Feature/delete sensor

[guy-har]

No description provided.

[github-actions]

E2E Test Results - DynamoDB Local - Local Block Adapter

[arielshaqed]

Thanks!

Fairly minor but important changes requested.

[arielshaqed]

I don't know what this parameter does. Can you document it, or perhaps add units (does num_deletes_to_trigger_delete_sensor make sense?), or change the name?

[arielshaqed]

Please document this function. Why do we need it? Go doesn't need a string key to index a map, so if it's just for that -- you can use a struct of strings as a map key and it will work.

[arielshaqed]

Every task should probably have its own context. For instance, that allows logs to carry a request ID.

[guy-har]

Thanks! looks like leftovers, it isn't used

[arielshaqed]

Not sure why not

Suggested change

	mutex: &sync.RWMutex{},
	mutex: &sync.Mutex{},

[arielshaqed]

Please document the key.

[guy-har]

Changed to map[RepositoryID]map[BranchID]*StagingTokenCounter. Please comment again if you still think documentation is needed

[arielshaqed]

Why drop the count of the sealed token? Its entries will still need to be skipped.

I think that the assumption here is that if the token was sealed then a commit is in progress, meaning we will soon be rid of those entries. But then please document this decision -- we may have other reasons to seal in future.

[guy-har]

This was done to:

1. Avoid the need for exposing a reset method and calling across the code (for now)
2. An "easy" way to reset cross lakeFS instances when a commit or compaction is done.

It isn't the best way and has many downsides, but I think it will do for the log implementation, and will give us valid information for how we would like to go on

Adding documentation

[itaiad200]

You might have a weird order of staging token for a branch, a transition of staging tokens might look like:
st1,st1,st1,st2,st1,st2,st2,st2. How will this effect the sensor logic?

[arielshaqed]

I'm fine with opening an issue to refactor this and revisit at a later date.

At such a later date, I would probably try to fill out this sketch: Keep a sync.Map of branch or staging token triggers (I'm fine with either, because we don't care about losing a few counts -- in any case if we need to compact more than once a second, then we need to do something better than compaction!). Whenever we have to, atomically increment the counter on the trigger. If the count-after-increment is (exactly) 1000:

• If we count per branch, atomically decrement it by 1000 and trigger compaction or whatever.
• If we count per staging token, atomically replace the staging token trigger, and we're happy to lose the excess counts!

[arielshaqed]

Suggested change

	if stCounter.Counter >= s.triggerAt-1 {
	if stCounter.Counter >= s.triggerAt-1 {

This is odd. If triggerAt is 2, I would not expect the sensor to fire at the first deletion.

[guy-har]

It won't, but I agree it makes the code unclear, did this to avoid another if.
Changed

[arielshaqed]

Probably worth logging if stop() timed out and returned: there may be errors during shutdown, and they will be less scary and easier to understand if Close() explains what happens.

[arielshaqed]

?

[guy-har]

removed, it's closed later

[arielshaqed]

Please add a godoc. Especially the "notify" bit :-)

[arielshaqed]

Moar comments about stopping.

[arielshaqed]

This doesn't run very often: it means that stopping the program has to wait for a delete before the sensor stops running, so Close will often wait and then time out!

[arielshaqed]

This is racy and slow. Consider just closing thye callbacks chan to stop.

[N-o-Z]

Thanks,

Not blocking as to not delay you but please note the comments

[N-o-Z]

I don't think this is a good name :)
Consider CompactionSensorThreashold or DeleteSensorThreashold

Suggested change

	NumDeletesToTriggerDeleteSensor int `mapstructure:"num_deletes_to_trigger_delete_sensor"`
	CompactionSensorThreashold int `mapstructure:"compaction_sensor_threshold"`

[N-o-Z]

We should have a minimal value for it, otherwise we might risk damaging performance instead of improving it.
We can set it now for an arbitrary value (1000) and tune it once the compaction mechanism is in place.

[guy-har]

I'm not sure what value we get from protecting with a minimum number. If for some reason (e.g. we add more lakeFS instances) we decide to use a smaller number, why would we want to be blocked by an arbitrary value?

[N-o-Z]

Suggested change

	// Reset the counter if the staging token has changed, under the assumption that staging tokens are updated only during sealing processes, which occur following a commit or compaction.
	// Reset the counter if the staging token has changed, under the assumption that staging tokens are updated only during sealing processes, which occur following a failed commit or compaction.

[guy-har]

why failed?

[N-o-Z]

Sealed tokens are created only on a failed commit. On a successful commit the tokens are cleared. So either "during a commit" or "following a failed commit"

[guy-har]

during a commit makes sense to me, changing

[N-o-Z]

Please add documentation to all the structs

[N-o-Z]

We should consider what kind of experiment we're trying to do here. What would we like to see, how will it change our assumptions.
As part of this we should also consider the visibility of the data. Is logging enough? Do we want to add this to the statistics?
These are all questions, no concrete action requested.

[guy-har]

Currently leaving with logs, I'm not expecting too much, and it's enough to get the information. Probably not as good as metrics, I prefer leaving it for later, and adding it if we see it's needed.

[N-o-Z]

I think this is a potential major bottleneck.
The call to CountDelete is synchronous and using a lock for triggerTombstone could cause lowered performance on delete load.
I would expect the request to go into some channel which will handle the triggerTombstone asynchronously (or at least this block).

[guy-har]

How can that happen? it only updates a structure, there are some cases it will update a channel, but even in that case it will not wait.

[guy-har]

Thought about using channels at first, the two downsides were

1. If a channel is full, I need to throw the trigger away (or block, which is unacceptable)
2. It's slower with channels

[N-o-Z]

This causes adding tombstones to be unavoidably serialized, since all of them have to go via this method. And if I'm not mistaken, this is true for the lakeFS server context, not just for a specific branch or repository

[arielshaqed]

I fear @N-o-Z is right, which is both expected and unfortunate. I dug into AWS smithy and clients are not serialized per host, you could get multiple clients to the same DynamoDB server. So without this code deletes are not serialized.

However, this is actually not a particularly expensive piece of code, especially in all the cases where it does not enqueue an event. I suggest that we remain aware of it, profile it under load, and if necessary replace this map with a sync.Map. That has a method LoadOrStore, which would probably do a lot of what we need here. At worst we would need to get a bit sloppy with the count :-/

So I would like us to agree to open an issue to profile this and replace with sync.Map.

[N-o-Z]

Suggestion: Use BranchRecord instead

[N-o-Z]

BranchRecord

[itaiad200]

I believe all related logs should be Debug

Suggested change

	logging.FromContext(ctx).WithFields(logging.Fields{"repositoryID": st.repositoryID, "branchID": st.branchID, "stagingTokenID": st.stagingTokenID}).Info("delete sensor callback channel is full, dropping delete event")
	logging.FromContext(ctx).WithFields(logging.Fields{"repositoryID": st.repositoryID, "branchID": st.branchID, "stagingTokenID": st.stagingTokenID}).Debug("Delete sensor callback channel is full, dropping delete event")

[guy-har]

But we want to get this log, this is basically logging, if there was compaction, I would do it now.

[arielshaqed]

I agree with @guy-har that it's an interesting log, so 👍🏽 .

But...

if the chan is full, clearly there are too many deletes -- and we start spamming logs. Not sure we can do this without some antiflooding, and I cannot find a package to do this. Let's go with Debug and open a "good first issue"; anyone can pick it up later, it should be 1-2 days' work?

[itaiad200]

You might have a weird order of staging token for a branch, a transition of staging tokens might look like:
st1,st1,st1,st2,st1,st2,st2,st2. How will this effect the sensor logic?

[itaiad200]

Do you want to log something before the swap?

[itaiad200]

Suggested change

	}).Info("delete sensor callback")
	}).Info("Delete sensor callback")

[N-o-Z]

Thanks for addressing the comments. I have only one concern which I think we have to fix before this could be merged

[N-o-Z]

This causes adding tombstones to be unavoidably serialized, since all of them have to go via this method. And if I'm not mistaken, this is true for the lakeFS server context, not just for a specific branch or repository

[arielshaqed]

I would like to open issues and defer on most of the remaining issues.

I do want us to use a struct as a map key.¹ This is always easier to read and more efficient IME. And it will make it more clear that we can move to sync.Map if there are performance issues.

Footnotes

1. This is non-blocking, because I accept that right now this is a matter of taste. ↩

[arielshaqed]

Please add a godoc. It should say that e.g.

if inGrace, lakeFS is terminating and the callback should return ASAP.

Alternatively, remove this parameter entirely and just log.Info() instead of calling the callback when inGrace.

[arielshaqed]

This seems less useful than

Suggested change

	branchTombstoneCounter map[RepositoryID]map[BranchID]*StagingTokenCounter
	branchTombstoneCounter map[RepositoryBranch]*StagingTokenCounter

where

type RepositoryBranch struct {
  RepositoryID RepositoryID
  BranchID BranchID
}

[arielshaqed]

I fear @N-o-Z is right, which is both expected and unfortunate. I dug into AWS smithy and clients are not serialized per host, you could get multiple clients to the same DynamoDB server. So without this code deletes are not serialized.

However, this is actually not a particularly expensive piece of code, especially in all the cases where it does not enqueue an event. I suggest that we remain aware of it, profile it under load, and if necessary replace this map with a sync.Map. That has a method LoadOrStore, which would probably do a lot of what we need here. At worst we would need to get a bit sloppy with the count :-/

So I would like us to agree to open an issue to profile this and replace with sync.Map.

[arielshaqed]

I'm fine with opening an issue to refactor this and revisit at a later date.

At such a later date, I would probably try to fill out this sketch: Keep a sync.Map of branch or staging token triggers (I'm fine with either, because we don't care about losing a few counts -- in any case if we need to compact more than once a second, then we need to do something better than compaction!). Whenever we have to, atomically increment the counter on the trigger. If the count-after-increment is (exactly) 1000:

• If we count per branch, atomically decrement it by 1000 and trigger compaction or whatever.
• If we count per staging token, atomically replace the staging token trigger, and we're happy to lose the excess counts!

[arielshaqed]

I agree with @guy-har that it's an interesting log, so 👍🏽 .

But...

if the chan is full, clearly there are too many deletes -- and we start spamming logs. Not sure we can do this without some antiflooding, and I cannot find a package to do this. Let's go with Debug and open a "good first issue"; anyone can pick it up later, it should be 1-2 days' work?

[github-actions]

♻️ PR Preview b8ceda5 has been successfully destroyed since this PR has been closed.

_{🤖 By surge-preview}

[guy-har]

@N-o-Z @arielshaqed , I am adding here some information
I've added a lakectl abuse command for random deletes (doesn't have to be random, but I don't think it matters that much)

I ran it:

• on a local lakeFS instance configured with local
• on a repo with 5000 objects
• 100 go routines
• delete 4000 objects

running with and without the sensor, resulted the same

completed: 4000, errors: 0, current rate: 14324.46 done/second

Histogram (ms):
1	0
2	0
5	369
7	3817
10	3900
15	4000
25	4000
50	4000
75	4000
100	4000
250	4000
350	4000
500	4000
750	4000
1000	4000
5000	4000
min	4
max	15
total	4000

Pushed it a bit by setting the callback channel to 1 and setting the callback with a 1 second sleep

completed: 4000, errors: 0, current rate: 13858.10 done/second
Histogram (ms):  
1 0  
2 0  
5 141  
7 3480  
10 3913  
15 4000  
25 4000  
50 4000  
75 4000  
100 4000  
250 4000  
350 4000  
500 4000  
750 4000  
1000 4000  
5000 4000  
min 5  
max 15  
total 4000

Same as above but without the log when the channel is full (looks the same as the first)

completed: 4000, errors: 0, current rate: 14355.29 done/second
Histogram (ms):  
1 0  
2 0  
5 289  
7 3850  
10 3923  
15 4000  
25 4000  
50 4000  
75 4000  
100 4000  
250 4000  
350 4000  
500 4000  
750 4000  
1000 4000  
5000 4000  
min 4  
max 13  
total 4000

[arielshaqed]

@N-o-Z @arielshaqed , I am adding here some information I've added a lakectl abuse command for random deletes (doesn't have to be random, but I don't think it matters that much)

Thanks, I think that there is no difference between any of the versions that you showed.

[N-o-Z]

I'm convinced 😃
Thanks!!