mumrah commented on code in PR #13407: URL: https://github.com/apache/kafka/pull/13407#discussion_r1173116859
########## metadata/src/main/java/org/apache/kafka/controller/QuorumController.java: ########## @@ -1123,29 +1165,104 @@ private void claim(int epoch) { // Prepend the activate event. It is important that this event go at the beginning // of the queue rather than the end (hence prepend rather than append). It's also // important not to use prepend for anything else, to preserve the ordering here. - queue.prepend(new ControllerWriteEvent<>("completeActivation[" + epoch + "]", - new CompleteActivationEvent())); + ControllerWriteEvent<Void> activationEvent = new ControllerWriteEvent<>("completeActivation[" + epoch + "]", + new CompleteActivationEvent(), + EnumSet.of(DOES_NOT_UPDATE_QUEUE_TIME, RUNS_IN_PREMIGRATION)); + activationEvent.future.whenComplete((__, t) -> { + if (t != null) { + fatalFaultHandler.handleFault("exception while activating controller", t); Review Comment: In `handleEventException`, we renounce the controller leadership when we see a non-ApiException from a ControllerWriteEvent. As far as I can tell, this does not hit the fault handler. `KafkaEventQueue#run` traps exceptions and calls `Event#handleException`. In `ControllerEvent#handleException`, we call `QuorumController#handleEventException` which just does logging and resignation. `handleEventException` wraps the exception with UnknownServerException, but I don't see where we do anything with that in ControllerEvent. I think this is by design since we don't want the controller just crashing for any error, but only for specific cases where we call the fault handler. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org