splett2 commented on code in PR #18045:
URL: https://github.com/apache/kafka/pull/18045#discussion_r1870365229
##########
metadata/src/test/java/org/apache/kafka/controller/QuorumControllerTest.java:
##########
@@ -482,6 +483,100 @@ public void testUncleanShutdownBroker() throws Throwable {
}
}
+ @Test
+ public void testUncleanShutdownElrDisabled() throws Exception {
+ List<Integer> allBrokers = Arrays.asList(1, 2, 3);
+ short replicationFactor = (short) allBrokers.size();
+ long sessionTimeoutMillis = 500;
+
+ try (
+ LocalLogManagerTestEnv logEnv = new
LocalLogManagerTestEnv.Builder(1).
+ build();
+ QuorumControllerTestEnv controlEnv = new
QuorumControllerTestEnv.Builder(logEnv)
+ .setControllerBuilderInitializer(controllerBuilder ->
+
controllerBuilder.setFenceStaleBrokerIntervalNs(TimeUnit.SECONDS.toNanos(15)))
+ .setSessionTimeoutMillis(OptionalLong.of(sessionTimeoutMillis))
Review Comment:
This was a little interesting. We have a check in
`ClusterControlManager.registerBroker` that checks whether we have a valid
session before fencing requests with `DuplicateBrokerRegistrationException`.
That check _should_ require that a broker be fenced before it can
re-register with a new epoch, but the check is too soft since it has a
real-time component. If the check was instead that the broker is fenced before
we allow re-registration, we would be safe.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
