-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: classify authorization exception as user error #7061
Changes from 9 commits
bf8f3c6
3bf546f
b27225a
4adaf97
4c801e0
2cb2e1a
08b1f72
d0fdb9b
a065ecf
1bfee24
7acea03
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
/* | ||
* Copyright 2021 Confluent Inc. | ||
* | ||
* Licensed under the Confluent Community License (the "License"; you may not use | ||
* this file except in compliance with the License. You may obtain a copy of the | ||
* License at | ||
* | ||
* http://www.confluent.io/confluent-community-license | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | ||
* WARRANTIES OF ANY KIND, either express or implied. See the License for the | ||
* specific language governing permissions and limitations under the License. | ||
*/ | ||
|
||
package io.confluent.ksql.query; | ||
|
||
import io.confluent.ksql.query.QueryError.Type; | ||
import java.util.Objects; | ||
import org.apache.kafka.common.errors.GroupAuthorizationException; | ||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
|
||
/** | ||
* {@code GroupAuthorizationClassifier} classifies missing consumer group ACLs as user error | ||
*/ | ||
public class GroupAuthorizationClassifier implements QueryErrorClassifier { | ||
|
||
private static final Logger LOG = LoggerFactory.getLogger(GroupAuthorizationClassifier.class); | ||
|
||
private final String queryId; | ||
|
||
public GroupAuthorizationClassifier(final String queryId) { | ||
this.queryId = Objects.requireNonNull(queryId, "queryId"); | ||
} | ||
|
||
@Override | ||
public Type classify(final Throwable e) { | ||
final Type type = e instanceof GroupAuthorizationException ? Type.USER : Type.UNKNOWN; | ||
|
||
if (type == Type.USER) { | ||
LOG.info( | ||
"Classified error as USER error based on missing consumer groups access rights." | ||
+ " Query ID: {} Exception: {}", | ||
queryId, | ||
e); | ||
} | ||
|
||
return type; | ||
} | ||
|
||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
/* | ||
* Copyright 2021 Confluent Inc. | ||
* | ||
* Licensed under the Confluent Community License (the "License"; you may not use | ||
* this file except in compliance with the License. You may obtain a copy of the | ||
* License at | ||
* | ||
* http://www.confluent.io/confluent-community-license | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | ||
* WARRANTIES OF ANY KIND, either express or implied. See the License for the | ||
* specific language governing permissions and limitations under the License. | ||
*/ | ||
|
||
package io.confluent.ksql.query; | ||
|
||
import io.confluent.ksql.query.QueryError.Type; | ||
import java.util.Objects; | ||
import org.apache.kafka.common.errors.TopicAuthorizationException; | ||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
|
||
/** | ||
* {@code TopicAuthorizationClassifier} classifies topic ACL exceptions as user error | ||
*/ | ||
public class TopicAuthorizationClassifier implements QueryErrorClassifier { | ||
|
||
private static final Logger LOG = LoggerFactory.getLogger(TopicAuthorizationClassifier.class); | ||
|
||
private final String queryId; | ||
|
||
public TopicAuthorizationClassifier(final String queryId) { | ||
this.queryId = Objects.requireNonNull(queryId, "queryId"); | ||
} | ||
|
||
@Override | ||
public Type classify(final Throwable e) { | ||
final Type type = e instanceof TopicAuthorizationException ? Type.USER : Type.UNKNOWN; | ||
|
||
if (type == Type.USER) { | ||
LOG.info( | ||
"Classified error as USER error based on missing topic access rights." | ||
+ " Query ID: {} Exception: {}", | ||
queryId, | ||
e); | ||
} | ||
|
||
return type; | ||
} | ||
|
||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
/* | ||
* Copyright 2021 Confluent Inc. | ||
* | ||
* Licensed under the Confluent Community License (the "License"; you may not use | ||
* this file except in compliance with the License. You may obtain a copy of the | ||
* License at | ||
* | ||
* http://www.confluent.io/confluent-community-license | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | ||
* WARRANTIES OF ANY KIND, either express or implied. See the License for the | ||
* specific language governing permissions and limitations under the License. | ||
*/ | ||
|
||
package io.confluent.ksql.query; | ||
|
||
import io.confluent.ksql.query.QueryError.Type; | ||
import java.util.Objects; | ||
import org.apache.kafka.common.errors.TransactionalIdAuthorizationException; | ||
import org.apache.kafka.streams.errors.StreamsException; | ||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
|
||
/** | ||
* {@code TransactionAuthorizationClassifier} classifies missing cluster ACLs as user error | ||
*/ | ||
public class TransactionAuthorizationClassifier implements QueryErrorClassifier { | ||
|
||
private static final Logger LOG = | ||
LoggerFactory.getLogger(TransactionAuthorizationClassifier.class); | ||
|
||
private final String queryId; | ||
|
||
public TransactionAuthorizationClassifier(final String queryId) { | ||
this.queryId = Objects.requireNonNull(queryId, "queryId"); | ||
} | ||
|
||
@Override | ||
public Type classify(final Throwable e) { | ||
final Type type = | ||
e instanceof StreamsException | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @guozhangwang It's unclear to me, why this exception is wrapped with For There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I think it should not, and it should be fixed via https://cwiki.apache.org/confluence/display/KAFKA/KIP-691%3A+Enhance+Transactional+Producer+Exception+Handling cc @abbccdda There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. But the producer should not wrap anything with There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. In our other classifiers (e.g. the regex classifier) we walk the cause stack and try and find any exception that matches). That would be an approach to make this check more robust. |
||
&& e.getCause() instanceof TransactionalIdAuthorizationException | ||
? Type.USER | ||
: Type.UNKNOWN; | ||
|
||
if (type == Type.USER) { | ||
LOG.info( | ||
"Classified error as USER error based on missing transactional ID access rights." | ||
+ " Query ID: {} Exception: {}", | ||
queryId, | ||
e); | ||
} | ||
|
||
return type; | ||
} | ||
|
||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unrelated to this PR but I'm curious: what happens if an internal (changelog or repartition) topic is missing, or if a sink topic is missing? Does Streams throw a different type of exception in these cases?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Atm, for changelogs and repartition topic they would be created. We would fail if the expected config does not match. (this will "change" with https://cwiki.apache.org/confluence/display/KAFKA/KIP-698%3A+Add+Explicit+User+Initialization+of+Broker-side+State+to+Kafka+Streams) -- Or course, it's only verified in a rebalance, but checking the source topic is also only done during a rebalance.
For output topics, Kafka Streams won't do anything, and thus the producer would fill up its write buffer and eventually block. To eventually Streams would crash.
But as ksqlDB checks for output topic, it should be ok?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is true for internal topics too right? It seems like right now for internal topics that are deleted we'd block for max.block.ms and then throw an error classified as SYSTEM. Then, retry and recreate. After KIP-698 we'd block and then throw an error we will classify as USER on every retry.
Where do we check?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes. Not sure how the error would be classified atm or after KIP-698. But it might be out-of-scope for this PR. Would like to focus on authorization errors for now.
Doesn't kslqDB create output topics explicitly if they don't exist?