From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from [87.239.111.99] (localhost [127.0.0.1]) by dev.tarantool.org (Postfix) with ESMTP id 1A4DA6EC5C; Wed, 14 Jul 2021 21:30:25 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org 1A4DA6EC5C DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tarantool.org; s=dev; t=1626287425; bh=EQCx0IJLs/md40fJQw/oNzjx8a+dBb1bHQ2+bPFkOMU=; h=To:Date:In-Reply-To:References:Subject:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=IYTkDFw6XU/WwTKDs+c+qAfKnhoqYF28sXpsbSx88vnxuNBIfH/bpVo6LO5JVq7Hb Upa5rDKjQkl/ONqCD6S1YGVurR7Gd5WnaaPq8fulJSj1+TRX8BYrEsryVvAtPf7y3M SWZYyEXhQvepia9+Iv/N1rTAf+D+L0IylJoj+dQg= Received: from smtp58.i.mail.ru (smtp58.i.mail.ru [217.69.128.38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id 7ABB76F3C3 for ; Wed, 14 Jul 2021 21:26:06 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org 7ABB76F3C3 Received: by smtp58.i.mail.ru with esmtpa (envelope-from ) id 1m3ja9-0007Q7-Ib; Wed, 14 Jul 2021 21:26:05 +0300 To: v.shpilevoy@tarantool.org, gorcunov@gmail.com Date: Wed, 14 Jul 2021 21:25:37 +0300 Message-Id: <5c38c2b4f516ce3777b2f3374f6c76f8e9229448.1626287002.git.sergepetrenko@tarantool.org> X-Mailer: git-send-email 2.30.1 (Apple Git-130) In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-4EC0790: 10 X-7564579A: B8F34718100C35BD X-77F55803: 4F1203BC0FB41BD97BB0EF39AD2B33D52D9CC5C87942E9F1EA2CB6CC9AFB41C2182A05F538085040013FD6C6FB6FB1507C560120C340AF154473606A531BC2DD86F3B3B899E3258E X-7FA49CB5: FF5795518A3D127A4AD6D5ED66289B5278DA827A17800CE7059B0D8AC717918AEA1F7E6F0F101C67BD4B6F7A4D31EC0BCC500DACC3FED6E28638F802B75D45FF8AA50765F7900637B323FE155BC226618638F802B75D45FF36EB9D2243A4F8B5A6FCA7DBDB1FC311F39EFFDF887939037866D6147AF826D812411FE5B6E43805068A9DDA135F1E7C117882F4460429724CE54428C33FAD305F5C1EE8F4F765FC2EE5AD8F952D28FBA471835C12D1D9774AD6D5ED66289B52BA9C0B312567BB23117882F446042972877693876707352033AC447995A7AD186FD1C55BDD38FC3FD2E47CDBA5A96583BA9C0B312567BB231DD303D21008E29813377AFFFEAFD269A417C69337E82CC2E827F84554CEF50127C277FBC8AE2E8BA83251EDC214901ED5E8D9A59859A8B6D635BA3ABDB36C18089D37D7C0E48F6C5571747095F342E88FB05168BE4CE3AF X-C1DE0DAB: C20DE7B7AB408E4181F030C43753B8183A4AFAF3EA6BDC44C234C8B12C006B7A3EB0C8D5FD3BD3A0E04FF93706531193B9BD69A35B2CBCFAB1881A6453793CE9C32612AADDFBE061C61BE10805914D3804EBA3D8E7E5B87ABF8C51168CD8EBDB30B6221521ACED37DC48ACC2A39D04F89CDFB48F4795C241BDAD6C7F3747799A X-C8649E89: 4E36BF7865823D7055A7F0CF078B5EC49A30900B95165D340D3A19269BBEBAAF258F4AC5A6978E49A7C5B8406E87146417B0E4B796E9C4C1E9CE8E77244B4AAE1D7E09C32AA3244C5142CEEC9EB3CA199C38F405CB66C6EC5A1673A01BA68E40927AC6DF5659F194 X-D57D3AED: 3ZO7eAau8CL7WIMRKs4sN3D3tLDjz0dLbV79QFUyzQ2Ujvy7cMT6pYYqY16iZVKkSc3dCLJ7zSJH7+u4VD18S7Vl4ZUrpaVfd2+vE6kuoey4m4VkSEu530nj6fImhcD4MUrOEAnl0W826KZ9Q+tr5ycPtXkTV4k65bRjmOUUP8cvGozZ33TWg5HZplvhhXbhDGzqmQDTd6OAevLeAnq3Ra9uf7zvY2zzsIhlcp/Y7m53TZgf2aB4JOg4gkr2biojDdSFIg49M1TId/4YNItfcA== X-Mailru-Sender: 3B9A0136629DC9125D61937A2360A446DCF67A6ACA5D040D296EB2D93E1004942DB677496F1B3C28424AE0EB1F3D1D21E2978F233C3FAE6EE63DB1732555E4A8EE80603BA4A5B0BC112434F685709FCF0DA7A0AF5A3A8387 X-Mras: Ok Subject: [Tarantool-patches] [PATCH v4 09/16] box: split promote() into reasonable parts X-BeenThere: tarantool-patches@dev.tarantool.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Serge Petrenko via Tarantool-patches Reply-To: Serge Petrenko Cc: tarantool-patches@dev.tarantool.org Errors-To: tarantool-patches-bounces@dev.tarantool.org Sender: "Tarantool-patches" box_promote() is a monster. It does a lot of different things based on flags: try_wait and run_elections. The flags themselves depend on the node's Raft state and the lunar calendar. Moreover, there are multiple cancellation points and places where external state may have changed and needs a re-check. Things are going to get even worse with the introduction of box.ctl.demote(). So it's time to split up box_promote() into reasonable parts, each doing exactly one thing. This commit mostly addresses the multiple cancellation points issue, so that promote() doesn't look like a huge pile of if(something_changed) blocks. Some other functions will look like that instead. Part of #6034 --- src/box/box.cc | 269 ++++++++++++++++++++++++++++--------------------- 1 file changed, 155 insertions(+), 114 deletions(-) diff --git a/src/box/box.cc b/src/box/box.cc index 86370514a..445875f8f 100644 --- a/src/box/box.cc +++ b/src/box/box.cc @@ -1527,6 +1527,147 @@ box_wait_quorum(uint32_t lead_id, int64_t target_lsn, int quorum, return 0; } +/** + * A helper to start new Raft election round and wait until the election results + * are known. + * Returns 0 in case this instance has won the elections, -1 otherwise. + */ +static int +box_run_elections(void) +{ + assert(box_raft()->is_enabled); + assert(box_election_mode != ELECTION_MODE_VOTER); + /* + * Make this instance a candidate and run until some leader, not + * necessarily this instance, emerges. + */ + raft_start_candidate(box_raft()); + /* + * Trigger new elections without waiting for an old leader to + * disappear. + */ + raft_new_term(box_raft()); + int rc = box_raft_wait_leader_found(); + + if (box_election_mode == ELECTION_MODE_MANUAL) + raft_stop_candidate(box_raft(), false); + if (rc != 0) + return -1; + if (!box_raft()->is_enabled) { + diag_set(ClientError, ER_RAFT_DISABLED); + return -1; + } + if (box_raft()->state != RAFT_STATE_LEADER) { + diag_set(ClientError, ER_INTERFERING_PROMOTE, + box_raft()->leader); + return -1; + } + + return 0; +} + +/** + * Check whether the greatest promote term has changed since it was last read. + * IOW check that a foreign PROMOTE arrived while we were sleeping. + */ +static int +box_check_promote_term_changed(uint64_t promote_term) +{ + if (txn_limbo.promote_greatest_term != promote_term) { + diag_set(ClientError, ER_INTERFERING_PROMOTE, + txn_limbo.owner_id); + return -1; + } + return 0; +} + +/** Try waiting until limbo is emptied up to given timeout. */ +static int +box_try_wait_confirm(double timeout) +{ + uint64_t promote_term = txn_limbo.promote_greatest_term; + txn_limbo_wait_empty(&txn_limbo, timeout); + return box_check_promote_term_changed(promote_term); +} + +/** + * A helper to wait until all limbo entries are ready to be confirmed, i.e. + * written to WAL and have gathered a quorum of ACKs from replicas. + * Return lsn of the last limbo entry on success, -1 on error. + */ +static int64_t +box_wait_limbo_acked(void) +{ + if (txn_limbo_is_empty(&txn_limbo)) + return txn_limbo.confirmed_lsn; + + uint64_t promote_term = txn_limbo.promote_greatest_term; + int quorum = replication_synchro_quorum; + struct txn_limbo_entry *last_entry; + last_entry = txn_limbo_last_synchro_entry(&txn_limbo); + /* Wait for the last entries WAL write. */ + if (last_entry->lsn < 0) { + int64_t tid = last_entry->txn->id; + + if (wal_sync(NULL) < 0) + return -1; + + if (box_check_promote_term_changed(promote_term) < 0) + return -1; + if (txn_limbo_is_empty(&txn_limbo)) + return txn_limbo.confirmed_lsn; + if (tid != txn_limbo_last_synchro_entry(&txn_limbo)->txn->id) { + diag_set(ClientError, ER_QUORUM_WAIT, quorum, + "new synchronous transactions appeared"); + return -1; + } + } + assert(last_entry->lsn > 0); + int64_t wait_lsn = last_entry->lsn; + + if (box_wait_quorum(txn_limbo.owner_id, wait_lsn, quorum, + replication_synchro_timeout) < 0) + return -1; + + if (box_check_promote_term_changed(promote_term) < 0) + return -1; + + if (txn_limbo_is_empty(&txn_limbo)) + return txn_limbo.confirmed_lsn; + + if (quorum < replication_synchro_quorum) { + diag_set(ClientError, ER_QUORUM_WAIT, quorum, + "quorum was increased while waiting"); + return -1; + } + if (wait_lsn < txn_limbo_last_synchro_entry(&txn_limbo)->lsn) { + diag_set(ClientError, ER_QUORUM_WAIT, quorum, + "new synchronous transactions appeared"); + return -1; + } + + return wait_lsn; +} + +/** Write and process a PROMOTE request. */ +static void +box_issue_promote(uint32_t prev_leader_id, int64_t promote_lsn) +{ + assert(box_raft()->volatile_term == box_raft()->term); + assert(promote_lsn >= 0); + txn_limbo_write_promote(&txn_limbo, promote_lsn, + box_raft()->term); + struct synchro_request req = { + .type = IPROTO_PROMOTE, + .replica_id = prev_leader_id, + .origin_id = instance_id, + .lsn = promote_lsn, + .term = box_raft()->term, + }; + txn_limbo_process(&txn_limbo, &req); + assert(txn_limbo_is_empty(&txn_limbo)); +} + int box_promote(void) { @@ -1537,6 +1678,10 @@ box_promote(void) "simultaneous invocations"); return -1; } + in_promote = true; + auto promote_guard = make_scoped_guard([&] { + in_promote = false; + }); /* * Do nothing when box isn't configured and when PROMOTE was already @@ -1582,122 +1727,18 @@ box_promote(void) unreachable(); } - uint32_t former_leader_id = txn_limbo.owner_id; - int64_t wait_lsn = txn_limbo.confirmed_lsn; - int rc = 0; - int quorum = replication_synchro_quorum; - in_promote = true; - auto promote_guard = make_scoped_guard([&] { - in_promote = false; - }); - - if (run_elections) { - /* - * Make this instance a candidate and run until some leader, not - * necessarily this instance, emerges. - */ - raft_start_candidate(box_raft()); - /* - * Trigger new elections without waiting for an old leader to - * disappear. - */ - raft_new_term(box_raft()); - rc = box_raft_wait_leader_found(); - /* - * Do not reset raft mode if it was changed while running the - * elections. - */ - if (box_election_mode == ELECTION_MODE_MANUAL) - raft_stop_candidate(box_raft(), false); - if (rc != 0) - return -1; - if (!box_raft()->is_enabled) { - diag_set(ClientError, ER_RAFT_DISABLED); - return -1; - } - if (box_raft()->state != RAFT_STATE_LEADER) { - diag_set(ClientError, ER_INTERFERING_PROMOTE, - box_raft()->leader); - return -1; - } - } - - if (txn_limbo_is_empty(&txn_limbo)) - goto promote; + int64_t wait_lsn = -1; - if (try_wait) { - /* Wait until pending confirmations/rollbacks reach us. */ - double timeout = 2 * replication_synchro_timeout; - txn_limbo_wait_empty(&txn_limbo, timeout); - /* - * Our mission was to clear the limbo from former leader's - * transactions. Exit in case someone did that for us. - */ - if (former_leader_id != txn_limbo.owner_id) { - diag_set(ClientError, ER_INTERFERING_PROMOTE, - txn_limbo.owner_id); - return -1; - } - if (txn_limbo_is_empty(&txn_limbo)) { - wait_lsn = txn_limbo.confirmed_lsn; - goto promote; - } - } - - struct txn_limbo_entry *last_entry; - last_entry = txn_limbo_last_synchro_entry(&txn_limbo); - /* Wait for the last entries WAL write. */ - if (last_entry->lsn < 0) { - int64_t tid = last_entry->txn->id; - if (wal_sync(NULL) < 0) - return -1; - if (former_leader_id != txn_limbo.owner_id) { - diag_set(ClientError, ER_INTERFERING_PROMOTE, - txn_limbo.owner_id); - return -1; - } - if (txn_limbo_is_empty(&txn_limbo)) { - wait_lsn = txn_limbo.confirmed_lsn; - goto promote; - } - if (tid != txn_limbo_last_synchro_entry(&txn_limbo)->txn->id) { - diag_set(ClientError, ER_QUORUM_WAIT, quorum, - "new synchronous transactions appeared"); - return -1; - } - } - wait_lsn = last_entry->lsn; - assert(wait_lsn > 0); + if (run_elections && box_run_elections() < 0) + return -1; + if (try_wait && + box_try_wait_confirm(2 * replication_synchro_timeout) < 0) + return -1; + if ((wait_lsn = box_wait_limbo_acked()) < 0) + return -1; - rc = box_wait_quorum(former_leader_id, wait_lsn, quorum, - replication_synchro_timeout); - if (rc == 0) { - if (quorum < replication_synchro_quorum) { - diag_set(ClientError, ER_QUORUM_WAIT, quorum, - "quorum was increased while waiting"); - rc = -1; - } else if (wait_lsn < txn_limbo_last_synchro_entry(&txn_limbo)->lsn) { - diag_set(ClientError, ER_QUORUM_WAIT, quorum, - "new synchronous transactions appeared"); - rc = -1; - } else { -promote: - /* We cannot possibly get here in a volatile state. */ - assert(box_raft()->volatile_term == box_raft()->term); - txn_limbo_write_promote(&txn_limbo, wait_lsn, - box_raft()->term); - struct synchro_request req = { - .type = IPROTO_PROMOTE, - .replica_id = former_leader_id, - .origin_id = instance_id, - .lsn = wait_lsn, - .term = box_raft()->term, - }; - txn_limbo_process(&txn_limbo, &req); - assert(txn_limbo_is_empty(&txn_limbo)); - } - } - return rc; + box_issue_promote(txn_limbo.owner_id, wait_lsn); + return 0; } int -- 2.30.1 (Apple Git-130)