THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
This page is meant as a template for writing a KIP. To create a KIP choose Tools->Copy on this page and modify with your content and replace the heading with the next KIP number and a description of your issue. Replace anything in italics with your own description.
Status
Current state: [One of "Under Discussion", "Accepted", "Rejected"]
Discussion thread: here [Change the link from the KIP proposal email archive to your own email thread]
JIRA: here [Change the link from KAFKA-1 to your own ticket]
Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).
Motivation
Describe the problems you are trying to solve.
Public Interfaces
Configuration
controller.quorum.voters
This is an existing configuration. If the cluster uses this configuration to configure the quorum, adding new replica ids will not be supported. The cluster will only support changing the GUID for an existing replica id.
controller.quorum.bootstrap.servers
This configuration can be used instead of controller.quorum.voters. This is a list of nodes that brokers and new controllers can use to discover the quorum leader. Brokers and new controllers (observers) will send FETCH request to all of the nodes in this configuration until they discover the quorum leader and the FETCH request succeeds. The quorum voters and their configuration will be learned by fetching and reading the log and snapshot.
Log and Snapshot Control Records
Two new control records will be added to the log and snapshot of a KRaft partition.
TODO: The LeaderChangeRecord needs to change
AddVoterRecord
A control record for instructing the voters to add a new voter to the topic partition. This record can exist in both the log and the snapshot of a topic partition.
The ControlRecordType is TBD and will be updated when the code is commit to Kafka.
{
"type": "data",
"name": "AddVoterRecord",
"validVersions": "0",
"flexibleVersions": "0+",
"fields": [
{ "name": "Version", "type": "int16", "versions": "0+",
"about": "The version of the add voter record"},
{ "name": "VoterId", "type": "int32", "versions": "0+", "entityType": "brokerId",
"about": "The ID of the voter getting added to the topic partition"},
{ "name": "VoterUuid", "type": "uuid", "versions": "0+",
"about": "The voter generated UUID of the voter getting added to the topic partition"},
{ "name": "EndPoints", "type": "[]VoterEndpoint", "versions": "0+",
"about": "The endpoints that can be used to communicate with the voter", "fields": [
{ "name": "Name", "type": "string", "versions": "0+", "mapKey": true,
"about": "The name of the endpoint." },
{ "name": "Host", "type": "string", "versions": "0+",
"about": "The hostname." },
{ "name": "Port", "type": "uint16", "versions": "0+",
"about": "The port." },
{ "name": "SecurityProtocol", "type": "int16", "versions": "0+",
"about": "The security protocol." }
]}
]
}
RemoveVoterRecord
A control record for instructing the voters to remove a new voter to the topic partition. This record can exist in the log but not the snapshot of a topic partition.
The ControlRecordType is TBD and will be updated when the code is commit to Kafka.
{
"type": "data",
"name": "RemoveVoterRecord",
"validVersions": "0",
"flexibleVersions": "0+",
"fields": [
{ "name": "Version", "type": "int16", "versions": "0+",
"about": "The version of the add voter record"},
{ "name": "VoterId", "type": "int32", "versions": "0+", "entityType": "brokerId",
"about": "The ID of the voter getting removed from the topic partition"},
{ "name": "VoterUuid", "type": "uuid", "versions": "0+",
"about": "The voter generated UUID of the voter getting removed from the topic partition"}
]
}
Quorum State
A new field called VoterUuid will get added to the QuorumStateData . Each KRaft replica will store a locally generated UUID in this field. The replica will generate and persist an UUID when it reads a version 0 of the QuorumStateData or if the QuorumStateData hasn't been persistent in the past.
{
"type": "data",
"name": "QuorumStateData",
"validVersions": "0-1",
"flexibleVersions": "0+",
"fields": [
{ "name": "ClusterId", "type": "string", "versions": "0+"},
{ "name": "VoterUuid", "type" "uuid", "versions": "1+",
"about": "The locally generated UUID for this voter.",
{ "name": "LeaderId", "type": "int32", "versions": "0+", "default": "-1"},
{ "name": "LeaderEpoch", "type": "int32", "versions": "0+", "default": "-1"},
{ "name": "VotedId", "type": "int32", "versions": "0+", "default": "-1"},
{ "name": "AppliedOffset", "type": "int64", "versions": "0+"},
{ "name": "CurrentVoters", "type": "[]Voter", "versions": "0+", "nullableVersions": "0+"}
],
"commonStructs": [
{ "name": "Voter", "versions": "0+", "fields": [
{"name": "VoterId", "type": "int32", "versions": "0+"}
]}
]
}
RPC
AddVoter
Request
TODO: describe this
{
"apiKey": TBD,
"type": "request",
"listeners": ["controller", "broker"],
"name": "AddVoterRequest",
"validVersions": "0",
"flexibleVersions": "0+",
"fields": [
{ "name": "ClusterId", "type": "string", "versions": "0+" }
{ "name": "Topics", "type": "[]TopicData", "versions": "0+", "fields": [
{ "name": "TopicName", "type": "string", "versions": "0+", "entityType": "topicName",
"about": "The name of the topic." },
{ "name": "Partitions", "type": "[]PartitionData", "versions": "0+", "fields": [
{ "name": "Index", "type": "int32", "versions": "0+",
"about": "The partition index." },
{ "name": "VoterId", "type": "int32", "versions": "0+",
"about": "The ID of the voter getting added to the topic partition." },
{ "name": "VoterUuid", "type": "uuid", "versions": "0+",
"about": "The voter generated UUID of the voter getting added to the topic partition." },
{ "name": "EndPoints", "type": "[]VoterEndpoint", "versions": "0+",
"about": "The endpoints that can be used to communicate with the voter", "fields": [
{ "name": "Name", "type": "string", "versions": "0+", "mapKey": true,
"about": "The name of the endpoint." },
{ "name": "Host", "type": "string", "versions": "0+",
"about": "The hostname." },
{ "name": "Port", "type": "uint16", "versions": "0+",
"about": "The port." },
{ "name": "SecurityProtocol", "type": "int16", "versions": "0+",
"about": "The security protocol." }
]}
]}
]}
]
}
Response
{
"apiKey": TBD,
"type": "response",
"name": "AddVoterResponse",
"validVersions": "0",
"flexibleVersions": "0+",
"fields": [
{ "name": "ErrorCode", "type": "int16", "versions": "0+",
"about": "The top level error code." }
{ "name": "Topics", "type": "[]TopicData", "versions": "0+", "fields": [
{ "name": "TopicName", "type": "string", "versions": "0+", "entityType": "topicName",
"about": "The name of the topic." },
{ "name": "Partitions", "type": "[]PartitionData", "versions": "0+", "fields": [
{ "name": "Index", "type": "int32", "versions": "0+",
"about": "The partition index." },
{ "name": "ErrorCode", "type": "int16", "versions": "0+",
"about": "The error code, or 0 if there was no fetch error." },
{ "name": "CurrentLeader", "type": "LeaderIdAndEpoch", "versions": "0+", "taggedVersions": "0+", "tag": 0, "fields": [
{ "name": "LeaderId", "type": "int32", "versions": "12+", "default": "-1", "entityType" : "brokerId",
"about": "The ID of the current leader or -1 if the leader is unknown." },
{ "name": "LeaderEpoch", "type": "int32", "versions": "12+", "default": "-1",
"about": "The latest known leader epoch"}
]}
]}
]}
]
}
Handling
- Reject if not leader
- Reject if endpoints is specified and the configuration controller.quorum.voters is used.
- Wait for replica (id, guid) to catch up
- Wait for no pending reassignments (id, guid)
- Append to log
- Wait for commit using majority of new configuration
- Send response
RemoveVoter
Request
TODO: describe this
{
"apiKey": TBD,
"type": "request",
"listeners": ["controller", "broker"],
"name": "RemoveVoterRequest",
"validVersions": "0",
"flexibleVersions": "0+",
"fields": [
{ "name": "Topics", "type": "[]TopicData", "versions": "0+", "fields": [
{ "name": "TopicName", "type": "string", "versions": "0+", "entityType": "topicName",
"about": "The name of the topic." },
{ "name": "Partitions", "type": "[]PartitionData", "versions": "0+", "fields": [
{ "name": "Index", "type": "int32", "versions": "0+",
"about": "The partition index." },
{ "name": "VoterId", "type": "int32", "versions": "0+",
"about": "The ID of the voter getting removed from the topic partition." },
{ "name": "VoterUuid", "type": "uuid", "versions": "0+",
"about": "The voter generated UUID of the voter getting remove from the topic partition." },
]}
]}
]
}
Response
{
"apiKey": TBD,
"type": "response",
"name": "RemoveVoterResponse",
"validVersions": "0",
"flexibleVersions": "0+",
"fields": [
{ "name": "ErrorCode", "type": "int16", "versions": "0+",
"about": "The top level error code." }
{ "name": "Topics", "type": "[]TopicData", "versions": "0+", "fields": [
{ "name": "TopicName", "type": "string", "versions": "0+", "entityType": "topicName",
"about": "The name of the topic." },
{ "name": "Partitions", "type": "[]PartitionData", "versions": "0+", "fields": [
{ "name": "Index", "type": "int32", "versions": "0+",
"about": "The partition index." },
{ "name": "ErrorCode", "type": "int16", "versions": "0+",
"about": "The error code, or 0 if there was no fetch error." },
{ "name": "CurrentLeader", "type": "LeaderIdAndEpoch", "versions": "0+", "taggedVersions": "0+", "tag": 0, "fields": [
{ "name": "LeaderId", "type": "int32", "versions": "12+", "default": "-1", "entityType" : "brokerId",
"about": "The ID of the current leader or -1 if the leader is unknown." },
{ "name": "LeaderEpoch", "type": "int32", "versions": "12+", "default": "-1",
"about": "The latest known leader epoch"}
]}
]}
]}
]
}
Handling
- Reject if not leader
- Reject if endpoints is specified and the configuration controller.quorum.voters is used.
- Wait for no pending reassignments
- Append to log
- Wait for commit using majority of new configuration
- Send response
Fetch
The fetch response version is bump and the fields remain unchanged.
Request
Version 14 adds the field ReplicaUuid. This field is populated with the replica generated UUID. If the ReplicaUuid and the ReplicaId fields are populated, the topic partition leader can assume that the replica supports become a follower.
{
"apiKey": 1,
"type": "request",
"listeners": ["zkBroker", "broker", "controller"],
"name": "FetchRequest",
"validVersions": "0-14",
"flexibleVersions": "12+",
"fields": [
{ "name": "ClusterId", "type": "string", "versions": "12+", "nullableVersions": "12+", "default": "null", "taggedVersions": "12+", "tag": 0, "ignorable": true,
"about": "The clusterId if known. This is used to validate metadata fetches prior to broker registration." },
{ "name": "ReplicaId", "type": "int32", "versions": "0+", "entityType": "brokerId",
"about": "The replica ID of the follower, of -1 if this request is from a consumer." },
{ "name": "ReplicaUuid", "type": "uuid", "versions": "14+", "nullableVersions": "14+", "default": "null",
"about": "The replica generated UUID. null otherwise." },
...
]
}
Handling
TODO: The main thing to discuss is that the the voters needs to send the replica ID and UUID. The leaders needs to track the fetch offset for all replicas that have an ID and UUID using this tuple as a unique key.
Vote
Request
Changes:
- Candidate Id was moved out of the topic partition maps
- Candidate Uuid was added to the PartitionData
- VoterId was added to the top level
- VoterUuId was added to PartitionData
{
"apiKey": 52,
"type": "request",
"listeners": ["controller"],
"name": "VoteRequest",
"validVersions": "0-1",
"flexibleVersions": "0+",
"fields": [
{ "name": "ClusterId", "type": "string", "versions": "0+", "nullableVersions": "0+", "default": "null" },
{ "name": "CandidateId", "type": "int32", "versions": "1+", "entityType": "brokerId",
"about": "The ID of the voter sending the request" },
{ "name": "VoterId", "type": "int32", "versions": "1+", "entityType": "brokerId",
"about": "The ID of the replica receiving the request to vote." },
{ "name": "Topics", "type": "[]TopicData", "versions": "0+", "fields": [
{ "name": "TopicName", "type": "string", "versions": "0+", "entityType": "topicName",
"about": "The topic name." },
{ "name": "Partitions", "type": "[]PartitionData",
"versions": "0+", "fields": [
{ "name": "PartitionIndex", "type": "int32", "versions": "0+",
"about": "The partition index." },
{ "name": "CandidateEpoch", "type": "int32", "versions": "0+",
"about": "The bumped epoch of the candidate sending the request"},
{ "name": "CandidateId", "type": "int32", "versions": "0", "entityType": "brokerId",
"about": "The ID of the voter sending the request"},
{ "name": "CandidateUuid", "type": "uuid", "versions": "1+", "nullableVersions": "1+", "default": "null" }
"about": "The candidate generated UUID, null otherwise" },
{ "name": "VoterUuid", "type": "uuid", "versions": "1+", "nullableVersions": "1+", "default": "null" }
"about": "The voter generated UUID of the replica receiving the request to vote, null otherwise" },
{ "name": "LastOffsetEpoch", "type": "int32", "versions": "0+",
"about": "The epoch of the last record written to the metadata log"},
{ "name": "LastOffset", "type": "int64", "versions": "0+",
"about": "The offset of the last record written to the metadata log"}
]}
]}
]
}
Response
TODO
Handling
- Fail the request of the voter ID and UUID doesn't match the local ID and UUID.
- All replicas that can become voter are allowed to vote even if they are not voters yet for the quorum.
- If granted persist the Candidate GUID and ID.
BeginQuorumEpoch
Request
{
"apiKey": 53,
"type": "request",
"listeners": ["controller"],
"name": "BeginQuorumEpochRequest",
"validVersions": "0",
"flexibleVersions": "none",
"fields": [
{ "name": "ClusterId", "type": "string", "versions": "0+",
"nullableVersions": "0+", "default": "null"},
{ "name": "Topics", "type": "[]TopicData", "versions": "0+", "fields": [
{ "name": "TopicName", "type": "string", "versions": "0+", "entityType": "topicName",
"about": "The topic name." },
{ "name": "Partitions", "type": "[]PartitionData", "versions": "0+", "fields": [
{ "name": "PartitionIndex", "type": "int32", "versions": "0+",
"about": "The partition index." },
{ "name": "LeaderId", "type": "int32", "versions": "0+", "entityType": "brokerId",
"about": "The ID of the newly elected leader"},
{ "name": "LeaderEpoch", "type": "int32", "versions": "0+",
"about": "The epoch of the newly elected leader"}
]}
]}
]
}
DescribeQuorum
The version is of the request is increase and the fields remain unchanged.
Response
- Replica GUID in ReplicaState
- Leader needs to distinguish between replicas that are fetching as observer but should become voters vs replicas that are observers but cannot become voters.
Handling
- Leader needs to include all replicas ID and GUID in the quorum
- CLI - Kafka needs a CLI that can display this information.
Admin Client
TODO: Document operations for adding voter and removing voters
Monitoring
TODO: What new metrics do we need?
Command Line Interface
kafka-quorum-shell
TODO: Verify the name of this tool.
Kafka quorum Shell should be able to read and display KRaft control records.
kafka-storage
TODO: Improve the tool so that it can bootstrap the first quorum node by writing an AddVoter record to the cluster metadata log.
kafka-quorum
TODO: Or extend quorum-shell.
- Be able to describe quorurm
- User need to be able to query enough information to be able to perform a voter add or voter remove operation
- Be able to add voters
- Be able to remove voters
Proposed Changes
- Explain GUID
- Explain how a replica is bootstrap
- Explain how a replica recovers a replaced disk
- Log
- New control record for adding replicas
- New control record for removing replicas
- Snapshot - The kraft client needs to be able to include the control record for adding and removing replicas from the quorum.
- Listener - kraft needs an internal listener that can read and apply uncommitted data from the snapshot and log.
Compatibility, Deprecation, and Migration Plan
- What impact (if any) will there be on existing users?
- If we are changing behavior how will we phase out the older behavior?
- If we need special migration tools, describe them here.
- When will we remove the existing behavior?
Test Plan
Describe in few sentences how the KIP will be tested. We are mostly interested in system tests (since unit-tests are specific to implementation details). How will we know that the implementation works as expected? How will we know nothing broke?
Rejected Alternatives
If there are alternative ways of accomplishing the same thing, what were they? The purpose of this section is to motivate why the design is the way it is and not some other way.