time_ms => INT32
topic_error_codes => topic error_code error_message
topic => STRING
error_code => INT16
error_message => NULLABLE_STRING |
Existing Old versions of the DeleteTopics resonse will be able to have the DeleteTopicsResponse will use a UNEXPECTED_SERVER_ERROR error_codes with value instead of POLICY_VIOLATION so as to not break clients.
The documentation for AdminClient.deleteTopics() will be updated mention the possibility of PolicyViolationException from the DeleteTopicsResult methods.
...
| No Format |
|---|
DeleteRecords Response (Version: 0) => throttle_time_ms [topics]
throttle_time_ms => INT32
topics => topic [partitions]
topic => STRING
partitions => partition low_watermark error_code error_message
partition => INT32
low_watermark => INT64
error_code => INT16
error_message => NULLABLE_STRING |
Existing versions of the DeleteRecords resonse will be able to have the DeleteRecordsResponse will use a UNEXPECTED_SERVER_ERROR error_codes with value instead of POLICY_VIOLATION so as to not break clients.
The documentation for AdminClient.deleteRecords() (being added by KIP-204) will be updated mention the possibility of PolicyViolationException from the DeleteRecordsResult methods.
...
Having separate policy interfaces for creation/modification and deletion and retaining the existing single-method-per-policy-interface design was considered, but rejected because it was a half way house between having multiple policies and having a single policy.