Task level retry and Stage level retry

[mingmwang]

Which issue does this PR close?

Closes #140.

Rationale for this change

What changes are included in this PR?

1. Task level retry,
a) Add task attempt num, use a job level unique task_id to represent the Task
b) Define couple of failure reasons for FailedTask

pub enum FailedReason {
        #[prost(message, tag="4")]
        ExecutionError(super::ExecutionError),
        #[prost(message, tag="5")]
        FetchPartitionError(super::FetchPartitionError),
        #[prost(message, tag="6")]
        IoError(super::IoError),
        #[prost(message, tag="7")]
        ExecutorLost(super::ExecutorLost),
        /// A successful task's result is lost due to executor lost
        #[prost(message, tag="8")]
        ResultLost(super::ResultLost),
        #[prost(message, tag="9")]
        TaskKilled(super::TaskKilled),
    }

c) Reasoning the real task failure reason when return the TaskStatus back to Scheduler
d) Based on the failure reason, scheduler decide to reschedule the task and bump task attempt number of failed task.

2. Stage level retry and shuffle read failure handling
a) Add stage attempt num.
b) When there are shuffle partition fetch failures, the current running stage will be rolled back and the map stages will be resubmit.
c) handling of delayed fetch failure task updates
d) Cancel the running tasks if Scheduler decide to fail the stage/job.

And below two items are not covered in this PR and we may need to revisit the related logic in future:

1. If the plans/expressions in the Stage is not deterministic, need to revisit the resubmit logic.
2. If we have a map stage whose shuffle output can be reused by multiple reduce stages, need to revisit the stage retry logic.

Are there any user-facing changes?

[mingmwang]

@thinkharderdev @andygrove @yahoNanJing
Please help to review my PR.

[mingmwang]

Added 10+ UTs to cover different cases.

[yahoNanJing]

With this PR, the state machine for the stage becomes as follows:

The transitions marked in red are newly added ones to deal with error task recovery.

[yahoNanJing]

For example, one SQL stage graph snapshot is as follows:

                                      Stage 4(Resolved)
                         ↗                                                 ↘
 Stage 1(Successful)                			                        Stage 5(Unresolved)
                         ↘                                                 ↗
           		      Stage 2(Successful)  ->  Stage 3(Running) 

Both of Stage1 and Stage2 has output shuffle data resides on Executor1. Unluckily, the Executor1 gets lost. Then tasks for the running Stage3 will fail due to not able to fetch shuffle data. For this kind of scenario and error, by this PR, the ExecutionGraph will be able to continue running with proper task reset.

1. Firstly, Stage3 will be converted from Running to Unresolved. And Stage3 will ask its dependent Stage2 to rerun related tasks to prepare its input data.
2. Then Stage2 will be converted from Successful to Running. Unluckily, the related rerunning tasks for Stage2 will also fail due to not able to fetch shuffle data. Then Stage2 will be converted from Running to Unresolved and will ask its dependent Stage1 to rerun related tasks to prepare its input data.
3. Then Stage1 will be converted from Successful to Running.
4. Then Stage4 who dependent on Stage1 will be converted from Resolved to Unresolved.

The stage graph snapshot will become as follows:

                                      Stage 4(Unresolved)
                         ↗                                                 ↘
 Stage 1(Running)                			                        Stage 5(Unresolved)
                         ↘                                                 ↗
           		      Stage 2(Unresolved)  ->  Stage 3(Unresolved) 

Once Stage1 finishes successfully, the graph snapshot will become as follows:

                                      Stage 4(Resolved)
                         ↗                                                 ↘
 Stage 1(Successful)                			                        Stage 5(Unresolved)
                         ↘                                                 ↗
           		      Stage 2(Resolved)  ->  Stage 3(Unresolved) 

...

The purpose of introducing task attempt and stage attempt is as follows:

• Stage attempt:
  For a running stage, all of the task status stored should belong to the same stage attempt. The update of task statuses with oldest attempt number will be ignored.
• Task attempt:
  For some errors, like shuffle write IO error, they are retryable. It's feasible to reschedule this task to another executor to have a new attempt running. The attempt number will be reset to 0 if the stage starts a new attempt.

[yahoNanJing]

Here, only failed tasks will be dealt with. Once a running stage converted into an unresolved, it will discard all of its tasks info. Then to update the successful task info is meaningless.

[thinkharderdev]

@mingmwang I'm pretty swamped this week so won't have time to review this until this weekend.

[yahoNanJing]

When this running stage is converted from successful stage, there may be in flight running tasks of the stages depending on this stage. When we find those tasks fails due to fetching data failure, then we also need to reset this running stage. Therefore, here, the reset_running_stages check is necessary.

[yahoNanJing]

Later, maybe we can make this error task recovery feature configurable.

[yahoNanJing]

The overall design of this PR is good for me and it will be really useful to deal with executor lost issue and executor bad disk issue. @thinkharderdev, @andygrove, @avantgardnerio, could you help review this PR?

[andygrove]

Thanks, @mingmwang. I plan on starting to review this tomorrow.

[yahoNanJing]

Trait is much more extensible than conditional compiling 👍

[andygrove]

nit: tid_gen isn't a descriptive name. I am guessing this is short for task_id_gen?

[mingmwang]

Sure, will change to task_id_gen.

[andygrove]

Could you add comments explaining these different partition ids?

[mingmwang]

Sure, will add more comments in the code. Here the new added map_partition_id is the partition_id of the map stage who produce this shuffle data. But the original PartitionId partition_id has different meanings in different places.
Sometimes it stands for a task_id, and here it stands for a shuffle partition id(composition of map_stage_id + reduce partition id + job_id), a mixed up of map and reduce infos together.
So if we do not consider the backward compatibility, I would suggest to unnest this and make the PartitionLocation a plan struct like blow:

message PartitionLocation {
  string job_id = 1;
  uint32 map_stage_id = 2;
  uint32 map_partition_id = 3;
  uint32 partition_id = 4;
  ExecutorMetadata executor_meta = 5;
  PartitionStats partition_stats = 6;
  string path = 7;
}

[andygrove]

It is late here for me, but I think that makes sense. I will review it again tomorrow.

[andygrove]

@mingmwang I have taken a first pass through this PR and I think it looks good. I am going to spend some time testing out the PR locally. It would be good to wait for Dan to review as well before we merge this.

[andygrove]

I tested this locally, and it worked really well!

I ran one scheduler, and two executors and I could kill one executor and still see a query complete successfully. This is not the case in the master branch.

I am happy to approve this once feedback has been addressed.

[mingmwang]

I tested this locally, and it worked really well!

I ran one scheduler, and two executors and I could kill one executor and still see a query complete successfully. This is not the case in the master branch.

I am happy to approve this once feedback has been addressed.

Thank you. We will also start the chaos-monkey testing in next month to verify the recent changes.

[andygrove]

Thanks @mingmwang. This is a very nice improvement in stability.

[thinkharderdev]

Had a few questions but this looks really great! Thanks for your work on this @mingmwang!

[thinkharderdev]

Not sure I understand the difference between these two errors

[mingmwang]

Not sure I understand the difference between these two errors

Yes, good question. In the current code base, both the two errors are not used directly by the executor tasks.
They are used by the Scheduler. When we see a 'FetchPartitionError' task update from the reduce task, the related map task's status is changed to 'ResultLost'. Of cause most of the time ResultLost should be caused by ExecutorLost.

[thinkharderdev]

I'm not sure I understand retyrable and count_to_failures. If a task is retry-able wouldn't wouldn't it count to failures in all case. Conversely if it's not retry-able then we don't need to count the failure at all.

[mingmwang]

Yes, have both retyrable and count_to_failures is to support the case that we might have some specific error that we want it to retry forever until it is successful.

[thinkharderdev]

Nice! I assume where this is going is making the executors smart enough to read partitions on the same physical machine directly from disk.

[mingmwang]

Nice! I assume where this is going is making the executors smart enough to read partitions on the same physical machine directly from disk.

Yes, exactly.

[thinkharderdev]

I don't get why we are saving a HashSet of attempts. Shouldn't it just be usize?

[mingmwang]

I don't get why we are saving a HashSet of attempts. Shouldn't it just be usize?

The purpose of using HashSet is to record what are the exact distinct failed attempts. Using a usize we will lose the detail.

[yahoNanJing]

Thanks @mingmwang for this huge step of error recovering. Thanks @andygrove and @thinkharderdev for reviewing this PR. Since we all approved this PR, I'll merge it first.