You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zookeeper.apache.org by "Thawan Kooburat (JIRA)" <ji...@apache.org> on 2012/11/07 03:32:13 UTC
[jira] [Commented] (ZOOKEEPER-1549) Data inconsistency when
follower is receiving a DIFF with a dirty snapshot
[ https://issues.apache.org/jira/browse/ZOOKEEPER-1549?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13492075#comment-13492075 ]
Thawan Kooburat commented on ZOOKEEPER-1549:
--------------------------------------------
This may require more changes, but it based on that the 2 ideas
1. We should never let uncommitted changes reach DataTree so we don't have to worry about snapshot have uncommitted stage.
2. Follower need to log uncommitted txn sent by the leader to its txnlog during synchronization. This mimic quorum voting and guarantee correctness.
Here is how we may implement it:
Before leader start serving request, there is no need for the leader to replay its txnlog at all. It only need to know the latest zxid in order to be elected as a leader and synchronize with the follower. The leader need to send uncommitted txns before sending NEWLEADER packet. Even if a follower request a snapshot, it won't get uncommitted txn as part of the snapshot. Then, the follower need to log the steam of txns between DIFF/SNAP and NEWLEADER to disk before sending ACK back to the leader. When the leader receive majority of ACK, then it can apply the uncommitted txn and start serving request.
> Data inconsistency when follower is receiving a DIFF with a dirty snapshot
> --------------------------------------------------------------------------
>
> Key: ZOOKEEPER-1549
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1549
> Project: ZooKeeper
> Issue Type: Bug
> Components: quorum
> Affects Versions: 3.4.3
> Reporter: Jacky007
> Priority: Critical
> Attachments: case.patch
>
>
> the trunc code (from ZOOKEEPER-1154?) cannot work correct if the snapshot is not correct.
> here is scenario(similar to 1154):
> Initial Condition
> 1. Lets say there are three nodes in the ensemble A,B,C with A being the leader
> 2. The current epoch is 7.
> 3. For simplicity of the example, lets say zxid is a two digit number, with epoch being the first digit.
> 4. The zxid is 73
> 5. All the nodes have seen the change 73 and have persistently logged it.
> Step 1
> Request with zxid 74 is issued. The leader A writes it to the log but there is a crash of the entire ensemble and B,C never write the change 74 to their log.
> Step 2
> A,B restart, A is elected as the new leader, and A will load data and take a clean snapshot(change 74 is in it), then send diff to B, but B died before sync with A. A died later.
> Step 3
> B,C restart, A is still down
> B,C form the quorum
> B is the new leader. Lets say B minCommitLog is 71 and maxCommitLog is 73
> epoch is now 8, zxid is 80
> Request with zxid 81 is successful. On B, minCommitLog is now 71, maxCommitLog is 81
> Step 4
> A starts up. It applies the change in request with zxid 74 to its in-memory data tree
> A contacts B to registerAsFollower and provides 74 as its ZxId
> Since 71<=74<=81, B decides to send A the diff.
> Problem:
> The problem with the above sequence is that after truncate the log, A will load the snapshot again which is not correct.
> In 3.3 branch, FileTxnSnapLog.restore does not call listener(ZOOKEEPER-874), the leader will send a snapshot to follower, it will not be a problem.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira