Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reject TwoPC calls if semi-sync is not enabled #16608

Merged

Conversation

GuptaManan100
Copy link
Member

@GuptaManan100 GuptaManan100 commented Aug 16, 2024

Description

This PR disallows two-pc if semi-sync is not enabled. This check is performed whenever a new primary is promoted. So we do this both in InitPrimary and PromoteReplica. We store whether we want to allow two-pc or not in the tx engine and use this to fail the prepare calls.

Technically, it is still possible for users to shoot themselves in the foot, by promoting a new primary with a semi-sync durability policy but changing the policy to none after that.
The only way to check for correctness, in this case, would be to check for whether all the current primaries are not running two-pc when the durability policy suggests that the primary shouldn't be running semi-sync. This however, would be overkill, and would require a RPC call from the vtctld to all the vttablets.

Related Issue(s)

Checklist

  • "Backport to:" labels have been added if this change should be back-ported to release branches
  • If this change is to be back-ported to previous releases, a justification is included in the PR description
  • Tests were added or are not required
  • Did the new or modified tests pass consistently locally and on CI?
  • Documentation was added or is not required

Deployment Notes

…hout semi-sync

Signed-off-by: Manan Gupta <manan@planetscale.com>
Signed-off-by: Manan Gupta <manan@planetscale.com>
Copy link
Contributor

vitess-bot bot commented Aug 16, 2024

Review Checklist

Hello reviewers! 👋 Please follow this checklist when reviewing this Pull Request.

General

  • Ensure that the Pull Request has a descriptive title.
  • Ensure there is a link to an issue (except for internal cleanup and flaky test fixes), new features should have an RFC that documents use cases and test cases.

Tests

  • Bug fixes should have at least one unit or end-to-end test, enhancement and new features should have a sufficient number of tests.

Documentation

  • Apply the release notes (needs details) label if users need to know about this change.
  • New features should be documented.
  • There should be some code comments as to why things are implemented the way they are.
  • There should be a comment at the top of each new or modified test to explain what the test does.

New flags

  • Is this flag really necessary?
  • Flag names must be clear and intuitive, use dashes (-), and have a clear help text.

If a workflow is added or modified:

  • Each item in Jobs should be named in order to mark it as required.
  • If the workflow needs to be marked as required, the maintainer team must be notified.

Backward compatibility

  • Protobuf changes should be wire-compatible.
  • Changes to _vt tables and RPCs need to be backward compatible.
  • RPC changes should be compatible with vitess-operator
  • If a flag is removed, then it should also be removed from vitess-operator and arewefastyet, if used there.
  • vtctl command output order should be stable and awk-able.

@vitess-bot vitess-bot bot added NeedsBackportReason If backport labels have been applied to a PR, a justification is required NeedsDescriptionUpdate The description is not clear or comprehensive enough, and needs work NeedsIssue A linked issue is missing for this Pull Request NeedsWebsiteDocsUpdate What it says labels Aug 16, 2024
@GuptaManan100 GuptaManan100 added Type: Enhancement Logical improvement (somewhere between a bug and feature) Component: Query Serving and removed NeedsDescriptionUpdate The description is not clear or comprehensive enough, and needs work NeedsIssue A linked issue is missing for this Pull Request NeedsBackportReason If backport labels have been applied to a PR, a justification is required NeedsWebsiteDocsUpdate What it says labels Aug 16, 2024
@github-actions github-actions bot added this to the v21.0.0 milestone Aug 16, 2024
Copy link

codecov bot commented Aug 16, 2024

Codecov Report

Attention: Patch coverage is 14.28571% with 12 lines in your changes missing coverage. Please review.

Project coverage is 68.98%. Comparing base (5458941) to head (b6208bd).
Report is 7 commits behind head on main.

Files Patch % Lines
go/vt/vttablet/tabletmanager/rpc_replication.go 0.00% 8 Missing ⚠️
go/vt/vttablet/tabletserver/tabletserver.go 0.00% 2 Missing ⚠️
go/vt/vttablet/tabletserver/dt_executor.go 50.00% 1 Missing ⚠️
go/vt/vttablet/tabletservermock/controller.go 0.00% 1 Missing ⚠️
Additional details and impacted files
@@           Coverage Diff           @@
##             main   #16608   +/-   ##
=======================================
  Coverage   68.97%   68.98%           
=======================================
  Files        1562     1562           
  Lines      200673   200706   +33     
=======================================
+ Hits       138424   138449   +25     
- Misses      62249    62257    +8     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Copy link
Member

@harshit-gangal harshit-gangal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should not disallow primary promotion if they are not using 2PC.
At somepoint we will make 2pc flag as default or maybe remove it completely as well.
Ideally today also, we do not need this flag.
What we should fail is the Prepare call, we can do this by marking an internal flag as twopc disabled and whenever a call for Prepare comes, we check against the internal flag first.

…ut-semi-sync

Signed-off-by: Manan Gupta <manan@planetscale.com>
… instead

Signed-off-by: Manan Gupta <manan@planetscale.com>
Signed-off-by: Manan Gupta <manan@planetscale.com>
…ut-semi-sync

Signed-off-by: Manan Gupta <manan@planetscale.com>
@GuptaManan100
Copy link
Member Author

I've made the required changes @harshit-gangal

@GuptaManan100 GuptaManan100 changed the title Reject primary promotion if two pc is enabled but semi-sync is not Reject TwoPC calls if semi-sync is not enabled Aug 21, 2024
Signed-off-by: Manan Gupta <manan@planetscale.com>
Signed-off-by: Manan Gupta <manan@planetscale.com>
Signed-off-by: Manan Gupta <manan@planetscale.com>
@harshit-gangal harshit-gangal merged commit 78a54ce into vitessio:main Aug 23, 2024
129 checks passed
@harshit-gangal harshit-gangal deleted the reject-two-pc-without-semi-sync branch August 23, 2024 14:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Component: Query Serving Type: Enhancement Logical improvement (somewhere between a bug and feature)
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants