New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
priority and ring_hash LBs: fix interactions when using ring_hash under priority #29332
Conversation
…cancel when deactivating
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
f80fcac looks mostly good
A couple of comments on the test
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note that I need to merge #29320 before this, so please review that as well. Thanks!
Looks like the test needs a little more work here. Since merging #29321, the test is no longer failing without the code change here. I'll work on changing it so that it does so. |
I significantly rewrote the test to cover a simpler case but to do it in a way that exerts more control over the timing of the individual subchannel connection attempts. I also simplified the logic in the priority policy so that we always use the same code to choose a priority whenever any child reports a connectivity state change, which should systemically avoid the class of bugs where the logic for choosing a child does not match the logic for reacting to the current child's state changes. PTAL. |
Eric pointed out that the approach of always starting the failover timer in CONNECTING is not quite right, since that will cause us to select a higher-than-current priority that transitions back to CONNECTING when we have already been using a lower priority that is in state READY. We're still discussing the right way to fix this. |
priority: - go back to starting failover timer upon CONNECTING, but only if seen READY or IDLE more recently than TRANSIENT_FAILURE ring_hash: - don't flap back and forth between IDLE and CONNECTING; once we go CONNECTING, we stay there until either TF or READY - after the first subchannel goes TF, we proactively start another subchannel connecting, just like we do after a second subchannel reports TF, to ensure that we don't stay in CONNECTING indefinitely if we aren't getting any new picks - always return ring hash's picker, regardless of connectivity state - update the subchannel connectivity state seen by the picker upon subchannel list creation - start proactive subchannel connection attempt upon subchannel list creation if needed
…es (#9084) (#9094) per gRFC change grpc/grpc#29332: Apply new aggregation rule: If there is at least one subchannel in state TRANSIENT_FAILURE and there are more than one subchannel, report state CONNECTING. If we hit this rule, proactively start a subchannel connection attempt.
…es (#9084) (#9107) part of ring-hash part of the change grpc/grpc#29332: Apply new aggregation rule: If there is at least one subchannel in state TRANSIENT_FAILURE and there are more than one subchannel, report state CONNECTING. If we hit this rule, proactively start a subchannel connection attempt.
…es (#9084) (#9108) part of ring-hash part of the change grpc/grpc#29332: Apply new aggregation rule: If there is at least one subchannel in state TRANSIENT_FAILURE and there are more than one subchannel, report state CONNECTING. If we hit this rule, proactively start a subchannel connection attempt.
ringHashPicker changes per gRFC: grpc/grpc#29332: previously it appears the picker logic is wrong, e.g. not request connecting on the any subchannel if it is in TRANSIENT_FAILURE Refactored the logic to mirror the pseudo-code more so easier to understand.
ringHashPicker changes per gRFC: grpc/grpc#29332: previously it appears the picker logic is wrong, e.g. not request connecting on the any subchannel if it is in TRANSIENT_FAILURE Refactored the logic to mirror the pseudo-code more so easier to understand.
…er priority (grpc#29332) * refactor connection delay injection from client_lb_end2end_test * fix build * fix build on older compilers * clang-format * buildifier * a bit of code cleanup * start failover time whenever the child reports CONNECTING, and don't cancel when deactivating * clang-format * rewrite test * simplify logic in priority policy * clang-format * switch to using a bit to indicate child healthiness * fix reversed comment * more changes in priority and ring_hash. priority: - go back to starting failover timer upon CONNECTING, but only if seen READY or IDLE more recently than TRANSIENT_FAILURE ring_hash: - don't flap back and forth between IDLE and CONNECTING; once we go CONNECTING, we stay there until either TF or READY - after the first subchannel goes TF, we proactively start another subchannel connecting, just like we do after a second subchannel reports TF, to ensure that we don't stay in CONNECTING indefinitely if we aren't getting any new picks - always return ring hash's picker, regardless of connectivity state - update the subchannel connectivity state seen by the picker upon subchannel list creation - start proactive subchannel connection attempt upon subchannel list creation if needed * ring_hash: fix connectivity state seen by aggregation and picker * fix obiwan error * swap the order of ring_hash aggregation rules 3 and 4 * restore original test * refactor connection injector QueuedAttempt code * add test showing that ring_hash will continue connecting without picks * clang-format * don't actually need seen_failure_since_ready_ anymore * fix TSAN problem * address code review comments
…er priority (grpc#29332) * refactor connection delay injection from client_lb_end2end_test * fix build * fix build on older compilers * clang-format * buildifier * a bit of code cleanup * start failover time whenever the child reports CONNECTING, and don't cancel when deactivating * clang-format * rewrite test * simplify logic in priority policy * clang-format * switch to using a bit to indicate child healthiness * fix reversed comment * more changes in priority and ring_hash. priority: - go back to starting failover timer upon CONNECTING, but only if seen READY or IDLE more recently than TRANSIENT_FAILURE ring_hash: - don't flap back and forth between IDLE and CONNECTING; once we go CONNECTING, we stay there until either TF or READY - after the first subchannel goes TF, we proactively start another subchannel connecting, just like we do after a second subchannel reports TF, to ensure that we don't stay in CONNECTING indefinitely if we aren't getting any new picks - always return ring hash's picker, regardless of connectivity state - update the subchannel connectivity state seen by the picker upon subchannel list creation - start proactive subchannel connection attempt upon subchannel list creation if needed * ring_hash: fix connectivity state seen by aggregation and picker * fix obiwan error * swap the order of ring_hash aggregation rules 3 and 4 * restore original test * refactor connection injector QueuedAttempt code * add test showing that ring_hash will continue connecting without picks * clang-format * don't actually need seen_failure_since_ready_ anymore * fix TSAN problem * address code review comments
…er priority (#29332) (#30253) * refactor connection delay injection from client_lb_end2end_test * fix build * fix build on older compilers * clang-format * buildifier * a bit of code cleanup * start failover time whenever the child reports CONNECTING, and don't cancel when deactivating * clang-format * rewrite test * simplify logic in priority policy * clang-format * switch to using a bit to indicate child healthiness * fix reversed comment * more changes in priority and ring_hash. priority: - go back to starting failover timer upon CONNECTING, but only if seen READY or IDLE more recently than TRANSIENT_FAILURE ring_hash: - don't flap back and forth between IDLE and CONNECTING; once we go CONNECTING, we stay there until either TF or READY - after the first subchannel goes TF, we proactively start another subchannel connecting, just like we do after a second subchannel reports TF, to ensure that we don't stay in CONNECTING indefinitely if we aren't getting any new picks - always return ring hash's picker, regardless of connectivity state - update the subchannel connectivity state seen by the picker upon subchannel list creation - start proactive subchannel connection attempt upon subchannel list creation if needed * ring_hash: fix connectivity state seen by aggregation and picker * fix obiwan error * swap the order of ring_hash aggregation rules 3 and 4 * restore original test * refactor connection injector QueuedAttempt code * add test showing that ring_hash will continue connecting without picks * clang-format * don't actually need seen_failure_since_ready_ anymore * fix TSAN problem * address code review comments Co-authored-by: Mark D. Roth <roth@google.com>
Fixes interactions between the
priority
andring_hash
LB policies, as per the changes in grpc/proposal#296. Also fixes some unrelated bugs found while looking at the code.Specific changes in
priority
:READY
toCONNECTING
, but then seeing a duplicateTRANSIENT_FAILURE
update from a higher priority that causes us to deselect the current priority because it is in stateCONNECTING
but does not have a failover timer pending.TRANSIENT_FAILURE
more recently thanIDLE
orREADY
, and use this to decide whether to restart the failover timer when a child reportsCONNECTING
. This ensures that we properly start the failover timer when thering_hash
child policy transitions fromIDLE
toCONNECTING
at startup.Specific changes in
ring_hash
:TRANSIENT_FAILURE
and there are more than one subchannel, report stateCONNECTING
. If we hit this rule, proactively start a subchannel connection attempt.ring_hash
picker regardless of what connectivity state we report.READY
toTRANSIENT_FAILURE
as being in stateIDLE
, as per the gRFC.IDLE
) for both aggregation rules and for the state visible to the picker.