From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from [87.239.111.99] (localhost [127.0.0.1]) by dev.tarantool.org (Postfix) with ESMTP id B91D86EC55; Tue, 15 Jun 2021 16:57:05 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org B91D86EC55 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tarantool.org; s=dev; t=1623765425; bh=d/0jLa9239sKsZ58k4WxRGFR6Fhdab4BOk35kTOglGY=; h=To:Date:In-Reply-To:References:Subject:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=xfGJkzawTvPzmY8Mrz5/iWyHaLcABcIQ7W9Nao9ltmfIyNjuGSJ9MLXE0tMN0CKrX GniukC73FrXvqXKqSQF0cjqC18UD6DgA7536EeUhnOFLobEnQf00Ku+OrMzux39DOP g5swHF+rLI9H2QPIEGGGQ2Ff1jIrgQQdSTtg/WCo= Received: from mail-lf1-f53.google.com (mail-lf1-f53.google.com [209.85.167.53]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id C4CFF6EC55 for ; Tue, 15 Jun 2021 16:56:46 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org C4CFF6EC55 Received: by mail-lf1-f53.google.com with SMTP id a1so27130225lfr.12 for ; Tue, 15 Jun 2021 06:56:46 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=snpZ+99irptazcaqg/i7dqokXdsqG0+5NfPV1dVQ2/k=; b=Rn1q71v5bgVM8rCdS4OhhaOoQL94RIoh9bvg2uQ74X9LPJCXKxORalwYmGXOdqtB0P Uz0EM0WM/OB0P+p7gM0cmPlCcFDMGK6XyXCFIlbdUrJY0I10QiyRhUv7ouNFlml4Ik0M FLMI6v2OBDkshBWNxWgjRAQSt3199PTu8xcp4CXpz8Mg53HKRNuVS8CNwKtki9e0g3u5 Uk0kbhf7iG8M6EEOHNAU+QSySxu1hiP0oJD6NKkDeQM1MbhjIQfo6np5RnfMds7LVItb 3KYBx/knUQ5OqP078S3UudZlCk3UmQ8UJPbEGqoAp/hLeDT/fuI+ZL4n7uHsYdSVT6ZV L8hg== X-Gm-Message-State: AOAM533qwyQOoDAP/qI5gCK/L0jYtN5ObQDY0v7RkbgB1ackpq+17yqm YKL1Kmaxne6Px3YtUuOyix1RY5XUabI= X-Google-Smtp-Source: ABdhPJx7jUbnEXKgk8Jxj8o1ELtA03HO+E1g03dsOaKToE/eCGsj3AoO6xxmZCPDzqao2nN74++F3w== X-Received: by 2002:ac2:5936:: with SMTP id v22mr16296220lfi.130.1623765405374; Tue, 15 Jun 2021 06:56:45 -0700 (PDT) Received: from grain.localdomain ([5.18.171.94]) by smtp.gmail.com with ESMTPSA id h8sm1814469lfv.52.2021.06.15.06.56.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 15 Jun 2021 06:56:44 -0700 (PDT) Received: by grain.localdomain (Postfix, from userid 1000) id 719D55A001E; Tue, 15 Jun 2021 16:56:31 +0300 (MSK) To: tml Date: Tue, 15 Jun 2021 16:56:30 +0300 Message-Id: <20210615135630.63465-2-gorcunov@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210615135630.63465-1-gorcunov@gmail.com> References: <20210615135630.63465-1-gorcunov@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [Tarantool-patches] [PATCH v9 1/1] applier: filter incoming synchro packets via transaction initiator X-BeenThere: tarantool-patches@dev.tarantool.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Cyrill Gorcunov via Tarantool-patches Reply-To: Cyrill Gorcunov Cc: Vladislav Shpilevoy Errors-To: tarantool-patches-bounces@dev.tarantool.org Sender: "Tarantool-patches" Currently we use synchro packets filtration based on their contents, in particular by their xrow->replica_id value. Still there was a question if we can optimize this moment and rather filter out all packets coming from non-leader replica. Raft specification requires that only data from a current leader should be applied to local WAL but doesn't put a concrete claim on the data transport, ie how exactly rows are reaching replicas. This implies that data propagation may reach replicas indirectly via transit hops. Thus we drop applier->instance_id filtering and rely on xrow->replica_id matching instead. In the test (inspired by Serge Petrenko's test) we recreate the situation where replica3 obtains master's node data (which is a raft leader) indirectly via replica2 node. Closes #6035 Co-developed-by: Serge Petrenko Signed-off-by: Cyrill Gorcunov --- src/box/applier.cc | 27 ++-- src/lib/raft/raft.h | 7 - .../gh-5445-leader-inconsistency.result | 15 ++ .../gh-5445-leader-inconsistency.test.lua | 5 + .../replication/gh-6035-applier-filter.result | 144 ++++++++++++++++++ .../gh-6035-applier-filter.test.lua | 68 +++++++++ test/replication/gh-6035-master.lua | 1 + test/replication/gh-6035-node.lua | 35 +++++ test/replication/gh-6035-replica1.lua | 1 + test/replication/gh-6035-replica2.lua | 1 + test/replication/suite.cfg | 3 + 11 files changed, 288 insertions(+), 19 deletions(-) create mode 100644 test/replication/gh-6035-applier-filter.result create mode 100644 test/replication/gh-6035-applier-filter.test.lua create mode 120000 test/replication/gh-6035-master.lua create mode 100644 test/replication/gh-6035-node.lua create mode 120000 test/replication/gh-6035-replica1.lua create mode 120000 test/replication/gh-6035-replica2.lua diff --git a/src/box/applier.cc b/src/box/applier.cc index 33181fdbf..d3430f582 100644 --- a/src/box/applier.cc +++ b/src/box/applier.cc @@ -1027,21 +1027,24 @@ nopify:; * Return 0 for success or -1 in case of an error. */ static int -applier_apply_tx(struct applier *applier, struct stailq *rows) +applier_apply_tx(struct stailq *rows) { /* - * Rows received not directly from a leader are ignored. That is a - * protection against the case when an old leader keeps sending data - * around not knowing yet that it is not a leader anymore. + * Initially we've been filtering out data if it came from + * an applier which instance_id doesn't match raft->leader, + * but this prevents from obtaining valid leader's data when + * it comes from intermediate node. For example a series of + * replica hops * - * XXX: it may be that this can be fine to apply leader transactions by - * looking at their replica_id field if it is equal to leader id. That - * can be investigated as an 'optimization'. Even though may not give - * anything, because won't change total number of rows sent in the - * network anyway. + * master -> replica 1 -> replica 2 + * + * where each replica carries master's initiated transaction + * in xrow->replica_id field and master's data get propagated + * indirectly. + * + * Finally we dropped such "sender" filtration and use transaction + * "initiator" filtration via xrow->replica_id only. */ - if (!raft_is_source_allowed(box_raft(), applier->instance_id)) - return 0; struct xrow_header *first_row = &stailq_first_entry(rows, struct applier_tx_row, next)->row; struct xrow_header *last_row; @@ -1312,7 +1315,7 @@ applier_subscribe(struct applier *applier) diag_raise(); } applier_signal_ack(applier); - } else if (applier_apply_tx(applier, &rows) != 0) { + } else if (applier_apply_tx(&rows) != 0) { diag_raise(); } diff --git a/src/lib/raft/raft.h b/src/lib/raft/raft.h index a8da564b0..fae30b03d 100644 --- a/src/lib/raft/raft.h +++ b/src/lib/raft/raft.h @@ -236,13 +236,6 @@ raft_is_ro(const struct raft *raft) return raft->is_enabled && raft->state != RAFT_STATE_LEADER; } -/** See if the instance can accept rows from an instance with the given ID. */ -static inline bool -raft_is_source_allowed(const struct raft *raft, uint32_t source_id) -{ - return !raft->is_enabled || raft->leader == source_id; -} - /** Check if Raft is enabled. */ static inline bool raft_is_enabled(const struct raft *raft) diff --git a/test/replication/gh-5445-leader-inconsistency.result b/test/replication/gh-5445-leader-inconsistency.result index 5c6169f50..8b9a4051a 100644 --- a/test/replication/gh-5445-leader-inconsistency.result +++ b/test/replication/gh-5445-leader-inconsistency.result @@ -178,6 +178,14 @@ test_run:cmd('stop server '..leader) is_possible_leader[leader_nr] = false | --- | ... +-- And other node as well. +test_run:cmd('stop server '..other) + | --- + | - true + | ... +is_possible_leader[other_nr] = false + | --- + | ... -- Emulate a situation when next_leader wins the elections. It can't do that in -- this configuration, obviously, because it's behind the 'other' node, so set @@ -195,6 +203,13 @@ assert(get_leader(is_possible_leader) == next_leader_nr) | --- | - true | ... +test_run:cmd('start server '..other..' with args="1 0.4 voter 2"') + | --- + | - true + | ... +is_possible_leader[other_nr] = true + | --- + | ... test_run:switch(other) | --- | - true diff --git a/test/replication/gh-5445-leader-inconsistency.test.lua b/test/replication/gh-5445-leader-inconsistency.test.lua index e7952f5fa..b0b8baf36 100644 --- a/test/replication/gh-5445-leader-inconsistency.test.lua +++ b/test/replication/gh-5445-leader-inconsistency.test.lua @@ -82,6 +82,9 @@ test_run:wait_cond(function() return box.space.test:get{2} ~= nil end) test_run:switch('default') test_run:cmd('stop server '..leader) is_possible_leader[leader_nr] = false +-- And other node as well. +test_run:cmd('stop server '..other) +is_possible_leader[other_nr] = false -- Emulate a situation when next_leader wins the elections. It can't do that in -- this configuration, obviously, because it's behind the 'other' node, so set @@ -93,6 +96,8 @@ is_possible_leader[leader_nr] = false -- a situation when some rows from the old leader were not received). test_run:cmd('start server '..next_leader..' with args="1 0.4 candidate 1"') assert(get_leader(is_possible_leader) == next_leader_nr) +test_run:cmd('start server '..other..' with args="1 0.4 voter 2"') +is_possible_leader[other_nr] = true test_run:switch(other) -- New leader didn't know about the unconfirmed rows but still rolled them back. test_run:wait_cond(function() return box.space.test:get{2} == nil end) diff --git a/test/replication/gh-6035-applier-filter.result b/test/replication/gh-6035-applier-filter.result new file mode 100644 index 000000000..2620e7b6f --- /dev/null +++ b/test/replication/gh-6035-applier-filter.result @@ -0,0 +1,144 @@ +-- test-run result file version 2 +-- +-- gh-6035: verify synchronous rows filtration in applier, +-- we need to be sure that filtering synchronous rows is +-- done via transaction initiator not sender (iow via +-- xrow->replica_id). +-- +test_run = require('test_run').new() + | --- + | ... + +-- +-- Prepare a scheme with transitional node +-- +-- master <=> replica1 => replica2 +-- +-- such as transaction initiated on the master node would +-- be replicated to the replica2 via interim replica1 node. +-- + +test_run:cmd('create server master with script="replication/gh-6035-master.lua"') + | --- + | - true + | ... +test_run:cmd('create server replica1 with script="replication/gh-6035-replica1.lua"') + | --- + | - true + | ... +test_run:cmd('create server replica2 with script="replication/gh-6035-replica2.lua"') + | --- + | - true + | ... + +test_run:cmd('start server master') + | --- + | - true + | ... +test_run:cmd('start server replica1') + | --- + | - true + | ... +test_run:cmd('start server replica2') + | --- + | - true + | ... + +test_run:switch('replica2') + | --- + | - true + | ... +box.cfg{replication = {require('fio').cwd() .. "/replica1.sock"}} + | --- + | ... + +-- +-- Make the master to be RAFT leader, this drops connection +-- to the replica2. +test_run:switch('master') + | --- + | - true + | ... +box.cfg({ \ + replication = { \ + require('fio').cwd() .. "/master.sock", \ + require('fio').cwd() .. "/replica1.sock", \ + }, \ + replication_synchro_quorum = 2, \ + election_mode = 'manual', \ +}) + | --- + | ... + +box.ctl.promote() + | --- + | ... +_ = box.schema.space.create("sync", {is_sync = true}) + | --- + | ... +_ = box.space.sync:create_index("pk") + | --- + | ... +box.space.sync:insert{1} + | --- + | - [1] + | ... + +-- +-- The first hop is replica1. +test_run:switch('replica1') + | --- + | - true + | ... +box.space.sync:select{} + | --- + | - - [1] + | ... + +-- +-- And the second hop is replica2 where +-- replica1 replicated the data to us. +test_run:switch('replica2') + | --- + | - true + | ... +test_run:wait_cond(function() return \ + box.space.sync ~= nil and \ + box.space.sync:get{1} ~= nil and \ + box.space.sync:get{1}[1] == 1 end, 100) + | --- + | - true + | ... +box.space.sync:select{} + | --- + | - - [1] + | ... + +test_run:switch('default') + | --- + | - true + | ... +test_run:cmd('stop server master') + | --- + | - true + | ... +test_run:cmd('delete server master') + | --- + | - true + | ... +test_run:cmd('stop server replica1') + | --- + | - true + | ... +test_run:cmd('delete server replica1') + | --- + | - true + | ... +test_run:cmd('stop server replica2') + | --- + | - true + | ... +test_run:cmd('delete server replica2') + | --- + | - true + | ... diff --git a/test/replication/gh-6035-applier-filter.test.lua b/test/replication/gh-6035-applier-filter.test.lua new file mode 100644 index 000000000..9bfd91288 --- /dev/null +++ b/test/replication/gh-6035-applier-filter.test.lua @@ -0,0 +1,68 @@ +-- +-- gh-6035: verify synchronous rows filtration in applier, +-- we need to be sure that filtering synchronous rows is +-- done via transaction initiator not sender (iow via +-- xrow->replica_id). +-- +test_run = require('test_run').new() + +-- +-- Prepare a scheme with transitional node +-- +-- master <=> replica1 => replica2 +-- +-- such as transaction initiated on the master node would +-- be replicated to the replica2 via interim replica1 node. +-- + +test_run:cmd('create server master with script="replication/gh-6035-master.lua"') +test_run:cmd('create server replica1 with script="replication/gh-6035-replica1.lua"') +test_run:cmd('create server replica2 with script="replication/gh-6035-replica2.lua"') + +test_run:cmd('start server master') +test_run:cmd('start server replica1') +test_run:cmd('start server replica2') + +test_run:switch('replica2') +box.cfg{replication = {require('fio').cwd() .. "/replica1.sock"}} + +-- +-- Make the master to be RAFT leader, this drops connection +-- to the replica2. +test_run:switch('master') +box.cfg({ \ + replication = { \ + require('fio').cwd() .. "/master.sock", \ + require('fio').cwd() .. "/replica1.sock", \ + }, \ + replication_synchro_quorum = 2, \ + election_mode = 'manual', \ +}) + +box.ctl.promote() +_ = box.schema.space.create("sync", {is_sync = true}) +_ = box.space.sync:create_index("pk") +box.space.sync:insert{1} + +-- +-- The first hop is replica1. +test_run:switch('replica1') +box.space.sync:select{} + +-- +-- And the second hop is replica2 where +-- replica1 replicated the data to us. +test_run:switch('replica2') +test_run:wait_cond(function() return \ + box.space.sync ~= nil and \ + box.space.sync:get{1} ~= nil and \ + box.space.sync:get{1}[1] == 1 end, 100) +box.space.sync:select{} + +test_run:switch('default') +test_run:cmd('stop server master') +test_run:cmd('delete server master') +test_run:cmd('stop server replica1') +test_run:cmd('delete server replica1') +test_run:cmd('stop server replica2') +test_run:cmd('delete server replica2') diff --git a/test/replication/gh-6035-master.lua b/test/replication/gh-6035-master.lua new file mode 120000 index 000000000..f7ede7ef2 --- /dev/null +++ b/test/replication/gh-6035-master.lua @@ -0,0 +1 @@ +gh-6035-node.lua \ No newline at end of file diff --git a/test/replication/gh-6035-node.lua b/test/replication/gh-6035-node.lua new file mode 100644 index 000000000..e3819471a --- /dev/null +++ b/test/replication/gh-6035-node.lua @@ -0,0 +1,35 @@ +local SOCKET_DIR = require('fio').cwd() +local INSTANCE_ID = string.match(arg[0], "gh%-6035%-(.+)%.lua") + +local function unix_socket(name) + return SOCKET_DIR .. "/" .. name .. '.sock'; +end + +require('console').listen(os.getenv('ADMIN')) + +if INSTANCE_ID == "master" then + box.cfg({ + listen = unix_socket("master"), + }) +elseif INSTANCE_ID == "replica1" then + box.cfg({ + listen = unix_socket("replica1"), + replication = { + unix_socket("master"), + unix_socket("replica1") + }, + election_mode = 'voter' + }) +else + assert(INSTANCE_ID == "replica2") + box.cfg({ + replication = { + unix_socket("master"), + }, + election_mode = 'voter' + }) +end + +box.once("bootstrap", function() + box.schema.user.grant('guest', 'super') +end) diff --git a/test/replication/gh-6035-replica1.lua b/test/replication/gh-6035-replica1.lua new file mode 120000 index 000000000..f7ede7ef2 --- /dev/null +++ b/test/replication/gh-6035-replica1.lua @@ -0,0 +1 @@ +gh-6035-node.lua \ No newline at end of file diff --git a/test/replication/gh-6035-replica2.lua b/test/replication/gh-6035-replica2.lua new file mode 120000 index 000000000..f7ede7ef2 --- /dev/null +++ b/test/replication/gh-6035-replica2.lua @@ -0,0 +1 @@ +gh-6035-node.lua \ No newline at end of file diff --git a/test/replication/suite.cfg b/test/replication/suite.cfg index 27eab20c2..55ec022ff 100644 --- a/test/replication/suite.cfg +++ b/test/replication/suite.cfg @@ -47,6 +47,9 @@ "gh-6032-promote-wal-write.test.lua": {}, "gh-6057-qsync-confirm-async-no-wal.test.lua": {}, "gh-6094-rs-uuid-mismatch.test.lua": {}, + "gh-6035-applier-filter.test.lua": { + "memtx": {"engine": "memtx"} + }, "*": { "memtx": {"engine": "memtx"}, "vinyl": {"engine": "vinyl"} -- 2.31.1