Skip to content

kvserver: don't reject raft snapshots on draining nodes#77246

Merged
craig[bot] merged 1 commit intocockroachdb:masterfrom
aayushshah15:20220301_dontRejectRaftSnapshotsOnDrainingNodes
Mar 8, 2022
Merged

kvserver: don't reject raft snapshots on draining nodes#77246
craig[bot] merged 1 commit intocockroachdb:masterfrom
aayushshah15:20220301_dontRejectRaftSnapshotsOnDrainingNodes

Conversation

@aayushshah15
Copy link
Copy Markdown
Contributor

@aayushshah15 aayushshah15 commented Mar 1, 2022
edited
Loading

Previously, draining nodes were incorrectly rejecting all snapshots --
including Raft snapshots. This meant that the replicas on those draining nodes
that needed Raft snapshots to catch up would never be able to do so. This
could've lead to tacit unavailability where, even in cases where all the
replicas are live, if a majority is on draining nodes, the range would be
stalled.

Discovered in cockroachlabs/support#1459

Release justification: bug fix

Release note (bug fix): Previously, draining nodes in a cluster without
shutting them down could stall foreground traffic in the cluster. This patch
fixes this bug.

@cockroach-teamcity
Copy link
Copy Markdown
Member

cockroach-teamcity commented Mar 1, 2022

This change is Reviewable

@aayushshah15 aayushshah15 force-pushed the 20220301_dontRejectRaftSnapshotsOnDrainingNodes branch from d57a903 to c7905fd Compare March 1, 2022 22:08
@aayushshah15 aayushshah15 marked this pull request as ready for review March 1, 2022 22:09
@aayushshah15 aayushshah15 requested a review from a team as a code owner March 1, 2022 22:09
@aayushshah15 aayushshah15 requested a review from nvb March 1, 2022 22:09
@aayushshah15 aayushshah15 force-pushed the 20220301_dontRejectRaftSnapshotsOnDrainingNodes branch from c7905fd to d0d0211 Compare March 1, 2022 22:11
@aayushshah15 aayushshah15 force-pushed the 20220301_dontRejectRaftSnapshotsOnDrainingNodes branch 2 times, most recently from b064770 to b3d9f0d Compare March 1, 2022 23:12
nvb
nvb approved these changes Mar 3, 2022
View reviewed changes
Copy link
Copy Markdown
Contributor

@nvb nvb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:lgtm:

Reviewed 3 of 3 files at r1, all commit messages.
Reviewable status: :shipit: complete! 1 of 0 LGTMs obtained (waiting on @aayushshah15)

pkg/kv/kvserver/store_snapshot.go, line 601 at r1 (raw file):

	ctx context.Context, header *kvserverpb.SnapshotRequest_Header, stream incomingSnapshotStream,
) error {
	// Draining nodes will generally not be rebalanced to (see the filtering that

Should we unify this with the shouldDeclineSnapshot logic we plan to add in #73720? In other words, should we add the method in the first PR we land and add a new case to the method in the second one?

pkg/kv/kvserver/store_snapshot.go, line 614 at r1 (raw file):

			// Ensure that if any new snapshot types are ever added, their behavior on
			// draining receivers will need to be explicitly defined.
			log.Fatalf(ctx, "unrecognized snapshot type: %v", t)

This feels like a decision we could come to regret. It means that it will take at least an entire release to migrate in a new form of snapshot. We can't predict what a new form of snapshot will look like or what policy we'll want to apply to it, but this feels like it can only hurt. Worse, since this is guarded by IsDraining we might not even catch this until it crashes a customer's cluster.

Given that rejecting rebalance snapshots on a draining node is an optimization but not doing so for raft snapshots is a bug, I think we should allow the snapshot through unless you see a reason why it would be better to reject.

@aayushshah15 aayushshah15 force-pushed the 20220301_dontRejectRaftSnapshotsOnDrainingNodes branch from b3d9f0d to 858cefc Compare March 3, 2022 23:25
aayushshah15
aayushshah15 commented Mar 3, 2022
View reviewed changes
Copy link
Copy Markdown
Contributor Author

@aayushshah15 aayushshah15 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TFTR

bors r+

Reviewable status: :shipit: complete! 0 of 0 LGTMs obtained (and 1 stale) (waiting on @nvanbenschoten)

pkg/kv/kvserver/store_snapshot.go, line 601 at r1 (raw file):

Previously, nvanbenschoten (Nathan VanBenschoten) wrote…

Should we unify this with the shouldDeclineSnapshot logic we plan to add in #73720? In other words, should we add the method in the first PR we land and add a new case to the method in the second one?

Yep, I'll rebase #73720 over master and just do it in that PR. This is because we're definitely backporting this but I'm not sure if we're so emphatic about backporting #73720.

pkg/kv/kvserver/store_snapshot.go, line 614 at r1 (raw file):

Previously, nvanbenschoten (Nathan VanBenschoten) wrote…

This feels like a decision we could come to regret. It means that it will take at least an entire release to migrate in a new form of snapshot. We can't predict what a new form of snapshot will look like or what policy we'll want to apply to it, but this feels like it can only hurt. Worse, since this is guarded by IsDraining we might not even catch this until it crashes a customer's cluster.

Given that rejecting rebalance snapshots on a draining node is an optimization but not doing so for raft snapshots is a bug, I think we should allow the snapshot through unless you see a reason why it would be better to reject.

I hadn't considered the ease of introducing a new snapshot type and what you're saying makes sense. Done.

@aayushshah15
Copy link
Copy Markdown
Contributor Author

aayushshah15 commented Mar 4, 2022

bors r-

@craig
Copy link
Copy Markdown
Contributor

craig bot commented Mar 4, 2022

Canceled.

@aayushshah15 aayushshah15 force-pushed the 20220301_dontRejectRaftSnapshotsOnDrainingNodes branch 3 times, most recently from e802064 to 9952b3f Compare March 4, 2022 01:21
aayushshah15
aayushshah15 commented Mar 4, 2022
View reviewed changes
Copy link
Copy Markdown
Contributor Author

@aayushshah15 aayushshah15 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've made a small change to this patch. I'm now using the snapshot Priority instead of using the Type. The difference is that we're now allowing rebalancing snapshots that are sent for recovery purposes in addition to Raft snapshots. See my TODO. I'll wait until you take another look at this @nvanbenschoten.

Reviewable status: :shipit: complete! 0 of 0 LGTMs obtained (and 1 stale) (waiting on @nvanbenschoten)

@aayushshah15 aayushshah15 force-pushed the 20220301_dontRejectRaftSnapshotsOnDrainingNodes branch from 9952b3f to 40fb915 Compare March 4, 2022 01:28
@aayushshah15
kvserver: don't reject raft snapshots on draining nodes
f9a8602 
Previously, draining nodes were incorrectly rejecting all snapshots --
including Raft snapshots. This meant that the replicas on those draining nodes
that needed Raft snapshots to catch up would never be able to do so. This
could've lead to tacit unavailability where, even in cases where all the
replicas are live, if a majority is on draining nodes, the range would be
stalled.

Discovered in https://github.com/cockroachlabs/support/issues/1459

Release justification: bug fix

Release note (bug fix): Previously, draining nodes in a cluster without
shutting them down could stall foreground traffic in the cluster. This patch
fixes this bug.
@aayushshah15 aayushshah15 force-pushed the 20220301_dontRejectRaftSnapshotsOnDrainingNodes branch from 40fb915 to f9a8602 Compare March 4, 2022 01:29
@aayushshah15 aayushshah15 mentioned this pull request Mar 7, 2022
Open
@blathers-crl blathers-crl bot added the T-kv KV Team label Mar 7, 2022
nvb
nvb approved these changes Mar 7, 2022
View reviewed changes
Copy link
Copy Markdown
Contributor

@nvb nvb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:lgtm:

Reviewed 3 of 3 files at r3, all commit messages.
Reviewable status: :shipit: complete! 1 of 0 LGTMs obtained (waiting on @aayushshah15)

@aayushshah15
Copy link
Copy Markdown
Contributor Author

aayushshah15 commented Mar 7, 2022

bors r+

@craig
Copy link
Copy Markdown
Contributor

craig bot commented Mar 8, 2022

Build succeeded:

@craig craig bot merged commit 98a66b5 into cockroachdb:master Mar 8, 2022
@blathers-crl
Copy link
Copy Markdown

blathers-crl bot commented Mar 8, 2022

Encountered an error creating backports. Some common things that can go wrong:

  1. The backport branch might have already existed.
  2. There was a merge conflict.
  3. The backport branch contained merge commits.

You might need to create your backport manually using the backport tool.

error creating backport branch refs/heads/blathers/backport-release-21.1-77246: POST https://api.github.com/repos/cockroachlabs/cockroach/git/refs: 403 Resource not accessible by integration []

Backport to branch 21.1.x failed. See errors above.

error creating backport branch refs/heads/blathers/backport-release-21.2-77246: POST https://api.github.com/repos/cockroachlabs/cockroach/git/refs: 403 Resource not accessible by integration []

Backport to branch 21.2.x failed. See errors above.

🦉 Hoot! I am a Blathers, a bot for CockroachDB. My owner is otan.

@aayushshah15 aayushshah15 mentioned this pull request Mar 8, 2022
Merged
@aayushshah15 aayushshah15 mentioned this pull request Mar 8, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@nvb nvb nvb approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

T-kv KV Team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@aayushshah15 @cockroach-teamcity @nvb