Skip to content

Fail replica shards locally upon failures#5847

Closed
bleskes wants to merge 2 commits intoelastic:masterfrom
bleskes:enhance/local_fail_shard
Closed

Fail replica shards locally upon failures#5847
bleskes wants to merge 2 commits intoelastic:masterfrom
bleskes:enhance/local_fail_shard

Conversation

@bleskes
Copy link
Copy Markdown
Contributor

@bleskes bleskes commented Apr 17, 2014

When a replication operation (index/delete/update) fails to be executed properly, we fail the replica and allow master to allocate a new copy of it. At the moment, the node hosting the primary shard is responsible of notifying the master of a failed replica. However, if the replica shard is initializing (POST_RECOVERY state), we have a racing condition between the failed shard message and moving the shard into the STARTED state. If the latter happen first, master will fail to resolve the fail shard message.

This PR builds on #5800 and fails the engine of the replica shard if a replication operation fails. This protects us against the above as the shard will reject the STARTED command from master. It also makes us more resilient to other racing conditions in this area.

@bleskes
Fail replica shards locally upon failures
2875dd4 
When a replication operation (index/delete/update) fails to be executed properly, we fail the replica and allow master to allocate a new copy of it. At the moment, the node hosting the primary shard is responsible of notifying the master of a failed replica. However, if the replica shard is initializing (`POST_RECOVERY` state), we have a racing condition between the failed shard message and moving the shard into the `STARTED` state. If the latter happen first, master will fail to resolve the fail shard message.

This PR builds on elastic#5800 and fails the engine of the replica shard if a replication operation fails. This protects us against the above as the shard will reject the `STARTED` command from master. It also makes us more resilient to other racing conditions in this area.
kimchy
kimchy reviewed Apr 17, 2014
View reviewed changes
...a/org/elasticsearch/action/support/replication/TransportShardReplicationOperationAction.java Outdated
Copy link
Copy Markdown
Member

@kimchy kimchy Apr 17, 2014

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we end up double logging warnings, no? The first here, and the second when failing the engine. I think its enough to log a warning when failing the engine later.

Copy link
Copy Markdown
Contributor

@s1monw s1monw Apr 17, 2014

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tend to agree but I think we should log that we executed this as debug?

@s1monw
Copy link
Copy Markdown
Contributor

s1monw commented Apr 17, 2014

one small comments but otherwise LGTM

@bleskes
Copy link
Copy Markdown
Contributor Author

bleskes commented Apr 18, 2014

I pushed another commit with the log message removed. I adapted the reason (which is logged by the shard failure) to include the information that was missing. I decided in the end not to add a debug logging as there is no logic and hardly any code between here and where we log it. If anyone feels strongly about it, I'll happily add it.

@s1monw
Copy link
Copy Markdown
Contributor

s1monw commented Apr 18, 2014

LGTM

@bleskes bleskes closed this in 12bbe28 Apr 18, 2014
bleskes added a commit that referenced this pull request Apr 18, 2014
@bleskes
Fail replica shards locally upon failures
aba52cc 
When a replication operation (index/delete/update) fails to be executed properly, we fail the replica and allow master to allocate a new copy of it. At the moment, the node hosting the primary shard is responsible of notifying the master of a failed replica. However, if the replica shard is initializing (`POST_RECOVERY` state), we have a racing condition between the failed shard message and moving the shard into the `STARTED` state. If the latter happen first, master will fail to resolve the fail shard message.

This commit builds on #5800 and fails the engine of the replica shard if a replication operation fails. This protects us against the above as the shard will reject the `STARTED` command from master. It also makes us more resilient to other racing conditions in this area.

Closes #5847
@bleskes
Copy link
Copy Markdown
Contributor Author

bleskes commented Apr 18, 2014

thx @s1monw @kimchy . pushed.

@bleskes bleskes deleted the enhance/local_fail_shard branch April 18, 2014 17:01
@clintongormley clintongormley added the :Distributed/Recovery Anything around constructing a new shard, either from a local or a remote source. label Jun 7, 2015
@bleskes bleskes mentioned this pull request Mar 13, 2016
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

:Distributed/Recovery Anything around constructing a new shard, either from a local or a remote source. >enhancement v1.2.0 v2.0.0-beta1

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@bleskes @s1monw @kimchy @clintongormley