Status
Current state: "Under Discussion"
Discussion thread: here
JIRA: here
Motivation
In KIP-429: Kafka Consumer Incremental Rebalance Protocol, we proposed a new version of consumer protocol for cooperative rebalance (a.k.a incremental rebalance protocol). It adds a new field "ownedPartition" into the "subscription" and "assignment" data, and one of the purpose of the new "ownedPartition" field is for the assignors and to do "sticky" assignment dependent on the "ownedPartitions". Like in the "CooperativeStickyAssignor and custom COOPERATIVE Assignors" section of KIP-429, it said:
The assignor can leverage the new ownedPartitions field that the Subscription has been augmented with in order to determine the previous assignment. Note that "stickiness" is important for the cooperative protocol to be effective, as in the limit that the new assignment is totally different than the previous one then the cooperative protocol just reduces to the old eager protocol as each member will have to completely revoke all partitions and get a whole new assignment.
However, recently, we've encountered some rebalance stuck issues, and the root cause of them are due to the out-of-date "ownedPartition". Because there are chances that the "ownedPartitions" are out-of-date, the assignors will blindly "trust" the "ownedPartitions", and do assignment depend on them, and cause unexpected results. ex: KAFKA-12984, KAFKA-13406. Currently, we tried to workaround this issue by adding "generation" field into subscription "userData" field in cooperative sticky assignor, and deserialize them when doing assignment, to identify if the "ownedPartitions" are out-of-date or not. However, this workaround only works for cooperative sticky assignor, if users have their own custom cooperative assignor, they also need to workaround it manually. Otherwise, the same issues also happen to them.
Only appending "ownedPartitions" data without "generation" info in the Subscription message, is like in TCP, only send packets without appending the sequence number. It'll confuse the assignor(or TCP receivers) and make the wrong decision.
Therefore, we should add the "generation" field into "Subscription" data of the consumer protocol. (i.e. ConsumerProtocolSubscription), to allow assignor/consumer coordinator/group coordinator to have a way to identify the out-of-date members/assignments.
Public Interfaces
JoinGroupRequest
The version is bumped to 8, and add a "generationId" field
1 |
|
ConsumerProtocolSubscription
We'll updated consumer protocol for Subscription, which will add a new field "generation" at the end, and bump the version to V2.
{ "type": "data", "name": "ConsumerProtocolSubscription", // Subscription part of the Consumer Protocol. // // The current implementation assumes that future versions will not break compatibility. When // it encounters a newer version, it parses it using the current format. This basically means // that new versions cannot remove or reorder any of the existing fields.
"validVersions": "0-2", "flexibleVersions": "none", "fields": [ { "name": "Topics", "type": "[]string", "versions": "0+" }, { "name": "GenerationId", "type": "int32", "versions": "2+", "default": "-1"}, <-- new added { "name": "UserData", "type": "bytes", "versions": "0+", "nullableVersions": "0+", "default": "null", "zeroCopy": true }, { "name": "OwnedPartitions", "type": "[]TopicPartition", "versions": "1+", "ignorable": true, "fields": [ { "name": "Topic", "type": "string", "mapKey": true, "versions": "1+", "entityType": "topicName" }, { "name": "Partitions", "type": "[]int32", "versions": "1+"} ] } ] } |
Also, there will also be a "generation" field added into the Subscription
class in ConsumerPartitionAssignor.
Proposed Changes
So, during the joinGroup request, we'll include the "generation" data into the protocol set and send to the group coordinator. Later, when the consumer lead receive the subscription info from all consumers, it'll do the assignment based on the "ownedPartitions" and "generation" info. Also, after the assignment, we can also leverage the "ownedPartitions" and "generation" info to validate the assignments.
For built-in CooperativeStickyAssignor, if there are consumers in old bytecode and some in the new bytecode, it's totally fine, because the subscription data from old consumers will contain \[empty ownedPartitions + default generation(-1)] in V0, or \[current ownedPartitions + default generation(-1)] in V1. For V0 case, it's quite simple, because we'll just ignore the info since they are empty. For V1 case, we'll get the "ownedPartitions" data, and then check if there is generation info in the userData (i,e, current workaround). If so, we'll use it, otherwise, we'll take the ownedPartitions as default generation(-1).
For custom assignor, they can adopt the "ownedPartitions" and "generation" info together to check if it is a stale one. If they don't update their code, it's fine since this change is backward compatible. (check below)
In the AbstractPartitionAssignor, we would have a validateSubscription
function which takes in the ownedPartitions across all members, and needs to be called by all assignors (it is the customized assignor's own responsibility to call it), to check that ownedPartitions do not have overlaps.
In the broker side, the group coordinator would check for the "generation" upon Join-Group: if it is a sentinel value (e.g. -1) then assume it is a new member that have never been in the group yet, and hence always set the current generation; if it is not sentinel value and stale, then return the ILLEGAL_GENERATION error directly. And, upon getting such error the member should not clear its member ID if there's one, but only reset the generation to null and also clean up the ownedPartitions before re-joining.
Compatibility, Deprecation, and Migration Plan
It is compatible to inject additional fields after the assignor-specific SubscriptionInfo bytes, since on serialization we would first call assignor to encode the info bytes, and then re-allocate larger buffer to append consumer-specific bytes; with the new protocol, we just need to append some existing fields before, and some new fields after the assignor-specific info bytes, and vice-versa on deserialization. So adding fields after the assignor-bytes is still naturally compatible with the plug-in assignor.
Rejected Alternatives
1. Adding a new generation
method in ConsumerPartitionAssignor
interface, for the assignor to get the generation info.
--> This will work for the assignor only. But actually, in ConsumerCoordinator
, after the cooperative assignor completes its assignment, we have a validation phase, to validate if the cooperative assignor revoke partitions first before assign it to other consumers. In the validation phase, we also need the "generation" info. If the generation info only put inside assignor, the validation phase can't leverage the "generation" data.
2. add "generation" field into Subscription:
Current consumer protocol for Subscription:
|
We'll updated consumer protocol for Subscription, which will add a new field "generation" at the end, and bump the version to V2.
|
--> Reject this approach because the broker can't leverage the generation info inside subscription metadata.