Don’t ack if unable to remove failing replica #39584
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Pinging @elastic/es-distributed |
dnhatn
commented
Mar 1, 2019
| @@ -436,4 +442,54 @@ public void testIndicesDeleted() throws Exception { | |||
| assertFalse(client().admin().indices().prepareExists(idxName).get().isExists()); | |||
| } | |||
|
|
|||
| public void testRestartPrimaryNodeWhileIndexing() throws Exception { | |||
There was a problem hiding this comment.
I will combine this newly added test to testAckedIndexing in a follow-up.
There was a problem hiding this comment.
was this test able to expose the bug without the fix?
There was a problem hiding this comment.
I ran 5000 iterations and this failed twice. This test is merely copied from
ywelsch
suggested changes
Mar 4, 2019
| primary.failShard(message, failure); | ||
| } else { | ||
| // these can occur if the node is shutting down and are okay any other exception here is not expected and merits investigation. | ||
| assert failure instanceof NodeClosedException || failure instanceof TransportException : failure; |
There was a problem hiding this comment.
@bleskes mentioned that the TransportException here should be coming from
We should verify this here with an assertion and (I think in a follow-up) look into throwing a more appropriate exception in TransportService. Possible options are AlreadyClosedException or a custom subclass of TransportException.
| @@ -436,4 +442,54 @@ public void testIndicesDeleted() throws Exception { | |||
| assertFalse(client().admin().indices().prepareExists(idxName).get().isExists()); | |||
| } | |||
|
|
|||
| public void testRestartPrimaryNodeWhileIndexing() throws Exception { | |||
There was a problem hiding this comment.
was this test able to expose the bug without the fix?
| for (ShardRouting shardRouting : clusterState.routingTable().allShards(index)) { | ||
| if (shardRouting.primary()) { | ||
| String nodeName = clusterState.nodes().get(shardRouting.currentNodeId()).getName(); | ||
| internalCluster().restartNode(nodeName, new InternalTestCluster.RestartCallback()); |
There was a problem hiding this comment.
perhaps just restart a random node instead of explicitly the one with the primary?
|
@ywelsch Thanks for looking. It's ready again. |
ywelsch
approved these changes
Mar 5, 2019
server/src/main/java/org/elasticsearch/action/support/replication/ReplicationOperation.java
Outdated
Show resolved
Hide resolved
server/src/main/java/org/elasticsearch/action/support/replication/ReplicationOperation.java
Outdated
Show resolved
Hide resolved
|
@ywelsch Thanks! |
|
Thanks for letting me know! |
dnhatn
added a commit
that referenced
this pull request
Mar 6, 2019
We need to unwrap and use the actual cause when determining if the node with primary shard is shutting down because TransportService will throw a TransportException wrapped in a SendRequestTransportException. Relates #39584
dnhatn
added a commit
that referenced
this pull request
Mar 6, 2019
Today when a replicated write operation fails to execute on a replica, the primary will reach out to the master to fail that replica (and mark it stale). We then won't ack that request until the master removes the failing replica; otherwise, we will lose the acked operation if the failed replica is still in the in-sync set. However, if a node with the primary is shutting down, we might ack such request even though we are unable to send a shard-failure request to the master. This happens because we ignore NodeClosedException which is triggered when the ClusterService is being closed. Closes #39467
dnhatn
added a commit
that referenced
this pull request
Mar 6, 2019
We need to unwrap and use the actual cause when determining if the node with primary shard is shutting down because TransportService will throw a TransportException wrapped in a SendRequestTransportException. Relates #39584
dnhatn
added a commit
that referenced
this pull request
Mar 6, 2019
Today when a replicated write operation fails to execute on a replica, the primary will reach out to the master to fail that replica (and mark it stale). We then won't ack that request until the master removes the failing replica; otherwise, we will lose the acked operation if the failed replica is still in the in-sync set. However, if a node with the primary is shutting down, we might ack such request even though we are unable to send a shard-failure request to the master. This happens because we ignore NodeClosedException which is triggered when the ClusterService is being closed. Closes #39467
dnhatn
added a commit
that referenced
this pull request
Mar 6, 2019
We need to unwrap and use the actual cause when determining if the node with primary shard is shutting down because TransportService will throw a TransportException wrapped in a SendRequestTransportException. Relates #39584
dnhatn
added a commit
that referenced
this pull request
Mar 6, 2019
Today when a replicated write operation fails to execute on a replica, the primary will reach out to the master to fail that replica (and mark it stale). We then won't ack that request until the master removes the failing replica; otherwise, we will lose the acked operation if the failed replica is still in the in-sync set. However, if a node with the primary is shutting down, we might ack such request even though we are unable to send a shard-failure request to the master. This happens because we ignore NodeClosedException which is triggered when the ClusterService is being closed. Closes #39467
dnhatn
added a commit
that referenced
this pull request
Mar 6, 2019
We need to unwrap and use the actual cause when determining if the node with primary shard is shutting down because TransportService will throw a TransportException wrapped in a SendRequestTransportException. Relates #39584
dnhatn
added a commit
that referenced
this pull request
Mar 7, 2019
Today when a replicated write operation fails to execute on a replica, the primary will reach out to the master to fail that replica (and mark it stale). We then won't ack that request until the master removes the failing replica; otherwise, we will lose the acked operation if the failed replica is still in the in-sync set. However, if a node with the primary is shutting down, we might ack such request even though we are unable to send a shard-failure request to the master. This happens because we ignore NodeClosedException which is triggered when the ClusterService is being closed. Closes #39467
dnhatn
added a commit
that referenced
this pull request
Mar 7, 2019
We need to unwrap and use the actual cause when determining if the node with primary shard is shutting down because TransportService will throw a TransportException wrapped in a SendRequestTransportException. Relates #39584
jasontedor
added a commit
to jasontedor/elasticsearch
that referenced
this pull request
Mar 7, 2019
* 6.7: Fix CCR HLRC docs Introduce forget follower API (elastic#39718) 6.6.2 release notes. Update release notes for 6.7.0 Add documentation for min_hash filter (elastic#39671) Unmute testIndividualActionsTimeout Unmute testFollowIndexAndCloseNode Use unwrapped cause to determine if node is closing (elastic#39723) Don’t ack if unable to remove failing replica (elastic#39584) Wipe Snapshots Before Indices in RestTests (elastic#39662) (elastic#39765) Bug fix for AnnotatedTextHighlighter (elastic#39525) Fix Snapshot BwC with Version 5.6.x (elastic#39737) Fix occasional SearchServiceTests failure (elastic#39697) Correct date in daterange-aggregation.asciidoc (elastic#39727) Add a note to purge the ingest-geoip plugin (elastic#39553)
dnhatn
added a commit
that referenced
this pull request
Mar 8, 2019
If TransportService is stopped before a shard-failure request is sent but after the request is registered, TransportService will notify ReplicationOperation a TransportException with an error message: "transport stop, action: internal:cluster/shard/failure". Relates #39584
dnhatn
added a commit
that referenced
this pull request
Mar 8, 2019
If TransportService is stopped before a shard-failure request is sent but after the request is registered, TransportService will notify ReplicationOperation a TransportException with an error message: "transport stop, action: internal:cluster/shard/failure". Relates #39584
dnhatn
added a commit
that referenced
this pull request
Mar 8, 2019
If TransportService is stopped before a shard-failure request is sent but after the request is registered, TransportService will notify ReplicationOperation a TransportException with an error message: "transport stop, action: internal:cluster/shard/failure". Relates #39584
dnhatn
added a commit
that referenced
this pull request
Mar 8, 2019
If TransportService is stopped before a shard-failure request is sent but after the request is registered, TransportService will notify ReplicationOperation a TransportException with an error message: "transport stop, action: internal:cluster/shard/failure". Relates #39584
dnhatn
added a commit
that referenced
this pull request
Mar 11, 2019
If TransportService is stopped before a shard-failure request is sent but after the request is registered, TransportService will notify ReplicationOperation a TransportException with an error message: "transport stop, action: internal:cluster/shard/failure". Relates #39584
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Today when a replicated write operation fails to execute on a replica, the primary will reach out to the master to fail that replica (and mark it stale). We then won't ack that request until the master removes the failing replica; otherwise, we will lose the acked operation if the failed replica is still in the in-sync set. However, if a node with the primary is shutting down, we might ack such request even though we are unable to send a shard-failure request to the master. This happens because we ignore NodeClosedException which is triggered when the ClusterService is being closed.
Closes #39467
/cc @bleskes @martijnvg @jasontedor