storage: when dropping objects, eagerly clean up state and update builtins #31515
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
aljoscha
force-pushed
the
storage-eager-state-cleanup
branch
7 times, most recently
from
1815fa2 to
0d8923a
Compare
bkirwi
reviewed
Feb 18, 2025
src/storage-controller/src/lib.rs
Outdated
| "DroppedId for ID {id} but we have neither ingestion nor export \ | ||
| under that ID" | ||
| ); | ||
| let prev = self.dropped_ids.remove(&id); |
There was a problem hiding this comment.
How does this interact with multi-replica storage clusters? Do we only expect to get one dropped id message globally?
There was a problem hiding this comment.
Ah yeah, dammit, DroppedId is a bit confusing, because for some things I thing the replica client logic only forwards a thing when all of the replicas agree, but I think you're right and for DroppedId they pass through as is, so we get multiple of them. I would just not remove things from dropped_ids and accept the small cost of keeping these around until a restart. ((I don't like using dropped_ids to begin with, but it's a compromise. ))
There was a problem hiding this comment.
I would just not remove things from dropped_ids and accept the small cost of keeping these around until a restart.
I'm not a fan of intentionally leaking memory. I think the storage controller has done that previously with the collection (and/or export) state and it turned out fine, but someone running CREATE/DROP in a loop could still oom envd. We definitely can't do it in compute where transient dataflows are created and dropped all the time.
aljoscha
force-pushed
the
storage-eager-state-cleanup
branch
16 times, most recently
from
b42116a to
84c211b
Compare
aljoscha
changed the title
…ated Before this change, we had a more sequentialized/blocking protocol for dropping sources (and other collections): 1. envd receives DDL that drops source 2. envd releases read holds and sends AllowCompaction to clusterd 3. clusterd drops source and sends back a DroppedId message 4. envd cleans up it's collection state and updates builtin collections: - updating mz_storage_shards (the global id -> shard id mapping) - updating source/sink status to "dropped" - removing statistics tracking Especially the transition between 3. and 4. can block a while if a cluster is unresponsive. Plus, in some situations we don't get DroppedId messages, so we would not do these updates/cleanups. The common of these situations are: - dropping a replica right after dropping sources/sinks - dropping a whole cluster Now, we eagerly apply updates to our builtin collections and also eagerly clean up state. The protocol becomes: 1. envd receives DDL that drops source 2. in parallel: 2.a: envd releases read holds and sends AllowCompaction to clusterd 2.b. envd cleans up it's collection state and updates builtin collections: - updating mz_storage_shards (the global id -> shard id mapping) - updating source/sink status to "dropped" - removing statistics tracking 3. clusterd drops source and sends back a DroppedId message The benefits of this change: - less code - control flow of dropping things is more localized and easier to understand - we fix problems where we inadvertently didn't drop state and update builtin collections
Same commit as the previous one, but for sinks. Before, we were waiting on DroppedId messages for a couple of of things: - cleaning up collection state in the controller - updating mz_storage_shards (the global id -> shard id mapping) - updating source/sink status to "dropped" - removing statistics tracking In some situations we don't get DroppedId messages, so we would not do these updates/cleanups. The common of these situations are: - dropping a replica right after dropping sources/sinks - dropping a whole cluster Now, we eagerly apply updates to our internal collections and also eagerly clean up state.
aljoscha
force-pushed
the
storage-eager-state-cleanup
branch
from
84c211b to
cd29c07
Compare
…d_capabilities This is a remnant from a moment where acquiring an instance client required async. But we don't have that anymore so we can simplify `process()` big time.
aljoscha
force-pushed
the
storage-eager-state-cleanup
branch
from
cd29c07 to
0bf850d
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
NOTE: This is now a whole bunch of other cleanups that were enabled/or made feasible by this initial change to eagerly clean out state and update builtin collections
Before this change, we had a more sequentialized/blocking protocol for
dropping sources (and other collections):
Especially the transition between 3. and 4. can block a while if a
cluster is unresponsive.
Plus, in some situations we don't get DroppedId messages, so we would
not do these updates/cleanups. The common of these situations are:
Now, we eagerly apply updates to our builtin collections and also
eagerly clean up state. The protocol becomes:
2.a: envd releases read holds and sends AllowCompaction to clusterd
2.b. envd cleans up it's collection state and updates builtin collections:
The benefits of this change:
understand
builtin collections