fix: retry ABORTED writes in bulkCommit

[thebrianchen]

With throttling enabled in the current state (no retries on backend), this implementation successfully gets all ABORTED writes to eventually succeed.

[codecov]

Codecov Report

Merging #1222 into node10 will decrease coverage by 0.00%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##           node10    #1222      +/-   ##
==========================================
- Coverage   98.42%   98.42%   -0.01%     
==========================================
  Files          30       30              
  Lines       18539    18626      +87     
  Branches     1425     1437      +12     
==========================================
+ Hits        18247    18332      +85     
- Misses        289      291       +2     
  Partials        3        3              

Impacted Files	Coverage Δ
dev/src/bulk-writer.ts	98.70% <100.00%> (-0.16%)	⬇️
dev/src/write-batch.ts	100.00% <100.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 97fdb5f...f5a3e38. Read the comment docs.

[schmidt-sebastian]

I was hoping we could just extract a new BulkCommitBatch and send it off using the existing bulkCommit(). Is that feasible?

[thebrianchen]

I played around with it. Switching it to a recursive bulkCommit() call adds a layer of complexity that the while loop implementation doesn't have. The only repeat code that using bulkCommit() saves is the call to make the request -- the rest of the reduce/mapping code still needs to be there. Am I missing something here?

[schmidt-sebastian]

I am wondering if maybe this is the wrong layer - what would this look like if we made this change at the callsite to bulkCommit()? We could still have a single while loop, but it would encapsulate both sending the initial batch as well the retry. I threw this together in this Gist: https://gist.github.com/schmidt-sebastian/abbedb8412976166fe23ef3d323d613b

There is some major code smell in this proposal as we need to somehow extract the failed writes from a completed WriteBatch. We need to find a clean way to do this. I am beginning to think more and more that re-using the WriteBatch wasn't the right decision - after all, we don't actually use much of the Batch functionality, we mainly just use it to parse input, and maybe we could just have a couple of shared helper functions/a shared helper class that does this.

You will probably think that it is probably not worth changing all of this to make the code read a bit nicer. I am mostly with you on that, but I do think that we should try to mark the writes that do succeed as successful right away. I don't I believe we can get that to work if WriteBatch.bulkCommit() retries under the hood and blocks.

A customer could rightfully expect that we signal a successful write immediately It brings down the perceived latency of the WriteBatch endpoint and explains why a document shows up in the console or via other listeners. The only reason to artificially delay resolving the individual write Promise is the structure of our code, but we should keep in mind that are setting an example here for 5 more implementations. We should invest the effort to get this right.

I personally need to do a lot more thinking here to come up with a clean design that is easy to implement (even if it ends up being a large refactor, it should ideally be something that the IDE can do for the most part).

[schmidt-sebastian]

This change needs to be made here: https://source.corp.google.com/piper///depot/google3/google/firestore/v1/firestore_grpc_service_config.json and then propagated via our Open Source tooling.

[thebrianchen]

done.

[schmidt-sebastian]

It still seems missing?

[thebrianchen]

update: in cl/318124350.

[schmidt-sebastian]

I am wondering if maybe this is the wrong layer - what would this look like if we made this change at the callsite to bulkCommit()? We could still have a single while loop, but it would encapsulate both sending the initial batch as well the retry. I threw this together in this Gist: https://gist.github.com/schmidt-sebastian/abbedb8412976166fe23ef3d323d613b

There is some major code smell in this proposal as we need to somehow extract the failed writes from a completed WriteBatch. We need to find a clean way to do this. I am beginning to think more and more that re-using the WriteBatch wasn't the right decision - after all, we don't actually use much of the Batch functionality, we mainly just use it to parse input, and maybe we could just have a couple of shared helper functions/a shared helper class that does this.

You will probably think that it is probably not worth changing all of this to make the code read a bit nicer. I am mostly with you on that, but I do think that we should try to mark the writes that do succeed as successful right away. I don't I believe we can get that to work if WriteBatch.bulkCommit() retries under the hood and blocks.

A customer could rightfully expect that we signal a successful write immediately It brings down the perceived latency of the WriteBatch endpoint and explains why a document shows up in the console or via other listeners. The only reason to artificially delay resolving the individual write Promise is the structure of our code, but we should keep in mind that are setting an example here for 5 more implementations. We should invest the effort to get this right.

I personally need to do a lot more thinking here to come up with a clean design that is easy to implement (even if it ends up being a large refactor, it should ideally be something that the IDE can do for the most part).

[thebrianchen]

Made a pass at moving the retry handling to BulkWriter. One part of complexity that I wish I could remove is mapping the subsequent batch retries back to the original index on resultsMap.

[schmidt-sebastian]

Back to Brian to see if we can use the document path for index tracking.

[schmidt-sebastian]

Thanks for the update!

[schmidt-sebastian]

We need to reject the result here if the write fails with an error that is not retryable.

[thebrianchen]

done. Used your proposed simplification code.

[schmidt-sebastian]

Can we combine the different error handling code paths here?

Something like:

    if (error) {
      results = Array.from({length:this.opCount}, () => { status: { code: error.code }})
    } 
    
    for (let i = 0; i < results.length; i++) {
      const writeResult = results[i];
      if (ok) {
        const originalIndex = originalIndexMap.get(i)!;
        this.resultsMap.get(originalIndex)!.resolve(results[i]);
      } else if (this.shouldRetry(writeResult.status.code)
        indexesToRetry.push(i);
      } else {
         reject;
      }
    }
    
    if (indexesToRetry.length === 0) {
      this.completedDeferred.resolve();
    }
    
    return indexesToRetry;

[thebrianchen]

WOW, this is some poetic refactoring right here 🔥 🔥 🔥

[schmidt-sebastian]

Can we rewrite this so that processResults doesn't take originalIndexMap? It seems like we could apply the retryIndexes indexes in this function. I haven't played with this, but I wonder if this would lead to a simplification.

[thebrianchen]

It's possible to not pass in originalIndexMap to processResults -- the successful results are located at the indexes not in retryIndexes. From there we could resolve/reject the individual promises and reject the rest.

However, the main issue is that the resultsMaps resolution logic would have to live in bulkCommit(), which then means that processResults() would become findRetryableIndexes(). From there, it would make more sense to have all the logic in bulkCommit, which would make the method much longer.

With the new refactor, using originalIndexMap in processResults seems a lot cleaner. WDYT?

[schmidt-sebastian]

Nit: Move this out of the try/catch block.

[thebrianchen]

done.

[schmidt-sebastian]

It still seems missing?

[schmidt-sebastian]

The Array slice() method returns a copy, which I think would be preferably here as well. Can we update this to create a new WriteBatch that is marked '_committed=false`? The reason I am asking is that I would ideally not expose a method that mocks with the internals of a WriteBatch, as the potential for future misuse is high.

[thebrianchen]

Good point. I did not consider the future potential misuse part.

[schmidt-sebastian]

s/retry/attempt

[thebrianchen]

done.

[schmidt-sebastian]

Is it possible to make these two tests more distinguishable?

Something like:

retries batchWrite when single operation fails vs retries batchWrite when entire RPC fails.

Furthermore, should we test what happens when we have both non-rertyable and retryable writes?

[thebrianchen]

Changed names. Also added a non-retryable error to the test for ABORTED retries.

[thebrianchen]

Still waiting on the google3 changes to be approved.

[thebrianchen]

done. Used your proposed simplification code.

[thebrianchen]

done.

[thebrianchen]

WOW, this is some poetic refactoring right here 🔥 🔥 🔥

[thebrianchen]

Good point. I did not consider the future potential misuse part.

[thebrianchen]

Changed names. Also added a non-retryable error to the test for ABORTED retries.

[thebrianchen]

done.

[thebrianchen]

It's possible to not pass in originalIndexMap to processResults -- the successful results are located at the indexes not in retryIndexes. From there we could resolve/reject the individual promises and reject the rest.

However, the main issue is that the resultsMaps resolution logic would have to live in bulkCommit(), which then means that processResults() would become findRetryableIndexes(). From there, it would make more sense to have all the logic in bulkCommit, which would make the method much longer.

With the new refactor, using originalIndexMap in processResults seems a lot cleaner. WDYT?

[thebrianchen]

update: in cl/318124350.

[thebrianchen]

Moved to #1243 in order to merge against master.