Add master task throttling #553
Conversation
Signed-off-by: Dhwanil Patel <dhwanip@amazon.com>
|
✅ Gradle Wrapper Validation success c9e6126 |
|
✅ DCO Check Passed c9e6126 |
|
✅ Gradle Precommit success c9e6126 |
|
start gradle check |
|
start dco check |
|
✅ DCO Check Passed c9e6126 |
|
✅ Gradle Wrapper Validation success c9e6126 |
|
✅ Gradle Precommit success c9e6126 |
| release(diff); | ||
| } else if (diff < 0) { | ||
| // remove permits | ||
| reducePermits(Math.negateExact(diff)); |
There was a problem hiding this comment.
what happens if those permits are already acquired? does it fail or wait for those permits to be released?
There was a problem hiding this comment.
Update call will pass even if all permits are acquired. New acquire will fail, it will pass once enough permits are not released and there are available permits as per new limit.
For e.g. Limit is 8, acquired 8 permits, Changed limit to 5, release 3 permits, acquire of 1 permit wont be allowed as per new limit and there are already 5 permits are acquired.
| IndexingPressure.MAX_INDEXING_BYTES, | ||
| MasterTaskThrottler.ENABLE_MASTER_THROTTLING, | ||
| MasterTaskThrottler.THRESHOLD_SETTINGS))); |
There was a problem hiding this comment.
We will need to document these new settings and also label the PR accordingly for minor version, it will be available in.
There was a problem hiding this comment.
Yes, once we finalized the documentation strategy will update document. I have updated this in SIM to keep track of documentation. Will keep that issue open until documentation is not added.
Don't have permission to add lebel in PR.
| * We can also provide the class path of request, which we want to throttle. If new task type has introduced and we | ||
| * haven't added that in configuration then we can use the class path of request to enable throttling on that type. | ||
| * e.g use "org/opensearch/action/admin/indices/create/CreateIndexClusterStateUpdateRequest" as key in setting | ||
| * throttling limit for Create index tasks. |
There was a problem hiding this comment.
How will this setting key look like in cluster state? What happens in case as part of some refactoring we move around classes? Then, all of a sudden these settings would start failing? or are we going to migrate these settings automatically?
Also it feels like a backdoor, what if user keeps on provide non throttling applicable classes here, how do you control that?
There was a problem hiding this comment.
How will this setting key look like in cluster state?
Key will looks same in cluster setting. Like "org/opensearch/action/admin/indices/create/CreateIndexClusterStateUpdateRequest".
What happens in case as part of some refactoring we move around classes? Then, all of a sudden these settings would start failing?
Yes if class are refactored it would start failing. Ideally new node will not come up as prepareCommit it self fails to apply setting.
For refactoring cases, we will need to remove old settings, move cluster to new release with refactored class and then reapply with new class path.
Do you have any suggestion to improve this behavior? Will be happy to improve if there is any scope.
Also it feels like a backdoor, what if user keeps on provide non throttling applicable classes here, how do you control that?
Nice Suggestion!
I didn't had any verification for it, but I have added it now. While applying setting we will check class should be MasterNode Request or ClusterState Update Request. Through this validation we can control it. Please let me know If I have missed any other request type in check. Thanks.
There was a problem hiding this comment.
@dhwanilpatel : I am thinking why do we even need this? Anytime a new class is added, it should be caught in the review and a decision should be taken whether it should be added in throttler or not.
There was a problem hiding this comment.
Your suggestion is good, I think it will be cleaner way as well. Operator don't have to worry about class path. I will evaluate all the task type and add those here in this mapping where we may need throttling.
Just one concern, Is there any way to make sure we caught new tasks in PR and evaluate requirement of throttling?
There was a problem hiding this comment.
I have found one for issue while doing above change, for most of the task submission it is using anonymous class, so can't rely on class name of submitted task for those.
I have changed logic little bit now. Now we will do throttling based on executor type. Each task has its own executor implementation so relationship would be 1:1 only. I have added one method to get the throttling key in ClusterStateTaskExecutor. For tasks where we want to configure throttling they will override it and provide the key for throttling.
I have analyzed the various task types and added key for most of the tasks which are generated from customer like create index/put mapping/etc. Please validate that if I have covered enough tasks or not.
| public long throttledTaskCount() { | ||
| return throttledTasksCount.count(); | ||
| } | ||
|
|
There was a problem hiding this comment.
could we maintain throttledTasksCount at the task level? As I understand this is a cumulative count, wondering should it get reset during disabling of throttling?
There was a problem hiding this comment.
Yes I have captured task level throttledTasksCount. We are also planing to add this stats in stats API, it will help in that as well.
As I understand this is a cumulative count, wondering should it get reset during disabling of throttling?
I don't see any reason for re-setting it to zero once we disable throttling. IMO we should maintain how many tasks were throttled in past.
Do you have specific case in mind for which we need to reset it to zero?
|
Backward Compatibility: Discussion regarding this in previous PR: (Discussion) |
Signed-off-by: Dhwanil Patel <dhwanip@amazon.com>
|
✅ Gradle Wrapper Validation success 537d818 |
|
✅ DCO Check Passed 537d818 |
|
✅ Gradle Precommit success 537d818 |
server/src/main/java/org/opensearch/cluster/service/MasterTaskThrottler.java
Outdated
Show resolved
Hide resolved
server/src/main/java/org/opensearch/action/bulk/BackoffPolicy.java
Outdated
Show resolved
Hide resolved
| put("delete_snapshot", DeleteSnapshotRequest.class); | ||
| } | ||
| }; | ||
| private final int DEFAULT_THRESHOLD_VALUE = -1; // Disabled throttling |
There was a problem hiding this comment.
Ideally we should have reasonable defaults for these values so that there is protection in the cluster even if user has not configured it explicitly.
But in this case, it can be breaking change for customer as they would not have exception handling for the new exception for end customer calls or old data nodes requests during upgrade. I am thinking we can keep default as -1 and switch to reasonable default in next major version for OpenSearch.
Scenarios which will be impacted during upgrade when we have changed the defaults from -1.
- Old master / old data nodes - No Issue
- Old master/ new data nodes - No Issue
- New master / new data nodes - No Issue
- New master / old data nodes - Issue. Ideally it is expected for data nodes to upgrade first and then master nodes and then switch the active master as data nodes in lower version may not be able to connect to master in high version. So, it is ok if this is called out as breaking change as part of next OpenSearch major version.
There was a problem hiding this comment.
For minor version upgrades same scenario mentioned by you can cause issue (New master / old data nodes) If customer changes the threshold limit during upgrade and it starts throwing new exception. In that case it would be breaking change.
Also we are introducing new settings, will it also be breaking change as older minor version nodes wont be able to understand new setting if customer has set it during upgrade.
Ideally it is expected for data nodes to upgrade first and then master nodes and then switch the active master as data nodes in lower version may not be able to connect to master in high version
Does it stand for minor version upgrade as well?
If yes, then I think we are covered in above two cases for minor version upgrades and expecting customer to follow this process for upgrade.
There was a problem hiding this comment.
For minor version upgrades same scenario mentioned by you can cause issue (New master / old data nodes) If customer changes the threshold limit during upgrade and it starts throwing new exception. In that case it would be breaking change.
We can recommend customers to not enable this setting during upgrade otherwise their request could throttle without any automatic retries. They should enable this setting once the upgrade has finished.
Also we are introducing new settings, will it also be breaking change as older minor version nodes wont be able to understand new setting if customer has set it during upgrade.
Addition of new settings shouldn't be a breaking change, even on old nodes, can you try it?
Does it stand for minor version upgrade as well?
Ideally, it applies to all version upgrades minor or major.
There was a problem hiding this comment.
We can recommend customers to not enable this setting during upgrade otherwise their request could throttle without any automatic retries. They should enable this setting once the upgrade has finished.
For that I have added validation of min version in cluster while updating setting. I have added that validation in enable/disable setting. Will move it to threshold setting as we are relying on it only.
Addition of new settings shouldn't be a breaking change, even on old nodes, can you try it?
Actually, I had tried it. If new setting is applied and we call _cluster/settings API from older version node then, it would fail to parse new setting. We are recommending not to enable this setting during upgrade so I think that will cover this case as well.
What do you think?
Ideally, it applies to all version upgrades minor or major.
Okay, yes it make sense to follow this for all upgrades.
| org.opensearch.cluster.service.MasterTaskThrottlingException.class, | ||
| org.opensearch.cluster.service.MasterTaskThrottlingException::new, | ||
| 161, | ||
| Version.V_7_10_3); |
There was a problem hiding this comment.
Please add a TODO as the version will change as per OpenSearch versioning and also depending on which version this PR will be tagged/ merged.
There was a problem hiding this comment.
Added TODO, will keep this comment as unresolved as well to keep track of it.
|
I am wondering if it's possible to split this PR into phases so that it is not so big all at once. |
…er driven task types Signed-off-by: Dhwanil Patel <dhwanip@amazon.com>
Signed-off-by: Dhwanil Patel <dhwanip@amazon.com>
|
✅ Gradle Wrapper Validation success cf3f16d |
|
✅ DCO Check Passed cf3f16d |
|
✅ Gradle Precommit success cf3f16d |
@AmiStrn Initially I hadn't thought it would become this large. Apologies for not planning it correctly. My only worry is that I already had to discard one PR(#484) which had very good discussion in review. It would be little inconvenient for reviewers and other members to go through the discarded PRs to look at those discussion. Giving little context on main code files which might help in review:
Above class contains the major functionality of feature, rest of the major component of code is UTs/ITs. Still if you think it would help to review separate PRs will be happy to split it in different PRs. |
|
I am not a maintainer of the project so it really is up to them at this point. My preference would be to see it broken down, however, I appreciate the effort in your comment and issue description to make things easier. I will try to understand the PR in its current state:) |
There was a problem hiding this comment.
Thanks for the changes, Dhwanil. We are almost there :)
We can't push this change without a clear plan and integration tests for BWC. Let us add the tests.
I will review the tests in detail once you make all the changes.
In future, please raise small PRs. If you can find a way to break the PR, just do so even if the combined PR is still smaller as these features have a tendency to become huge.
|
|
||
| protected MasterNodeRequest() { | ||
| } | ||
|
|
||
| protected MasterNodeRequest(StreamInput in) throws IOException { | ||
| super(in); | ||
| masterNodeTimeout = in.readTimeValue(); | ||
| remoteRequest = in.readOptionalBoolean(); |
| } | ||
|
|
||
| @Override | ||
| public void writeTo(StreamOutput out) throws IOException { | ||
| super.writeTo(out); | ||
| out.writeTimeValue(masterNodeTimeout); | ||
| out.writeOptionalBoolean(remoteRequest); |
| @@ -71,6 +74,11 @@ public final Request masterNodeTimeout(TimeValue timeout) { | |||
| return (Request) this; | |||
| } | |||
|
|
|||
| public final Request setRemoteRequest(boolean remoteRequest) { | |||
There was a problem hiding this comment.
Public setter- why not add to the constructor?
| long delay = backoffDelay.next().getMillis(); | ||
| if(totalDelay + delay >= request.masterNodeTimeout.getMillis()) { | ||
| delay = request.masterNodeTimeout.getMillis() - totalDelay; | ||
| scheduler.schedule(new Runnable() { |
There was a problem hiding this comment.
Why is there a need to delay the exception? Directly call listener? Better to throw exception early?
| @@ -77,6 +77,10 @@ public String describeTasks(List<ClusterStateUpdateTask> tasks) { | |||
| */ | |||
| public abstract void onFailure(String source, Exception e); | |||
|
|
|||
| // public String getMasterThrottlingKey() { | |||
| "cluster-reroute-api" | ||
| ))); | ||
|
|
||
| private final int DEFAULT_THRESHOLD_VALUE = -1; // Disabled throttling |
| throw new IllegalArgumentException("Master task throttling is not configured for given task type: " + key); | ||
| } | ||
| int threshold = groups.get(key).getAsInt("value", DEFAULT_THRESHOLD_VALUE); | ||
| if(threshold < DEFAULT_THRESHOLD_VALUE) { |
There was a problem hiding this comment.
Why default threshold value? It may change in future? If not, rename default to min?
| * Contains stats of Master Task Throttling. | ||
| * It stores the total cumulative count of throttled tasks per task type. | ||
| */ | ||
| public class MasterThrottlingStats { |
There was a problem hiding this comment.
Should this be moved to Throttler?
| * Contains stats of Master Task Throttling. | ||
| * It stores the total cumulative count of throttled tasks per task type. | ||
| */ | ||
| public class MasterThrottlingStats { |
There was a problem hiding this comment.
A useful stat would be how long since a task was throttled, but not yet released? Would be helpful in debugging- basically oldest throttled task. What do you think?
| } | ||
|
|
||
| @Override | ||
| public void onFailure(Exception e) { |
There was a problem hiding this comment.
Please add BWC tests for the following cases:
- Old data node, new master node: Here, master may throttle the request and data node will propagate the throttling error to client, which may not be gracefully handled upstream. One way to get around this problem is to make master node know which node the request came from and handle the requests accordingly- e.g add a field in
MasterNodeRequestabout the same. Do you plan to handle this in a different way? - Old master node, new data node: This will work, I think. I think the setting update itself will fail.
+1 to split into smaller incremental PRs. It's difficult to track if this should be merged in the next major release (2.0.0) and already the PR has stalled over two months. |
|
✅ Gradle Wrapper Validation success cf3f16d |
|
✅ DCO Check Passed cf3f16d |
|
✅ Gradle Precommit success cf3f16d |
|
Can one of the admins verify this patch? |
|
@dhwanilpatel Hey, it's been a while since this was updated....Are you planning to break this into smaller PRs? Thanks! |
|
✅ Gradle Wrapper Validation success cf3f16d |
|
✅ DCO Check Passed cf3f16d |
|
✅ Gradle Precommit success cf3f16d |
|
Apologies for too much of delay, Yes next step is to break this PR in smaller PR. I will plan work for it. |
|
@dhwanilpatel we still would like this feature! |
|
Looks like this won't get worked on for a while, closing. See #479 if anyone wants to pick this up again. |
|
Yes @dblock, this will be good feature, it will help in making master more resilience against floods of pending tasks. Unfortunately, I wont have time to work on it in near future. I will update over here whenever I am back on this. |
Rebased with master Previous work : opensearch-project#553
Signed-off-by: Dhwanil Patel <dhwanip@amazon.com>
…OS 2.2.0 (opensearch-project#555) * Fixes opensearch-project#553: fix highlight max_analyzer_offset field name to match with the one introduced in OpenSearch 2.2.0 Signed-off-by: Joao Schmitt <schmittjoaopedro@gmail.com> * fix checkstyle errors Signed-off-by: Joao Schmitt <schmittjoaopedro@gmail.com> --------- Signed-off-by: Joao Schmitt <schmittjoaopedro@gmail.com>
Signed-off-by: Dhwanil Patel dhwanip@amazon.com
Description
Adding throttling functionality of tasks on master nodes. Master will reject tasks from data nodes based on throttling config and data nodes will retry with exponential backoff on those tasks to submit on master node.
It can be enabled/disabled by dynamic setting, we can add throttling config for task type using dynamic setting as well.
Command for enabling/disabling.
curl -X PUT "localhost:9200/_cluster/settings?pretty" -H 'Content-Type: application/json' -d' { "persistent": { "master.throttling.enable": "true" } } 'Commands for adding throttling config:
For adding throttling config for any of the task type, we will need to find class path for underlying request object and provide that path in config.
For e.g. for adding limit for put-mapping task type,
PutMappingClusterStateUpdateRequest is underlying request object to master for "put-mapping" tasks.
curl -XPUT "localhost:9200/_cluster/settings?pretty" -H 'Content-Type: application/json' -d' { "persistent": { "master.throttling.thresholds" : { "org/opensearch/action/admin/indices/mapping/put/PutMappingClusterStateUpdateRequest" : { "value" : 10 } } } }'Older PR for previous conversations
#484
Issues Resolved
closes #479
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.