I am currently working on ZOOKEEPER-1383. One of the main feature introduced in this change is to allow ZooKeeper to enforce hard limit (e.g. Txn per sec) per folder .
With hard limit, we need to introduce a new exception/error code (QuotaExceeded) for ZooKeeper operations that modify the DataTree. If a client get this error, it means that the particular operation is definitely failed.
>From our internal discussion, this may make it harder for a user to write an application. The thought is that this can possibly introduce a hole in sequence of operations that the client application performs, since some operation may success but some may be not. One of the idea is to also trigger session expire (or at least trigger disconnect) on the server-side in addition to QuotaExceed error. This will cause all subsequent operations from that client to fail and allow the application to use existing error handling logic to recover from QuotaExceed. Typically, the application that exceeded the quota is already doing something wrong from administrator's perspective, but we also want to fail gracefully and able to recover when the problem is fixed or quota is increased.
Let me know if you have any suggestion.