Skip to content

Fix issue where node promotion could fail #47854

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
thaJeztah merged 1 commit into from
May 23, 2024
Merged

Fix issue where node promotion could fail #47854

thaJeztah merged 1 commit into from
May 23, 2024

Conversation

@dperny
Copy link
Contributor

@dperny dperny commented May 23, 2024
edited by neersighted
Loading

- What I did

Fix a minor race condition that could cause a node promotion to fail if it happened right after another node was demoted.

- How I did it

If a node is promoted right after another node is demoted, there exists the possibility of a race, by which the newly promoted manager attempts to connect to the newly demoted manager for its initial Raft membership. This connection fails, and the whole swarm Node object exits.

At this point, the daemon nodeRunner sees the exit and restarts the Node.

However, if the address of the no-longer-manager is recorded in the nodeRunner's config.joinAddr, the Node again attempts to connect to the no-longer-manager, and crashes again. This repeats. The workaround is to remove the node entirely and rejoin the Swarm as a new node.

This change erases config.joinAddr from the restart of the nodeRunner, if the node has previously become Ready. The node becoming Ready indicates that at some point, it did successfully join the cluster, in some fashion. If it has successfully joined the cluster, then Swarm has its own persistent record of known manager addresses.

If no joinAddr is provided, then Swarm will choose from its persisted list of managers to join, and will join a functioning manager.

- How to verify it

I'm unsure where we would stick an integration test, and the implementation thereof would probably be a nightmare.

To verify manually:

  1. Create a cluster with 3 Manager nodes.
  2. Add a worker node. This we will call "The Worker". Note which node the IP of the join command will send the worker to. This we will call "The Target"
  3. On a node that is not The Target, run the command docker node demote [The Target's node id] && sleep 0.1 && docker node promote [The Worker's node id].
  4. Without this patch, the promotion will fail. The node will get stuck. With this patch, the promotion will succeed.

- Description for the changelog

* Fixed an issue where rapidly promoting a node after another node was demoted could cause the promoted node to fail its promotion.

@dperny
Fix issue where node promotion could fail
16e5c41 
If a node is promoted right after another node is demoted, there exists
the possibility of a race, by which the newly promoted manager attempts
to connect to the newly demoted manager for its initial Raft membership.
This connection fails, and the whole swarm Node object exits.

At this point, the daemon nodeRunner sees the exit and restarts the
Node.

However, if the address of the no-longer-manager is recorded in the
nodeRunner's config.joinAddr, the Node again attempts to connect to the
no-longer-manager, and crashes again. This repeats. The solution is to
remove the node entirely and rejoin the Swarm as a new node.

This change erases config.joinAddr from the restart of the nodeRunner,
if the node has previously become Ready. The node becoming Ready
indicates that at some point, it did successfully join the cluster, in
some fashion. If it has successfully joined the cluster, then Swarm has
its own persistent record of known manager addresses. If no joinAddr is
provided, then Swarm will choose from its persisted list of managers to
join, and will join a functioning manager.

Signed-off-by: Drew Erny <derny@mirantis.com>
@thaJeztah thaJeztah added this to the 27.0.0 milestone May 23, 2024
thaJeztah
thaJeztah approved these changes May 23, 2024
View reviewed changes
Copy link
Member

@thaJeztah thaJeztah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@dperny
Copy link
Contributor Author

dperny commented May 23, 2024

Closes #37175.

@thaJeztah thaJeztah merged commit 5cd2e6a into moby:master May 23, 2024
@thaJeztah
Copy link
Member

thaJeztah commented May 23, 2024

And it's merged! Can you open cherry-picks for 23.0, 25.0 and 26.1 branches, @dperny ?

This was referenced May 28, 2024
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@neersighted neersighted neersighted approved these changes

@thaJeztah thaJeztah thaJeztah approved these changes

Assignees

No one assigned

Labels

area/swarm kind/bugfix PR's that fix bugs process/cherry-picked status/2-code-review

Projects

None yet

Milestone

27.0.0

Development

Successfully merging this pull request may close these issues.

Docker node promote failing

3 participants

@dperny @thaJeztah @neersighted