-
Notifications
You must be signed in to change notification settings - Fork 596
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix stepping down on timeout #24590
Fix stepping down on timeout #24590
Conversation
717a5fa
to
c321e29
Compare
Retry command for Build#59862please wait until all jobs are finished before running the slash command
|
CI test resultstest results on build#59862test results on build#59902
test results on build#59984
|
c321e29
to
e203f89
Compare
Retry command for Build#59902please wait until all jobs are finished before running the slash command
|
e203f89
to
592fc64
Compare
Retry command for Build#59984please wait until all jobs are finished before running the slash command
|
@@ -489,6 +490,8 @@ ss::future<> raft_node_instance::stop() { | |||
vlog(_logger.debug, "stopping protocol"); | |||
co_await _buffered_protocol->stop(); | |||
co_await _protocol->stop(); | |||
// release f_log pointer before stopping raft |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Any reason we do it before? It should not matter, as it's a shared pointer, so the underlying object will only die when _raft
is gone.
Same question for stopping log before deleting raft, but it's out of scope of this PR.
The `raft::reply_result::follower_busy` is indicating that the follower was unable to process the heartbeat fast enough to generate a response. Renaming the reply from `timeout` will make it less confusing for the reader and differentiate the error code from an RPC timeout. Signed-off-by: Michał Maślanka <[email protected]>
Signed-off-by: Michał Maślanka <[email protected]>
Wired raft RPC service handler into Raft fixture to make the tests more accurate and cover the service code with tests. Signed-off-by: Michał Maślanka <[email protected]>
Propagating timeout to the node sending RPC request is crucial for accurate testing of Raft implementation. Signed-off-by: Michał Maślanka <[email protected]>
Added a wrapper around the `storage::log` allowing us to inject storage layer failures in Raft fixture tests. Signed-off-by: Michał Maślanka <[email protected]>
When follower is busy it may fail fast processing full heartbeat requests sent by the leader. In this case a follower RPC handler sets the `follower_busy` result in heartbeat_reply. Leader should still treat a follower replica as online in this case. The replica hosting node must be online to reply with the `follower_busy` error. This way we prevent to eager leader step downs when follower replicas are slow. Signed-off-by: Michał Maślanka <[email protected]>
Signed-off-by: Michał Maślanka <[email protected]>
592fc64
to
67e7c6e
Compare
Right, and I just to clarify, it is not exactly that the leader should treat the follower as "online" for the purposes of how it interacts with the follower (e.g., decisions about whether to send it rpc payloads), but that it should not consider itself isolated from that follower when making step down decisions, right? |
@@ -32,7 +32,7 @@ enum class reply_result : uint8_t { | |||
success, | |||
failure, | |||
group_unavailable, | |||
timeout | |||
follower_busy |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I a bit confused, is the timeout case no longer possible?
Don't we have two cases at least: follow replies immediately with "busy", and also follower never replies?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I see, I guess the timeout case never ends using the reply_result
, it will be handled in a different path: these codes are only for cases where an RPC was actually received, right?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
exactly
/backport v24.3.x |
/backport v24.2.x |
Failed to create a backport PR to v24.2.x branch. I tried:
|
Failed to create a backport PR to v24.3.x branch. I tried:
|
When follower is busy it may fail fast processing full heartbeat
requests sent by the leader. In this case a follower RPC handler sets
the
follower_busy
result in heartbeat_reply. Leader should still treata follower replica as online in this case. The replica hosting node must
be online to reply with the
follower_busy
error.This way we prevent to eager leader step downs when follower replicas
are slow.
Backports Required
Release Notes
Improvements