5 years agoProgressTracker: Decrease delay due nearestAllowed 71/60071/6
Vratko Polak [Fri, 7 Jul 2017 11:14:57 +0000 (13:14 +0200)]
ProgressTracker: Decrease delay due nearestAllowed

If nearestAllowed is in past, that means we have
a temporary interval of relatively small demand for tasks.
We can reduce delay, as if the time since nearestAllowed
was a "delay in advance".

This way the queue stays closer to the intended capacity.

Change-Id: I40f95ea9cb25ea62d8c65ee78cafc79e9b56cc11
Signed-off-by: Vratko Polak <>
5 years agoBUG-8618: fix test driver 37/60137/8
Robert Varga [Mon, 10 Jul 2017 14:08:57 +0000 (16:08 +0200)]
BUG-8618: fix test driver

Since the test can produce bursts of completions, which in turn can
get slowed down by writout of new messages, offload future completion
to the executor we have internally. This in turn simplifies things,
as we can rely on state being manipulated (mostly) from a single thread.

Also change ArrayDeque to a HashSet to ensure removal of tasks completes
quickly even in face of misordered responses.

Change-Id: Ia5341633af2dbe3e26e7208436405daf7632a876
Signed-off-by: Robert Varga <>
5 years agoBUG-8618: add pause/unpause mechanics for tell-based protocol 33/60033/9
Robert Varga [Thu, 6 Jul 2017 16:26:44 +0000 (18:26 +0200)]
BUG-8618: add pause/unpause mechanics for tell-based protocol

When we are transitioning to/from paused state, we need to remove
all frontend-related state, including pending transactions, to ensure
ShardDataTree does not track them.

When we change to unpaused leader, we can reconstruct the state
from the journal -- the rest will be forwarded from the frontend anyway.

Change-Id: I28d486d1a6695e21dd7e6518609680d54e5a15eb
Signed-off-by: Robert Varga <>
5 years agoFix .1 version references 89/60389/1
Robert Varga [Fri, 14 Jul 2017 17:21:49 +0000 (19:21 +0200)]
Fix .1 version references

Post version-bump, need to fix up versions.

Change-Id: I7cb982c7d8744f70bf15d9c3c0736a34cdb6da69
Signed-off-by: Robert Varga <>
5 years agomdsaltrace utility for debugging 78/59978/2
Josh [Sun, 11 Dec 2016 08:47:46 +0000 (10:47 +0200)]
mdsaltrace utility for debugging

Moved back to controller per decision from kernel meeting
a few weeks ago.

TracingBroker logs 'write' operations
and listener registrations to the md-sal. It logs the instance
identifier path, the objects themselves, as well as the stack trace of
the call invoking the registration or write operation. It works by
operating as a "bump on the stack" between the application and actual
DataBroker, intercepting write and registration calls and writing to the

+ karaf4

Change-Id: Ie7d27901429f6e7bcac7ff62e49e4e3115f5915f
Signed-off-by: Josh <>
Signed-off-by: Robert Varga <>
5 years agoBUG-8618: introduce RaftActor.unpauseLeader() 32/60032/4
Robert Varga [Thu, 6 Jul 2017 15:15:21 +0000 (17:15 +0200)]
BUG-8618: introduce RaftActor.unpauseLeader()

This is a preparatory patch, which notifies RaftActor when
the operation hooked to pauseLeader() fails to complete and the
leader should resume its normal operation.

This is needed to correctly resume operations of tell-based protocol
after a pauseLeader() completes without actually changing the leader.

Change-Id: Ia00e52ebb327575a484af62bf0c31131a33303b3
Signed-off-by: Robert Varga <>
5 years agoBUG-8618: eliminate SimpleShardDataTreeCohort subclasses 98/59898/5
Robert Varga [Mon, 3 Jul 2017 17:57:38 +0000 (19:57 +0200)]
BUG-8618: eliminate SimpleShardDataTreeCohort subclasses

Now that we handle pre-cancommit failures useing reportFailure(),
there is no need to have specialized subclasses for cohorts, as
the initial failure can cleanly be handled via nextFailure.

This also places a guard in reportFailure() so we do not override
a failure once it is set -- which should only happen in the case
of a dead-on-arrival transaction and it timing out in READY state.

Change-Id: I057c5b36006843f51d60034d30af83bac4e02cd7
Signed-off-by: Robert Varga <>
5 years agoBUG-8618: rework AbstractProxyTransaction.flushState() 98/59998/4
Robert Varga [Thu, 6 Jul 2017 07:04:10 +0000 (09:04 +0200)]
BUG-8618: rework AbstractProxyTransaction.flushState()

Instead of directly forwarding state use ModifyTransactionRequest
to encapsulate state and forward it separately to the successor.

This eliminates sendRequest() from replay path, ensuring the replay
thread is not blocked.

Change-Id: Ice86791d417b7487b9d3b1df06341dd028cde7f8
Signed-off-by: Robert Varga <>
5 years agoBUG-8618: reconnect connections more aggressively 96/59896/2
Robert Varga [Mon, 3 Jul 2017 17:10:22 +0000 (19:10 +0200)]
BUG-8618: reconnect connections more aggressively

Given that the timeout period on backend for an existing transaction
is 15 seconds, sleeping for 5 seconds between reconnect attempts seems
excessive. Lower the timer to 1 second, which should give us a slightly
better chance to avoid timeouts.

Change-Id: Ib74480f5630865cb7a11ca7027e0495443d1d14e
Signed-off-by: Robert Varga <>
5 years agoBUG-8618: turn timeouts in READY state into canCommit failures 95/59895/2
Robert Varga [Mon, 3 Jul 2017 16:55:18 +0000 (18:55 +0200)]
BUG-8618: turn timeouts in READY state into canCommit failures

This patch adds more details to the TimeoutException reported when
we prune a transaction while it is in the queue. It also peels the
READY case from the defaults and makes sure we send an authoritative
reply back to the frontend when it requests the transaction to be

Change-Id: I21364ff7e7103af8be6988b8483adc112c3c1d25
Signed-off-by: Robert Varga <>
5 years agoBUG-8618: improve logging 90/59890/3
Robert Varga [Mon, 3 Jul 2017 15:30:43 +0000 (17:30 +0200)]
BUG-8618: improve logging

While target sequence is important, we also need to log transmit
sequence, too.

Since this issue involves a state mismatch on the backend, improve
ShardDataTreeCohort logging to include transaction identifier
and state.

Change-Id: I21735870a9ae7983dc14a8f8f4d7464d3448ca60
Signed-off-by: Robert Varga <>
5 years agoFix Verify/Preconditions string format 39/59839/3
Robert Varga [Mon, 3 Jul 2017 08:17:54 +0000 (10:17 +0200)]
Fix Verify/Preconditions string format

These methods take a String.format() string, not a logging one, hence
we are not getting the information we want.

Change-Id: I46de0d64c85594e3d7b8be97951f1cf5249bca8f
Signed-off-by: Robert Varga <>
5 years agoBump versions by x.y.(z+1) 41/60341/1
jenkins-releng [Fri, 14 Jul 2017 12:49:19 +0000 (12:49 +0000)]
Bump versions by x.y.(z+1)

Change-Id: I2d9547cc35fadb4f0a2cca4f55164006fd4378b5
Signed-off-by: jenkins-releng <>
5 years agoBUG-8704: rework seal mechanics to not wait during replay 54/59654/7
Robert Varga [Wed, 28 Jun 2017 14:47:13 +0000 (16:47 +0200)]
BUG-8704: rework seal mechanics to not wait during replay

AbstractProxyTransaction.seal() and most notably internalSeal()
can end up pushing down messages down the connection hence they
can end up slowing down the replay process.

The replay paths end up enqueing subsequent requests anyway, so
rework the structure to split the 'seal only' and 'seal and flush'

Change-Id: Ie75c1ef8aa0d3d5d7ca482d383fd516077ca50b4
Signed-off-by: Robert Varga <>
5 years agoBug 8768: Close itemProducer for every code path 49/59649/5
Vratko Polak [Thu, 29 Jun 2017 11:50:07 +0000 (13:50 +0200)]
Bug 8768: Close itemProducer for every code path

Change-Id: Ib87de13e2a0e6f128f74a05b80ffb4331e345d2c
Signed-off-by: Vratko Polak <>
5 years agoBUG-8494: rework AbstractTransactionHandler 04/59604/1
Robert Varga [Wed, 28 Jun 2017 09:34:34 +0000 (11:34 +0200)]
BUG-8494: rework AbstractTransactionHandler

If we have a transaction failure while we are producing transactions,
we could end up adding a delay until the failure is detected as we
would continue jamming in transactions.

Rework internal logic to halt processing as soon as a failure is seen,
speeding up detection and simplifying code.

Change-Id: I19d13c78d94bb39481abde477ec4e3df03a6aa57
Signed-off-by: Robert Varga <>
5 years agoImprove ShardBackendInfo.toString() 01/59601/1
Robert Varga [Wed, 28 Jun 2017 08:24:17 +0000 (10:24 +0200)]
Improve ShardBackendInfo.toString()

Slight update to eliminate a space from the property name and
an explicit present/absent string.

Change-Id: I9cb3a57049737c8ea25d22263140ff9974e23502
Signed-off-by: Robert Varga <>
5 years agoBUG-8445: ignore responses from mismatched sessions 99/59599/1
Robert Varga [Wed, 28 Jun 2017 08:11:47 +0000 (10:11 +0200)]
BUG-8445: ignore responses from mismatched sessions

We have to check the session ID of the response in order not to
wreck transmit consistency if face of leader changes and reconnects.

If we reconnect the connection to the new leader before we saw all
responses from the old leader, we end up in a situation where the
old leader completes some of the replayed messages before we either
send them to the new leader or receive (the correct) reply.

Guard against this by checking the session ID before attempting to
pair a response to a request.

Change-Id: I28fa98b89c679715c3a0c546962d00533e76aa5d
Signed-off-by: Robert Varga <>
5 years agoBUG-8494: fix failure path thinko 76/59576/1
Robert Varga [Tue, 27 Jun 2017 14:53:09 +0000 (16:53 +0200)]
BUG-8494: fix failure path thinko

The check should be to see if the failure has *not* been set,
hence invert the check.

Change-Id: I2c3893924f1c985687beedbfae0889388fad15c7
Signed-off-by: Robert Varga <>
5 years agoBUG-8445: check sessionId before propagating failures 27/59527/1
Robert Varga [Mon, 26 Jun 2017 14:31:30 +0000 (16:31 +0200)]
BUG-8445: check sessionId before propagating failures

When we have leader movement ocurring, based on timing details we
can re-establish a connection to the new leader and then start
receiving responses from the old leader telling us it no longer
is the leader.

To stop this from happening we need to check connection session ID
against the incoming failure.

Change-Id: If9a891016c7f213f2552283e3ec13485e598f5a4
Signed-off-by: Robert Varga <>
5 years agoBUG-8494: Cleanup clustering-it-provider 65/59465/6
Robert Varga [Fri, 23 Jun 2017 11:02:40 +0000 (13:02 +0200)]
BUG-8494: Cleanup clustering-it-provider

Fixes various warnings and refactors MdsalLowLevelTestProvider
to be slightly cleaner in terms of number of classes.

It also eliminates synchronous thread blocking on future collection
and instead schedules task which performs the cleanup if the system
gets stuck.

Change-Id: I657f3df60c620284538bdf39ab1536eac8448801
Signed-off-by: Robert Varga <>
5 years agoBUG 8629: Try to allow notification processing to finish in unsubscribe of listeners. 52/58952/5
Tomas Cere [Wed, 14 Jun 2017 13:42:07 +0000 (15:42 +0200)]
BUG 8629: Try to allow notification processing to finish in unsubscribe of listeners.

Change-Id: I8638c6066b86b101484d3d80cd0fed146a478778
Signed-off-by: Tomas Cere <>
5 years agoBug 8621 - Add shutdown-prefix-shard-replica rpc to MdsalLowLevelTestProvider 80/58580/6
Jakub Morvay [Fri, 9 Jun 2017 07:45:14 +0000 (09:45 +0200)]
Bug 8621 - Add shutdown-prefix-shard-replica rpc to MdsalLowLevelTestProvider

csit testing scenarios require clean shutdown of shard's local replica
funcionality. This introduces shutdown-prefix-shard-replica rpc to
MdsalLowLevelTestProvider. Upon invoking this rpc, local replica of
specified prefix-based shard is gracefully stopped.

Change-Id: I620b7ae2dbc9978dd155c64f703d421d46108e3d
Signed-off-by: Jakub Morvay <>
5 years agoBug 8621 - Add shutdown-shard-replica rpc to MdsalLowLevelTestProvider 79/58579/7
Jakub Morvay [Fri, 9 Jun 2017 07:12:20 +0000 (09:12 +0200)]
Bug 8621 - Add shutdown-shard-replica rpc to MdsalLowLevelTestProvider

csit testing scenarios require clean shutdown of shard's local replica
funcionality. This introduces shutdown-shard-replica rpc to
MdsalLowLevelTestProvider. Upon invoking this rpc, local replica of
specified module-based shard is gracefully stopped.

Change-Id: Ia8e0be65ecc99f9e208ff4ffd737b210437a9f51
Signed-off-by: Jakub Morvay <>
5 years agoBUG-8494: propagate submit failure immediately 39/59239/2
Robert Varga [Tue, 20 Jun 2017 14:06:01 +0000 (16:06 +0200)]
BUG-8494: propagate submit failure immediately

Rather than waiting for abort to complete, which cannot happen
during isolation for example, propagate timeout immediately.

Change-Id: I90333938cb951f3b478320c682c65be219660fdf
Signed-off-by: Robert Varga <>
5 years agoFix format string mismatch 25/59225/1
Robert Varga [Sun, 4 Jun 2017 18:37:59 +0000 (20:37 +0200)]
Fix format string mismatch

String expects two objects, not one.

Change-Id: I5cc37336236e88c13d569c656910d7fd969bb655
Signed-off-by: Robert Varga <>
(cherry picked from commit 45c422e0af781c2fa6978103afb14de9fbdc1c55)

5 years agoBUG-8445: Guard against NPE 60/59160/2
Robert Varga [Mon, 19 Jun 2017 12:15:10 +0000 (14:15 +0200)]
BUG-8445: Guard against NPE

We have observed this NPE:

Caused by: java.lang.NullPointerException
        at org.opendaylight.controller.cluster.datastore.ShardDataTree.startCanCommit(
        at org.opendaylight.controller.cluster.datastore.SimpleShardDataTreeCohort.canCommit(
        at org.opendaylight.controller.cluster.datastore.ChainedCommitCohort.canCommit(
        at org.opendaylight.controller.cluster.datastore.FrontendReadWriteTransaction.directCommit(
        at org.opendaylight.controller.cluster.datastore.FrontendReadWriteTransaction.handleModifyTransaction(
        at org.opendaylight.controller.cluster.datastore.FrontendReadWriteTransaction.doHandleRequest(
        at org.opendaylight.controller.cluster.datastore.FrontendTransaction.handleRequest(

Which is quite weird, as the FrontendReadWriteTransaction state seems
to indicate the transaction is ready to be committed, yet ShardDataTree
does not seem to have a record of it.

While we are investigating the root cause, this patch adds an explicit
warning when this happens.

Change-Id: I2ddff76357c33d7df2b3f25a2703c69715fbd871
Signed-off-by: Robert Varga <>
5 years agoLower UnboundedDequeBasedControlAwareMailbox logging 59/59159/2
Robert Varga [Mon, 19 Jun 2017 11:53:26 +0000 (13:53 +0200)]
Lower UnboundedDequeBasedControlAwareMailbox logging

Using debug logging seems excessive, leading to a lot of messages
at debug level. I think we can downgrade to trace instead.

Change-Id: I2a7f87760a1eefe9794eac3b4025b6a3891c30a3
Signed-off-by: Robert Varga <>
5 years agoCleanup ProduceTransactionsHandler 04/59004/6
Robert Varga [Thu, 15 Jun 2017 08:39:55 +0000 (10:39 +0200)]
Cleanup ProduceTransactionsHandler

Shuffle invariants around to reduce overheads. Also adds better debugs
around futures completing.

Change-Id: I01f940de08e9e0b7fc0e95b48b2d5fecdfd78f86
Signed-off-by: Robert Varga <>
5 years agoOptimize Follower.isOutOfSync() 38/59038/2
Robert Varga [Thu, 15 Jun 2017 16:10:22 +0000 (18:10 +0200)]
Optimize Follower.isOutOfSync()

This is a fast-path method which does a few duplicate checks
and calculations that may end up being unnecessary.

Restructure it so we check each partial condition just once
and compute required inputs only when we are going to need them.

Change-Id: I67a0089693a2ba1cd8c06c43504266534090545b
Signed-off-by: Robert Varga <>
5 years agoBUG-8618: update sync status only after processing 37/59037/2
Robert Varga [Thu, 15 Jun 2017 15:45:50 +0000 (17:45 +0200)]
BUG-8618: update sync status only after processing

Since the commitIndex may move in chunks we really want to update
our sync status after we have gone through the AppendEntries message
so our commitIndex reflects the state after processing.

Change-Id: I49c72a21f8d9c3efb7ae9cc1b64276220057f2e2
Signed-off-by: Robert Varga <>
5 years agoBUG-8618: make sync threshold tuneable 91/58991/6
Robert Varga [Thu, 15 Jun 2017 01:13:47 +0000 (03:13 +0200)]
BUG-8618: make sync threshold tuneable

We are observing quite a few of these transitions, which may be coming
from batching scenarios. Introduce sync-index-threshold config knob
to expose control over it.

Change-Id: Ief4c89c2fe5b95cebaf3fb83cbcdda37cac126b6
Signed-off-by: Robert Varga <>
5 years agoBUG-8618: improve debug logs 90/58990/2
Robert Varga [Thu, 15 Jun 2017 01:12:56 +0000 (03:12 +0200)]
BUG-8618: improve debug logs

We can have a reasonable ID prepended, add that. Also improve range
of threshold parameter, as we are addressing journal entries here.

Change-Id: I86aac1be04df8b72bfa6ffaa2b7a7e3b4cbfad6e
Signed-off-by: Robert Varga <>
5 years agoBUG-8618: refactor SyncStatusTracker state 86/58986/2
Robert Varga [Wed, 14 Jun 2017 23:29:01 +0000 (01:29 +0200)]
BUG-8618: refactor SyncStatusTracker state

Introducing a leader target encapsulation allows us to
enfore state transitions (i.e. state is guaranteed to be
non-null when we need its bits).

This enables us to eliminate the need for a magic constant.

Change-Id: Iab7178694edc3c62032e32c4386c371630f67b6f
Signed-off-by: Robert Varga <>
5 years agoBUG-8618: make sure we refresh backend info 36/58936/3
Robert Varga [Wed, 14 Jun 2017 10:38:20 +0000 (12:38 +0200)]
BUG-8618: make sure we refresh backend info

When we are performing a reconnection attempt we must never use
previous backend info, but rather have to refresh it.

Fix this by removing state when resolution fails.

Change-Id: I65592f2101547a606a15d9c8030c7d8c58afe8a5
Signed-off-by: Robert Varga <>
5 years agoBUG-8618: add threshold crossing debugs 85/58985/1
Robert Varga [Wed, 14 Jun 2017 23:00:43 +0000 (01:00 +0200)]
BUG-8618: add threshold crossing debugs

We are observing messages about sync status changing on the order
of 10s a second (14ms between messages). This looks awfully like
inter-node latency, hence it needs to be tuneable.

We do not have an understading of what sort of jumps are we talking
about, so add logging to the source of this events at debug, so these
can be diagnosed.

Change-Id: I9e2d78629f8808914cdb664cb28afcd47a55ee80
Signed-off-by: Robert Varga <>
5 years agoLog data after in IdIntsDOMDataTreeLIstener 97/58797/2
Vratko Polak [Tue, 13 Jun 2017 09:49:54 +0000 (11:49 +0200)]
Log data after in IdIntsDOMDataTreeLIstener

At TRACE level.

Change-Id: Ic71aeec4c121d5cfb53a09762c9845e3e94f4f04
Signed-off-by: Vratko Polak <>
5 years agoImprove timeout message 14/58314/4
Robert Varga [Tue, 6 Jun 2017 09:19:07 +0000 (11:19 +0200)]
Improve timeout message

Rather than reporing nanoseconds, convert them to fraction seconds.

Change-Id: I9052462990f8c6b99349ed123f682ce3f0e23461
Signed-off-by: Robert Varga <>
5 years agoBUG-8665: fix memory leak around RangeSets 00/58800/1
Robert Varga [Tue, 13 Jun 2017 10:13:58 +0000 (12:13 +0200)]
BUG-8665: fix memory leak around RangeSets

This is a thinko on my part, where I was thinking in terms of a
discrete set (UnsignedLong) and assumed RangeSets will coalesce
individual items.

Unfortunately TreeRangeSet has no way of knowing that that the
domain it operates on is discrete and hence will not merge invididual

This patch fixes the problem by using [N,N+1) ranges to address
the problem. A follow-up patch should address this in a more
efficient manner.

Change-Id: Iecc313e09ae0cdd51a42f7d39281f7634f0358a7
Signed-off-by: Robert Varga <>
5 years agoBug 8606: Continue leadership transfer on pauseLeader timeout 94/58794/2
Tom Pantelis [Mon, 12 Jun 2017 13:42:38 +0000 (09:42 -0400)]
Bug 8606: Continue leadership transfer on pauseLeader timeout

Modified it to continue with leadership transfer if pauseLeader times out
instead of aborting. The shard may have a lot of transactions queued up
which it can't finish in time but there may still be a follower that is
caught up (ie whose matchIndex equals the leader's lastIndex) or would be
caught up if leadership transfer continued. Worst case is no follower is
available and the "catch up" phase of leadership transfer also times out
which would lengthen shut down time but that should be fine.

Change-Id: I1ec1ef43bb556e50416bb7239ce3c267265db9b3
Signed-off-by: Tom Pantelis <>
(cherry picked from commit dac16f0d464eff3325b3800a803e81b303964e4b)

5 years agoFix intermittent PreLeaderScenarioTest failure 91/58791/1
Tom Pantelis [Tue, 13 Jun 2017 00:28:06 +0000 (20:28 -0400)]
Fix intermittent PreLeaderScenarioTest failure

java.lang.AssertionError: AppendEntries - # entries expected:<1> but was:<0>
  at org.junit.Assert.failNotEquals(
  at org.junit.Assert.assertEquals(
  at org.junit.Assert.assertEquals(
  at org.opendaylight.controller.cluster.raft.PreLeaderScenarioTest.testUnComittedEntryOnLeaderChange(

AppendEntries appendEntries = expectFirstMatching(follower1CollectorActor,
assertEquals("AppendEntries - # entries", 1, appendEntries.getEntries().size());

After the payload is sent to the leader, it expects an AppendEntries sent to follower1
with a single ReplicatedLogEntry. From the test output this did occur correctly but
the MessageCollectorActor still had the initial empty AppendEntries sent on leader
startup. The test setup waits for the initial AppendEntriesReply's from both followers
prior to clearing messages in each MessageCollectorActor however the AppendEntries may
not have been delivered to follower1's MessageCollectorActor yet and thus doesn't get
cleared. We need to specifically wait for the AppendEntries in follower1's

Change-Id: I638a21e75ea135c1fe24970135f564da4fc5738e
Signed-off-by: Tom Pantelis <>
5 years agoBUG 8494 log possibly hanged futures in tx handlers 39/58739/2
Tomas Cere [Mon, 12 Jun 2017 13:29:46 +0000 (15:29 +0200)]
BUG 8494 log possibly hanged futures in tx handlers

Change-Id: Iccc90e575033c6770a3a499853f31e0684a712e4
Signed-off-by: Tomas Cere <>
5 years agoBUG 8604 set proper tag when producer creation times out 38/58738/2
Tomas Cere [Mon, 12 Jun 2017 13:20:29 +0000 (15:20 +0200)]
BUG 8604 set proper tag when producer creation times out

Change-Id: I405f4d546a32b2d0f5b56fb03907a63334fabd6c
Signed-off-by: Tomas Cere <>
5 years agoBUG 8649: remove bounded mailbox from ShardManager and notification actors 34/58734/1
Tomas Cere [Mon, 12 Jun 2017 12:47:53 +0000 (14:47 +0200)]
BUG 8649: remove bounded mailbox from ShardManager and notification actors

Change-Id: I52975d969a81cc3ccdc7b963e0f43f9958ba6a10
Signed-off-by: Tomas Cere <>
5 years agoBUG 8629: log inconsistent notifications as warn 99/58499/3
Tomas Cere [Thu, 8 Jun 2017 12:00:02 +0000 (14:00 +0200)]
BUG 8629: log inconsistent notifications as warn

Change-Id: I872fced1ecc913e521ddf7c0d4acee7f48b04cb1
Signed-off-by: Tomas Cere <>
5 years agoBUG 8618: Log leader status when rejecting request 16/58416/7
Tomas Cere [Wed, 7 Jun 2017 14:14:36 +0000 (16:14 +0200)]
BUG 8618: Log leader status when rejecting request

Change-Id: Iecd99a74473b68f43b7ad43a1272d679aa09b4e6
Signed-off-by: Tomas Cere <>
5 years agoCatch all exceptions when submitting in tx handlers 84/58484/4
Tomas Cere [Thu, 8 Jun 2017 09:48:00 +0000 (11:48 +0200)]
Catch all exceptions when submitting in tx handlers

Change-Id: I5b9a2ec26b1b6001423f2cf5cf57285ce6c7e340
Signed-off-by: Tomas Cere <>
5 years agoDo not flood logs with modifications 34/58434/4
Robert Varga [Wed, 7 Jun 2017 16:40:52 +0000 (18:40 +0200)]
Do not flood logs with modifications

Debugging logs have grown quite a bit for tell-based protocol
mostly due to us dumping modifications as part of the request
message. Log only the number of modification in the message,
which will make the logs quite a bit more readable.

Change-Id: I35961702b7bdd0e3f93cd03f05a0e443a14bf419
Signed-off-by: Robert Varga <>
5 years agoBug 5740: Configure control-aware mailbox 99/58399/2
Tom Pantelis [Thu, 25 May 2017 14:18:02 +0000 (10:18 -0400)]
Bug 5740: Configure control-aware mailbox

Configured unit tests and production to use a control-aware mailbox
for Shard actors. The current code allows for a "shard-dispatcher"
to be defined so I added a section in the .conf that specifies the
mailbox-type appropriately (ie UnboundedDequeBasedControlAwareMailbox).

Change-Id: Ibdb404e1dfcc699471a8e899c491a09500ee04c0
Signed-off-by: Tom Pantelis <>
5 years agoBug 5740: Add Deque-based control-aware mailbox 98/58398/2
Tom Pantelis [Thu, 25 May 2017 13:39:40 +0000 (09:39 -0400)]
Bug 5740: Add Deque-based control-aware mailbox

Since akka persistence uses stashing, it requires a mailbox to be
Deque-based to provide the enqueueFirst method. However, the
control-aware mailboxes provided by akka are not Deque-based so we
need one that is.

Change-Id: I74f214c725eff16aba093aad3f2f6eed80948ee4
Signed-off-by: Tom Pantelis <>
5 years agoBug 5740: Add ControlMessage interface to raft messages 97/58397/2
Tom Pantelis [Wed, 24 May 2017 14:58:57 +0000 (10:58 -0400)]
Bug 5740: Add ControlMessage interface to raft messages

Added 'implements ControlMessage' for all RaftRPCs and other messages
related to raft that should have higher priority.

Change-Id: Ie699531ef67d9cbcf7cbdec0422dd2e6faafebaa
Signed-off-by: Tom Pantelis <>
5 years agoBug 5740: Remove Serializable where not necessary 96/58396/2
Tom Pantelis [Wed, 24 May 2017 13:40:52 +0000 (09:40 -0400)]
Bug 5740: Remove Serializable where not necessary

Some raft message classes are Serializable but they don't need to
be as they're only sent locally.

Change-Id: Ibd052b9a4589dd2476b30c51e301b3dd609df750
Signed-off-by: Tom Pantelis <>
5 years agoBug 5740: Change TimeoutNow and Shutdown to externalizable proxy 95/58395/2
Tom Pantelis [Wed, 24 May 2017 12:13:34 +0000 (08:13 -0400)]
Bug 5740: Change TimeoutNow and Shutdown to externalizable proxy

Change-Id: I3b2289c258ffab288901b5cbf4e5032bc143dfc7
Signed-off-by: Tom Pantelis <>
5 years agoBug 5740: Change RequestVote(Reply) to externalizable proxy 94/58394/2
Tom Pantelis [Wed, 24 May 2017 12:02:00 +0000 (08:02 -0400)]
Bug 5740: Change RequestVote(Reply) to externalizable proxy

The other RaftRPC classes havwe been converted to use the
externalizable proxy pattern so we shoild convert RequestVote(Reply)
as well.

Change-Id: I0a2054d8426f66480f37061d1a9fc51464f705da
Signed-off-by: Tom Pantelis <>
5 years agoBUG-8620: handle direct commit and disconnect correctly 30/58430/3
Robert Varga [Wed, 7 Jun 2017 16:08:28 +0000 (18:08 +0200)]
BUG-8620: handle direct commit and disconnect correctly

Transactions committed directly can complete in a disconnected
fashion as we are skipping the back-and-forth communication of the
three-phase commit. This period may involve shard leadership changes
and so we may end up in a situation where we are replaying a direct
commit request to a transaction which already completed -- which
raises a RequestFailure to make sure we do not do anything untoward.

In the specific case of direct commit, though, this is perfectly fine
and so update the callback to account for this case happening.

Change-Id: Ic60e69f0f58cc7c5a3ac869386dc12f856aa1f74
Signed-off-by: Robert Varga <>
5 years agoBUG 8602: Skip initial fill of idints 55/58355/3
Tomas Cere [Tue, 6 Jun 2017 16:28:10 +0000 (18:28 +0200)]
BUG 8602: Skip initial fill of idints

Change-Id: If197c9b2318a52b3608f6065bea44af860a09849
Signed-off-by: Tomas Cere <>
5 years agoFix RecoveryIntegrationSingleNodeTest failure 68/58368/1
Tom Pantelis [Mon, 5 Jun 2017 18:56:45 +0000 (14:56 -0400)]
Fix RecoveryIntegrationSingleNodeTest failure

The InMemoryJournal may not have received all the persisted messages
by the time it checks the expected size of the journal so added a latch/wait
for he expected messages..

Change-Id: I8f050b9375f5e3e74749c17e831add21d09d1831
Signed-off-by: Tom Pantelis <>
(cherry picked from commit 75a222ffd227bb9f2aeef8ee7998f8df6f529bf8)

5 years agoBUG-8494: do not attempt to reconnect ReconnectingClientConnection 94/58194/3
Robert Varga [Sat, 3 Jun 2017 02:16:00 +0000 (04:16 +0200)]
BUG-8494: do not attempt to reconnect ReconnectingClientConnection

If we are in reconnect state, we should never attempt to initiate
reconnection, as that would leave us without the timer running --
which is a problem since we need to be timing out requests which
are queued even as we are attempting to reconnect to the backend.

Change-Id: Ic955a2e5b743617c26cc72815df94d0c4584704c
Signed-off-by: Robert Varga <>
5 years agoBUG-8403: fix DONE state propagation 74/58274/1
Robert Varga [Mon, 5 Jun 2017 17:50:52 +0000 (19:50 +0200)]
BUG-8403: fix DONE state propagation

The DONE state detection logic in replayMessages() was flawed, as
we checked the current state, which is guaranteed to be SuccessorState.

We should be checking the previous state, available from the successor
state. As it turns out we can do this very cleanly by setting the flag
when the successor state gets the previous state assigned.

This also has better performance, as we do not touch the volatile
field multiple times.

Change-Id: Ica2246160bf8fee7aa134bbacb45857235405f6a
Signed-off-by: Robert Varga <>
5 years agoReplace LOGGER by LOG 72/57972/3
David Suarez [Mon, 29 May 2017 10:03:08 +0000 (12:03 +0200)]
Replace LOGGER by LOG

Replace LOGGER by LOG to follow the
OpenDaylight recommendations [1].


Change-Id: I024bcd5f23a5bdcc177440b175578694c6c471a4
Signed-off-by: David Suarez <>
(cherry picked from commit 202de5f104dc8149accab4ebf04c3ec8857edff2)

5 years agoBUG-8494: fix throttling during reconnect 96/57996/6
Robert Varga [Mon, 29 May 2017 21:58:07 +0000 (23:58 +0200)]
BUG-8494: fix throttling during reconnect

ReconnectForwarder is called from differing code-paths: the one is
during replay when we are dealing with late requests (those which have
been waiting while we replaying), the other is subsequent user requests.

The first one should not be waiting on the queue, as the requests have
already entered it, hence have payed the cost of entry. The latter needs
to pay for entering the queue, as otherwise we do not exert backpressure.

This patch differentiates the two code paths, so they behave as they
should. Also add more debug information in timer paths.

Change-Id: I609be2332b13868ef1b9511399e2827d7f3d5b7d
Signed-off-by: Robert Varga <>
5 years agoBUG-8403: propagate DONE state to successor 94/57994/7
Robert Varga [Mon, 29 May 2017 20:53:53 +0000 (22:53 +0200)]
BUG-8403: propagate DONE state to successor

We need correct accounting for DONE non-standalone local transactions,
as such transactions do not interact with open/closed semantics.

Propagate DONE via a simple flag, which we check in local ProxyHistory
a create a proxy without a backing modification.

Change-Id: Ie921db8c9e40f30934c119b74c31ca5418b61548
Signed-off-by: Robert Varga <>
5 years agoBUG-8403: go through the DONE transition 76/58076/3
Robert Varga [Wed, 31 May 2017 17:49:52 +0000 (19:49 +0200)]
BUG-8403: go through the DONE transition

Third step of the fix: make make AbstractProxyTransaction go through
the DONE state before retiring. This ends up also fixing breakage
in local chain transactions, which could end up leaking because we
never go back to just using the base data tree.

Change-Id: I97ac1687eaf3ecd8f46a68c6170891ea06703e95
Signed-off-by: Robert Varga <>
5 years agoBUG-8403: add state documentation and DONE state 34/58034/6
Robert Varga [Tue, 30 May 2017 17:19:42 +0000 (19:19 +0200)]
BUG-8403: add state documentation and DONE state

Second step of the fix: clarify AbstractProxyTransaction states and
their transitions. Introduce a DONE state which we will use to close
the replay state race window.

Change-Id: I82e47103f2cd9b8ec496b72803b5d5e56d33c0f5
Signed-off-by: Robert Varga <>
5 years agoBUG-8403: move successor allocation to AbstractProxyTransaction 93/57993/5
Robert Varga [Tue, 30 May 2017 17:35:17 +0000 (19:35 +0200)]
BUG-8403: move successor allocation to AbstractProxyTransaction

We still have a tiny race window where we do not correctly handle
reconnection, leading to an ISE splat -- this time if the final
stage of transaction completion.

The problem is that a reconnect attempt is happening while we are
waiting for the transaction purge to complete. At this point the
transaction has been completely resolved and the only remaining
task is to inform the backend that we have received all of the
state and hence it can throw it out (we will remove our state once
purge completes).

We are still allocating a live transaction in the local history
and the purge request replay does not logically close it, leading
to the splat.

To fix this, we really need to allocate a non-open tx successor,
which will not trip the successor local history. All the required
knowledge already resides in AbstractProxyHistory, except we do
not have a dedicated 'purging' state.

This makes the first step of moving the allocation caller to the
appropriate place.

Change-Id: If82957019b478f4d5132edda4d38e6bc026aa0ab
Signed-off-by: Robert Varga <>
5 years agoBUG-8494: Cap queue sleep time 33/58033/2
Robert Varga [Tue, 30 May 2017 09:41:58 +0000 (11:41 +0200)]
BUG-8494: Cap queue sleep time

Inconsistency in transmit queue backpressure has caused an observed
delay of over 44 minutes in CSIT. Thile this is an artefact of a bug,
we should not delay application thread for large periods of time, as
that can cause failures in the application (if it has other
time-bound duties like BGP keepalive messages and similar).

Restrict the sleep time to 5 seconds, emitting an INFO-level messages
when we reach this level of sleeping. This should not typically not
occur, as the backpressure should be kicking in much sooner, smooting
out the delay curve.

Change-Id: Ie5f148248caa71791bdda71ddd7e33e5733aa7f8
Signed-off-by: Robert Varga <>
5 years agoBug 8446 - Increase timeout in leadership transfer 98/57698/4
Jakub Morvay [Tue, 23 May 2017 12:06:48 +0000 (14:06 +0200)]
Bug 8446 - Increase timeout in leadership transfer

Change-Id: Iffd66ef2c771b797b236f23c39b1fb87b5a27c89
Signed-off-by: Jakub Morvay <>
5 years agoCleanup time access 58/57758/4
Robert Varga [Wed, 24 May 2017 09:44:30 +0000 (11:44 +0200)]
Cleanup time access

ShardDataTree does not need to expose the ticker, just a readTime()
method. This makes the users slightly more readable.

Change-Id: I9aa72a2d3625f40a2a44b0838ff344437293e1e3
Signed-off-by: Robert Varga <>
5 years agoBUG-8515: make sure we retry connection on NotLeaderException 51/57951/1
Robert Varga [Mon, 29 May 2017 08:40:06 +0000 (10:40 +0200)]
BUG-8515: make sure we retry connection on NotLeaderException

There is a race window when we are establishing connection to the

When we received the pointer to shard leader, we send a connect
request, but during that time window the leader may move, resulting
in a NotLeaderException response to ConnectClientRequest. Since
we are in reconnection mode, this will result in hard abort of

Fix this by wrapping NotLeaderException and akka failures in a
TimeoutException -- hence we will retry connecting.

Change-Id: Ia5d1915d59e80a70c54302c1790121d0767ff08a
Signed-off-by: Robert Varga <>
5 years agoBUG-8403: do not throttle purge requests 22/57822/3
Robert Varga [Thu, 25 May 2017 16:10:57 +0000 (18:10 +0200)]
BUG-8403: do not throttle purge requests

It seems we are getting stuck after replay on purge requests,
which are dispatched internally.

Make sure we do not use sendRequest() in obvious replay places,
nor for purge requests. Also add a debug upcall if we happen to
sleep for more than 100msec.

Change-Id: Iec667f2039610f3f036e6b88c7c7e7b773cdfc19
Signed-off-by: Robert Varga <>
5 years agoBUG-8538: rework transaction abort paths 70/57770/12
Robert Varga [Wed, 24 May 2017 12:42:04 +0000 (14:42 +0200)]
BUG-8538: rework transaction abort paths

Direct transaction abort path can end up touching proxy history's
maps, which it should not, as that happens only after purge. This
inconsistency has cropped up when purge was introduced.

Refactor the methods so that cohorts are removed only after purge,
and fix abort request routing such that it always enqueues a purge
request (possibly via successor). This also addresses a FIXME, as
we now have an enqueueAbort() request, which is not waiting on the

Change-Id: Ie291da70ace772274f33505db376a915b38e37c0
Signed-off-by: Robert Varga <>
5 years agoBUG-8538: do not invoke read callbacks during replay. 59/57759/12
Robert Varga [Wed, 24 May 2017 10:01:20 +0000 (12:01 +0200)]
BUG-8538: do not invoke read callbacks during replay.

As evidenced by a ConcurrentModificationException happening reliably
in face of aborted read-only transactions, there are avenues how
our state can be modified eventhough we hold the locks.

One such avenue is listeners hanging on read operations, which
can enqueue further requests in the context of calling thread. That
thread must not be performing replay, hence delay request completion
into a separate actor message by using executeInActor().

Change-Id: Ibcd0ac788156011ec3a4cc573dc7fb249ebf93a2
Signed-off-by: Robert Varga <>
5 years agoBUG-8371: Respond to CreateLocalHistoryRequest after replication 51/57751/4
Robert Varga [Wed, 24 May 2017 09:36:18 +0000 (11:36 +0200)]
BUG-8371: Respond to CreateLocalHistoryRequest after replication

CreateLocalHistoryRequest needs to be replicated to followers before
we respond to the frontend, as logically this request has to be
persisted before any subsequent transactions.

While the frontend could replay the request on reconnect, it would
also have to track the implied persistence (via child transactions),
which we do not want because it really is a backend detail and it
would lead to a lot of complexity in the frontend.

Change-Id: Icdfad59d3c2bab3d4125186c6a9b3c901d3934f6
Signed-off-by: Robert Varga <>
5 years agoBUG-8540: suppress ConnectingClientConnection backend timeout 22/57722/5
Robert Varga [Tue, 23 May 2017 17:42:57 +0000 (19:42 +0200)]
BUG-8540: suppress ConnectingClientConnection backend timeout

While a ClientConnection is in initial connect state we do not want
the timer to attempt to reconnect it, as it we are already trying
hard to connect it. Suppress that attempt by faking backend silent
ticks to be 0.

Change-Id: Iaf554632a56fd5be1d417d6806462edf3c746526
Signed-off-by: Robert Varga <>
5 years agoBUG 8525 Listeners not getting triggered from followers 63/57763/4
Tomas Cere [Wed, 24 May 2017 12:09:53 +0000 (14:09 +0200)]
BUG 8525 Listeners not getting triggered from followers

This is an oversight in the dtcl implementation of the lowlevel
model. However we also need to change the proxy listener thats
registered from the new sharding apis as there is no way
for the user to specify this cluster interface since the mdsal
api's are required.

Change-Id: I41c02a45d1db9eb9ed8c6e63dff99da567829d2f
Signed-off-by: Tomas Cere <>
5 years agoDo not retain initial SchemaContext 61/56561/16
Robert Varga [Thu, 4 May 2017 21:52:57 +0000 (23:52 +0200)]
Do not retain initial SchemaContext

While looking over a memory dump I have noticed that we retain
SchemaContext inside Shard$Builder, which is being retained via
Props (which are used to restart the actor).

This reference is not updated as the SchemaContext is updated, which
means we are wasting memory and are causing Shard to come up with
an ancient SchemaContext after a failure.

Fix this by having an AtomicReference holder for SchemaContext
and have Shard have a Supplier<SchemaContext>.

Change-Id: I73fcae46f249d3679522eb7dbbb059e43c5af6c7
Signed-off-by: Robert Varga <>
5 years agoBUG-8402: correctly propagate read-only bit 92/57692/3
Robert Varga [Tue, 23 May 2017 12:56:37 +0000 (14:56 +0200)]
BUG-8402: correctly propagate read-only bit

During replay we substitute read requests with an IncrementSequence
request, but that does not indicate whether the transaction state
should be read-only.

This leads to transaction chains allocating a full-blown transaction
instead of a snapshot, hence follow-up transactions fail to allocate,
leading to OutOfOrderRequestException.

Fix this by making IncrementTransactionSequenceRequest a subclass
of AbstractReadTransactionRequest so it carries isSnapshotOnly().

Change-Id: Ifdb6214478aa7548d3bc1f06b532e06c93b3dd0b
Signed-off-by: Robert Varga <>
5 years agoBUG 8402: Close readonly tx 81/57681/4
Tomas Cere [Tue, 23 May 2017 12:09:34 +0000 (14:09 +0200)]
BUG 8402: Close readonly tx

This transaction is only used for an exist check of
default prefix shard configuration and needs to be closed
once we are done with it.

Change-Id: I8d7c06e7e3ce58cb91713dac14744c411ec1bf5f
Signed-off-by: Tomas Cere <>
5 years agoBUG 8318: Add section for remoting transport-failure-detector 57/57357/4
Tomas Cere [Thu, 18 May 2017 14:00:54 +0000 (16:00 +0200)]
BUG 8318: Add section for remoting transport-failure-detector

Similar to separate dispatcher for cluster we might also
trip a false positive in remoting so add this in so we can modify
the parameter in csit.

Change-Id: I751fec044e2bf0f0d82badb2ea7d581b3374ac4a
Signed-off-by: Tomas Cere <>
5 years agoBUG 8525: Prevent NPE in test-app listeners 21/57621/3
Tomas Cere [Mon, 22 May 2017 11:22:46 +0000 (13:22 +0200)]
BUG 8525: Prevent NPE in test-app listeners

Prevents the NPE thrown when the listeners didn't
receive any notifications.

Change-Id: I0d774913a15b4341abce779c64d6ee8f75d6a0e1
Signed-off-by: Tomas Cere <>
5 years agoBUG 8403 Timeout writetransactions on initial ensure 23/57423/3
Tomas Cere [Fri, 19 May 2017 12:29:33 +0000 (14:29 +0200)]
BUG 8403 Timeout writetransactions on initial ensure

This stage can get stuck aswell and if the submit is never timed out
from the backend as a result of a bug it will never complete.

Change-Id: Ia424d009cd201e3f03a13af88c35b1390b40cbee
Signed-off-by: Tomas Cere <>
5 years agoBUG-8403: raise misordered request log message 99/57599/3
Robert Varga [Mon, 22 May 2017 08:17:15 +0000 (10:17 +0200)]
BUG-8403: raise misordered request log message

This error seems to occur intermittently, raise the message to
a warning.

Change-Id: Ia749a9ac17fa75ef26fe7a2963fa9ea3a0b35731
Signed-off-by: Robert Varga <>
5 years agoBUG-8371: raise unknown history log to warn 98/57598/3
Robert Varga [Mon, 22 May 2017 08:11:51 +0000 (10:11 +0200)]
BUG-8371: raise unknown history log to warn

This error seems to be happening quite often, raise it to a warning
so we understand what request is triggering it.

Change-Id: If357325787f5c859a46af9286c86c0e9934909cb
Signed-off-by: Robert Varga <>
5 years agoDon't use File(In/Out)putStream in FileBackedOutputStream 87/56987/2
Tom Pantelis [Fri, 12 May 2017 15:13:19 +0000 (11:13 -0400)]
Don't use File(In/Out)putStream in FileBackedOutputStream

As per
FileInputStream/FileOutputStream can incur unnecessary GC overhead due to
finalize. Use Files.newInputStream and Files.newOutputStream instead.

Change-Id: Ic4130ba650fef312e82a5039e9e11a573bd9d406
Signed-off-by: Tom Pantelis <>
(cherry picked from commit 6ead1cc9d35cdb72f469f7a451df3597c60c1a93)

5 years agoBump versions by x.y.(z+1) 37/57837/1
jenkins-releng [Thu, 25 May 2017 18:18:07 +0000 (18:18 +0000)]
Bump versions by x.y.(z+1)

Change-Id: I9f723dafe81c487a0219b29d51a715d8a121891f
Signed-off-by: jenkins-releng <>
5 years agoBUG-8507: Fix replayed directCommit() on reconnect 87/57387/12
Robert Varga [Thu, 18 May 2017 21:24:15 +0000 (23:24 +0200)]
BUG-8507: Fix replayed directCommit() on reconnect

After remote shard reconnect of a brief isolation, we have observed
a NPE indicating that we encounter a NPE when faced with a direct

Assuming state engine correctness, this can happen during the time
when we have completed preCommit and before we have recorded the
request result (i.e. after commit completes).

At any rate, this flushes out the need for transaction transitions
to be idempotent, which is something ShardDataTreeTransaction and
ShardDataTreeCohort do not provide.

Encapsulate FrontendReadWriteTransaction state into distinct state
objects. This allows us to accurately track the internal transaction
state and detect when a canCommit, directCommit, preCommit and
doCommit are no-ops because the request is being already handled.

Change-Id: Ib533ec9a4882f51f7914c5b11865ac093c6d6ad0
Signed-off-by: Robert Varga <>
5 years agoBUG-8511: add more explicit messages 31/57431/3
Robert Varga [Fri, 19 May 2017 13:32:13 +0000 (15:32 +0200)]
BUG-8511: add more explicit messages

This adds more defensive handling of connections and locking,
even if it should not strictly be necessary, as we are using
atomic operations and run on the actor thread. This makes the
transitions work even in fact of actor context leakage.

Change-Id: I26df0f208d63b861a0f3d3dc3c0f1959bbc79e90
Signed-off-by: Robert Varga <>
5 years agoBUG-8403: guard against ConcurrentModificationException 38/57438/1
Robert Varga [Fri, 19 May 2017 15:21:42 +0000 (17:21 +0200)]
BUG-8403: guard against ConcurrentModificationException

Using TransmitQueue.asIterable() offers slight advantage of not
dealing with a big list, but exposes us to the risk of the Iterable
being changed.

The point missed by the fix to BUG 8491 is that there is an avenue
for the old connection to be touched during replay, as we are
completing entries, for example reads when we are switching from
remote to local connection. In this case the callback will be invoked
in the actor thread, with all the locks being reentrant and held,
hence it can break through to the old connection's queue.

If that happens we will see a ConcurrentModificationException and
enter a buggy territory, where the client fails to work properly.

Document this caveat and turn asIterable() into drain(), which
removes all the entries in the queue, allowing new entries to be
enqueued. The late-comer entries are accounted for when we set the

Change-Id: Idf29c1e565e12aaed917ac94c21c552daf169d4d
Signed-off-by: Robert Varga <>
5 years agoBUG-8452: make NoShardLeaderException retriable 74/57074/13
Robert Varga [Mon, 15 May 2017 14:56:14 +0000 (16:56 +0200)]
BUG-8452: make NoShardLeaderException retriable

We can recover from this exception by retrying the connection to
the backend. Wrap it in a TimeoutException, which will cause a new
connection attempt.

Change-Id: I1d5c771fdb89cbdd7723e0425542154a1ed85853
Signed-off-by: Robert Varga <>
5 years agoBUG-8491: Remove requests as they are replayed 15/57315/9
Robert Varga [Wed, 17 May 2017 21:39:55 +0000 (23:39 +0200)]
BUG-8491: Remove requests as they are replayed

We should not be seeing any messages just after we have finished
message replay, as the queue is still locked and we should have
accounted for all messages by removing them from the queue.

Change-Id: I47396b4705e048460934538acc470468a0a6285d
Signed-off-by: Robert Varga <>
Signed-off-by: Tomas Cere <>
5 years agoBUG 8462: Switch to using cds-client in usubscribe-ddtl 52/57352/2
Tomas Cere [Thu, 18 May 2017 08:34:25 +0000 (10:34 +0200)]
BUG 8462: Switch to using cds-client in usubscribe-ddtl

The initial notification seemed iffy when the leader was moving,
so switch the final data consitency check to cds-clients read
which also makes this more consistent with unsubscribe-dtcl.

Change-Id: Ia23da11a5bda33925ee6ba911d2794f666a17a94
Signed-off-by: Tomas Cere <>
5 years agoBUG-8402: fix sequencing with read/exists requests 28/57028/17
Robert Varga [Sun, 14 May 2017 18:36:09 +0000 (20:36 +0200)]
BUG-8402: fix sequencing with read/exists requests

When replaying successful requests, we do not issue read and exists
requests, as they have already been satisfied, but account for their
sequence numbers.

This does not work in the case where we have a remote connection,
the first request on a transaction is a read and after it is
satisfied subsequent requests are replayed to a different backend

Since the initial request is not replayed, but subsequent requests
account for it and the backend has no prior knowledge of the
transaction, it sees an initial request with sequence != 0, and
rejects all requests with an OutOfOrderRequestException.

Fix this by introducing IncrementTransactionSequenceRequest, which
the frontend enqueues as the first request instead of the initial
read/exist request -- introducing the transaction to backend.

Change-Id: Ia0f048e33d417e1fdc8d15bf319d6b8b33c2b1b1
Signed-off-by: Robert Varga <>
5 years agoBUG-8402: Record modification failures 93/57293/6
Robert Varga [Wed, 17 May 2017 14:56:57 +0000 (16:56 +0200)]
BUG-8402: Record modification failures

When a modification fails to apply, we must record the resulting
failure, as we have partially applied the state and hence should
never attempt to try to do it again even if the client retransmits
the request.

Furthermore we should stop responding to any subsequent requests
including reads, as our responses are not accurate anyway (and the
requests may have been enqueued before the client saw the failure).

Enqueue the failure and respond to all subsequent requests with it,
forcing the transaction to fail the canCommit() phase.

Change-Id: I1d25f1b3a688e02f8a69f54f22a5d6d2dd43339c
Signed-off-by: Robert Varga <>
5 years agoBUG-8402: Separate out OutOfOrderRequestException 89/57289/4
Robert Varga [Wed, 17 May 2017 14:19:04 +0000 (16:19 +0200)]
BUG-8402: Separate out OutOfOrderRequestException

OutOfOrderRequestException is used for two distinct cases, which is
a mixup during refactor.

The first case is when an envelope's sequence does not match the
sequence we are expecting on a connection. This is a retriable
exception and happens due to mailbox queueing during leadership
- a FE sees us as a leader, sends requests
- we become a follower, we reject a few requests
- we become a leader, at which point we must not process requests
  until the FE reconnects, as we would not be processing them in
  the correct order.

The second case is when we receive a Request with an unexpected
sequence. This is a hard error, as it indicates that the client
has made a mistake and lost a request (like the case fixed in

Separate these two cases out by introducing
OutOfSequenceEnvelopeException and handle it by initiating a session

Change-Id: Ifb0bac41ff2efd6385455fd9c77b8b39054dd4a0
Signed-off-by: Robert Varga <>
5 years agoBUG-8422: separate retry and request timeouts 74/56874/12
Robert Varga [Thu, 11 May 2017 14:54:22 +0000 (16:54 +0200)]
BUG-8422: separate retry and request timeouts

This patch corrects a thinko around request timeouts, where we
reconnect the connection based on request timeout, not based on
the 'try' timeout.

The difference between the two is that the 'try' timeout is the
period we allow the backend to respond to our request and when
it does not, we reconnect the connection.

Change-Id: I8c00a80e5c26c5b829056c43fe78a0567041bc5e
Signed-off-by: Robert Varga <>
Signed-off-by: Tomas Cere <>
5 years agoBUG-8402: fix transmit accounting 52/57152/6
Robert Varga [Tue, 16 May 2017 14:49:42 +0000 (16:49 +0200)]
BUG-8402: fix transmit accounting

CSIT has shown that during burst activity and leader movement
we can lose track of messages and the requests can arrive misordered.

As it turns out TransmitQueue.complete() transmit-on-response code
path fails to properly move the request to the in-flight queue.

Furthermore, opportunistic sending TransmitQueue.enqueue() could cause
message reordering if for some reason we have pending requests and
available transmit slot.

Fix this sharing the codepaths and making the TransmitQueue.enqueue()
check pending queue emptiness.

Change-Id: I2daf3d8b198e83c6f50f4a2f43b9e4c3cc091187
Signed-off-by: Robert Varga <>
5 years agoBUG 8422: Change tx handlers hard timeout 32/57132/3
Tomas Cere [Tue, 16 May 2017 10:40:35 +0000 (12:40 +0200)]
BUG 8422: Change tx handlers hard timeout

This makes write-transactions/produce-transactions return an
RpcError upon reaching 2 minutes of waiting after the last
transaction is submitted in case the transactions arent timed out
from the frontend.

Also close producer when the initial write into id-ints list fails.

Change-Id: I20abbd02ed14e16d9e9a49f935113c0044e7c6d8
Signed-off-by: Tomas Cere <>
5 years agoBUG-8159: apply object lifecycle to metadata 38/57138/3
Robert Varga [Tue, 16 May 2017 11:20:41 +0000 (13:20 +0200)]
BUG-8159: apply object lifecycle to metadata

In leader role ShardDataTree needs to maintain its own view of
the metadata that is present in the journal, otherwise snapshots
do not contain accurate view nor can the shard transition to follower
while retaining correct state.

The initial idea was that this would be maintained in the replication
callbacks, but that is not really feasible, as it would spread the
code to different codepaths with the possibility of missed updates.

This patch centralizes metadata updates in payloadReplicationComplete(),
performing them unconditionally. Callbacks registered with
replicatePayload() are then used only for hooking in further events,
like sending messages to the frontend.

Change-Id: I2b3de068589f03fe988f11138436a4ec225e357e
Signed-off-by: Robert Varga <>
5 years agoBUG 8447: Add shard getRole rpcs 31/57131/2
Tomas Cere [Tue, 16 May 2017 10:30:48 +0000 (12:30 +0200)]
BUG 8447: Add shard getRole rpcs

These are added to get around jolokia which seems
to sometimes take a very long time to produce a response,
so we have a way to find out the current shard role via
talking directly to the ShardManager.

Change-Id: I18b98988fc9fab26513544c129e5063e87affede
Signed-off-by: Tomas Cere <>
5 years agoBug 8444 - Persistent prefix-based shard cannot load its snapshot 75/57075/5
Jakub Morvay [Mon, 15 May 2017 15:13:53 +0000 (17:13 +0200)]
Bug 8444 - Persistent prefix-based shard cannot load its snapshot

Since the name is URL-encoded, we have to make sure it does not get
double-encoded -- hence we need to make a pass of URL-decoding before
we use the result.

Change-Id: I20fe8702ad7e405a8b68d8bda2f9ce4522f2dfd0
Signed-off-by: Jakub Morvay <>