-
Notifications
You must be signed in to change notification settings - Fork 496
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HDDS-11149. Have a generic version Validator for validating Requests #6932
base: master
Are you sure you want to change the base?
Conversation
…or to validate clients older than the specified version Change-Id: Ifcbb239994e7357032934d104ab18063c8d64251
Creating this patch as permanent fix in favour of #6922 |
If this approach looks good, I can also go about adding an integration test which tests all Om operations for different client versions. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @swamirishi for making the long-term fix quickly. :)
Only one comment so far (but it applies to many files).
conditions = {}, | ||
processingPhase = RequestProcessingPhase.PRE_PROCESS, | ||
requestType = Type.CreateBucket | ||
requestType = Type.CreateBucket, | ||
maxClientVersion = ClientVersion.ERASURE_CODING_SUPPORT |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would add {}
as default value here:
Line 85 in bde95f7
ValidationCondition[] conditions(); |
and tweak changes in @RequestFeatureValidator
usage:
- conditions = ValidationCondition.OLDER_CLIENT_REQUESTS,
+ maxClientVersion = ClientVersion.ERASURE_CODING_SUPPORT,
to reduce the patch. This changes only 1 line per item, instead of 3 lines + an unchanged line in the middle.
Looks like I commented without refreshing the PR, this seems to follow same approach as what is suggested as long term solution. Thanks @swamirishi for the quick fix. |
...e-manager/src/main/java/org/apache/hadoop/ozone/om/request/validation/ValidatorRegistry.java
Outdated
Show resolved
Hide resolved
Change-Id: Ife98bca526abf9d82d383f7e65f4140ba73e21a2
Entry<? extends ExecutableElement, ? extends AnnotationValue> entry) { | ||
if (isPropertyNamedAs(entry, ANNOTATION_MAX_CLIENT_VERSION_PROPERTY_NAME)) { | ||
Name maxClientVersion = visit(entry, new MaxClientVersionVisitor()); | ||
return !maxClientVersion.contentEquals(MAX_CLIENT_VERSION_FUTURE_VERSION); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can also check for sanity of maxClientVersion if not equal to MAX_CLIENT_VERSION_FUTURE_VERSION i.e whether it lies in the same range as ClientVersion.values()
Oh we can't do that since this is part of the static code. The annotation processor also doesn't have any access to the enums. So if we add this check, everytime we change something in the enum,. We would have to make a change. Thus bringing us back to the same problem. |
Please give me some time to get back to this one next week... I gonna need to digest this a bit more and also I would like to dig out some of my notes on earlier plans about how to make this better. I would not rush to commit this, so if it is required to fix this, let's push #6922 if we have time to work out this solution then please wait for me a bit. Thank you! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for working on this @swamirishi. While this PR is focused on the issues with the OLDER_CLIENT_REQUEST
condition, the CLUSTER_NEEDS_FINALIZATION
condition has the same problem. I suggest this:
- Adding two new keys in the annotation: one for client version and one for layout version. They are exclusive. Only one is allowed to be specified per annotation.
- Removing the general
ValidationCondition
from the annotation. - Two 3-nested maps in the registry: one for layout feature validators and one for client version validators since the version enums have different types.
Currently there is some iteration required for every request, even if they don't have a validator. With the general concept of validation conditions removed we can do a simple map lookup which will be more efficient in the common case, especially if we order the keys accordingly.
In this layout I think request version -> request type -> request phase -> validator
is the most efficient layout of the map. Most clients will probably be newer versions and can fail out of the check in the first level. After that, most requests will not have compat concerns for a given version, so even more requests exit early. The phase is hardcoded depending on which method is called so there is no option to exit early here, hence it should be last.
This is less general than the validation condition support we have now, but IMO the general implementation is causing code complexity and inefficiencies on the write path for something we do not use and may never need. This also makes it consistent with other upgrade related annotations like DisallowedUntilLayoutVersion
which only take a version and act on it with a fixed condition.
EDIT: I just remembered client version is the only thing that is not an exact match, so using it as a key directly will not work. The idea of baking the conditions into the framework to simplify the implementation and make it more consistent with the layout feature finalization framework still seems like a good approach though.
processingPhase = RequestProcessingPhase.PRE_PROCESS, | ||
requestType = Type.CreateBucket | ||
requestType = Type.CreateBucket, | ||
maxClientVersion = ClientVersion.ERASURE_CODING_SUPPORT |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should make this so that ClientVersion.BUCKET_LAYOUT_SUPPORT
is provided in the annotation for validators that deal with bucket layout. That would make this an exclusive upper bound on the client version that needs to be processed instead of an inclusive one.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also we can remove the if
statements in the body now right?
@@ -81,7 +82,7 @@ | |||
* Runtime conditions in which a validator should run. | |||
* @return a list of conditions when the validator should be applied | |||
*/ | |||
ValidationCondition[] conditions(); | |||
ValidationCondition[] conditions() default {}; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we still need this field?
* conditions though. | ||
* @returns the max required client version for which the validator runs for older clients. | ||
*/ | ||
ClientVersion maxClientVersion() default ClientVersion.FUTURE_VERSION; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we remove the conditions
field then this probably shouldn't have a default value. Technically the request validators can be used for things other than client versioning but I don't think we have a use case for that right now. Narrowing the scope of conditions indicates what their intended use is.
private final Map<Pair<Type, RequestProcessingPhase>, Pair<List<Method>, TreeMap<Integer, Integer>>> | ||
maxAllowedVersionValidatorMap = new HashMap<>(Type.values().length * RequestProcessingPhase.values().length, | ||
1.0f); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we get rid ValidationCondition
then we just have 3 keys to identify the validator(s) that need to run:
- Request type
- Request phase
- Client version
A triple nested map of these keys will be much easier to follow than the wild data structure created here.
Version shouldn't be part of the map key? We need the validator running for all clients older than a certain condition.
|
Change-Id: Ib1742e6a78f908598021ed0bb80f71d3c1527735
Change-Id: Ic084d8bc456468d66cb26d8fc0cfdd33920fb8ed # Conflicts: # hadoop-hdds/common/src/main/resources/META-INF/services/javax.annotation.processing.Processor
Change-Id: Iab5e022b6a1401998d905c68d491fe2a2a7413b7
Change-Id: Iba9e1caa6a66b033d39c95b20f78ebc8e23fba4d
Change-Id: I05265cad5f26082351c6926c24866b20a50b26d2
Hi @swamirishi, thank you for continued work on this one, the idea presented in the PR seems really promising, and for the first sight, it is the generalisation in the proper direction in order to make it possible to extend the current request validations to other service components, which I really like. To be honest I really envy you to get to this, I never forgot how badly I wanted to push things towards this direction back at the time when the original feature was ready but we could not spare time for this... Anyway... let's go back to the review itself... Please note that the single most crucial point of this whole system is the validationsFor() methods in ValidatorRegistry, every other bit is secondary compared to the operational effectiveness of how we get the validations, as that is in the way of all request processing. This means optimally the system can figure out at the very first step the cheapest possible way that the there are no validations to apply to a request, as in almost all request will fall into this bucket. Besides that the data structure should be designed in a way that it does not hold back the request processing more than it is absolutely necessary when there are version differences between the client and the server. I still did not have the time to digest fully the changes proposed, I wanted to give feedback as early as possible even if it is partial. You can expect some more review comments from me after I have the time to understand things further, most likely just early next week unfortunately. On the other hand, there is a problem which we need to address. A less burning issue, however it is our best interest to deal with this: |
Change-Id: I22ff08e5f4c43cbdda7a7db5f4d83417b55d481e
Change-Id: I551cb26f648bfedb7bc5bfee63b34731b56b4d9b
Hi @fapifta, thank you for your first level review. I have left comments inline
I have moved the entire thing into a ImmutableMap for the version class containing a nested enumMap which would track the request type and the phase for each of the validator, and to get all the validators which are supposed to run which have their validation condition version > the request version, I have used a treeMap which internally uses a Red black tree where all the keys are naturally sorted. So this makes the get very optimal to get all the request since we can directly jump to the start index in the treeMap to get all the required validators.
I have added the banned imports to the best of my knowledge to ban import of the OmClientVersionValidator & OMLayoutVersionValidator.
I have fixed the docs after finding their usages in the package-info & the different class's java-doc. |
@swamirishi
processor:
Actual implementation: Here, Above implementation:
I am confused how actual requirement is satisfied.
Also we can separate PR associated with generic implementation refactoring and concern we are trying to resolve, for better clarity and review. |
@sumitagrawl thanks for taking a look at the patch. I have a few comments which have added inline.
Since the check is happening on the server side. One should be implementing stuff related to the server. Max version here is the max version[exclusive] for which the validator is supposed to run.
For instance the server has the capability to read and write EC keys and the Bucket layout feature has not been finalized. We should allow write of EC keys on the server and not block it just because the upgrade has not been finalized to the latest metadata layout version.
I personally don't see any value in separating out the PR. Since we would still need to create the new annotation which allows validator annotation support generic enums that extend the version interface. To make it generic all we are doing is also making the requestType another generic enum. So that we can reuse this in other components as well. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you @swamirishi for your patience and also for the work you put into this initiative so far, not to mention the general discussion and your openness to try out various approaches.
In general I think we are more than good with the overall approach, however, there are a good couple of small things that I have marked inline for you to consider.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems that you have added the methods to validate the max version, but those methods are not used anywhere in the processor itself, therefore if an invalid value is present (FUTURE_VERSION), the processor does not emit an error message in this case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we want the annotation processor to validate all that? I would rather put this check someplace else. Probably in a place like https://github.com/swamirishi/ozone/blob/fc57929908cbb05a6304366e67f64317dbf9505d/hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/request/validation/ValidatorRegistry.java#L85-L88 where instead of just a set of allowedVersionTypes. I would pass a Map of version class to the allowed values. What do you think of that?
* Base class defining the version in the entire system. | ||
*/ | ||
public interface Version { | ||
int getVersion(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In order to conform all the method naming in the implementing interfaces/classes, can we call this method simply as version?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sure makes sense
@@ -28,6 +28,8 @@ | |||
* List of OM Layout features / versions. | |||
*/ | |||
public enum OMLayoutFeature implements LayoutFeature { | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we skip adding this two empty lines please?
@Retention(RetentionPolicy.RUNTIME) | ||
@Target(ElementType.ANNOTATION_TYPE) | ||
public @interface RegisterValidator { | ||
String MAX_VERSION_METHOD_NAME = "maxVersion"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am wondering if applyUntil would be a better name instead of maxVersion? I feel much more guided by applyUntil regarding the value to use for a pre-finalized validation, or a validation that should deal with older clients.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I look at this as a version validator. ApplyUntil does make sense, I believe in future we might also need to have an ApplyFrom method as well. Just want to ensure this makes sense. minVersion & maxVersion made a lot of sense to me.
ElementKind.ENUM, REQUEST_PROCESSING_PHASE_CLASS_NAME); | ||
} | ||
} | ||
if (!hasMaxVersion) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am wondering if it has any value to limit the number of elements in these annotations to exactly this 3 value, and check that there aren't any additional methods defined for it?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think we should put a restriction on any other method. Since the annotation could be used for some other purpose as well on a later basis. It doesn't make sense to just restrict the annotation definition to just have 3 methods and making it a minimum requirement is good enough.
RequestProcessingPhase phase, | ||
V requestVersion) { | ||
return Optional.ofNullable(this.indexedValidatorMap.get(requestVersion.getClass())) | ||
.map(requestTypeMap -> requestTypeMap.get(requestType)).map(phaseMap -> phaseMap.get(phase)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
.map(requestTypeMap -> requestTypeMap.get(requestType)).map(phaseMap -> phaseMap.get(phase)) | |
.map(requestTypeMap -> requestTypeMap.get(requestType)) | |
.map(phaseMap -> phaseMap.get(phase)) |
|
||
} | ||
|
||
private <K, V> V getAndInitialize(K key, Supplier<V> defaultSupplier, Map<K, V> from) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Probably we should just inline this, as it came up earlier when this method body was switched to computeIfAbsent.
public List<T> getItemsGreaterThanIdx(IDX indexValue) { | ||
return Optional.ofNullable(indexMap.higherEntry(indexValue)) | ||
.map(Map.Entry::getValue) | ||
.map(startIndex -> items.subList(startIndex, items.size())).orElse(Collections.emptyList()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
.map(startIndex -> items.subList(startIndex, items.size())).orElse(Collections.emptyList()); | |
.map(startIndex -> items.subList(startIndex, items.size())) | |
.orElse(Collections.emptyList()); |
} | ||
|
||
/** | ||
* |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Apidoc here would be nice, however I am fine if this method and the add method is not documented, however in this case please explain the IndexedItems class, and its role in the data structure within the registry somewhere.
return from.computeIfAbsent(key, k -> defaultSupplier.get()); | ||
} | ||
|
||
static final class IndexedItems<T, IDX extends Comparable<IDX>> { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
static final class IndexedItems<T, IDX extends Comparable<IDX>> { | |
private static final class IndexedItems<T, IDX extends Comparable<IDX>> { |
@swamirishi
cc: @fapifta |
Change-Id: I5fb15b4e3559fcee51f1964a4b0a50c57222f409
Hi @sumitagrawl Thank you for the suggestions, let me add some answers and further ideas for them.
PreFilter and PostFilter are a long standing part of Spring, however in J2EE we only have the Filter as part of the servlet specification. In our case we do something similar, but still some fundamentally different. I am not particularly fan of the original name either of the current OMLayoutVersionValidator or ClientVersionValidator either. But PreFilter and PostFilter in itself for me is also just a name that is close but somehow meh a bit. Let me give some history to the naming as I remember things. Once the original system was ready we already knew that there are a good couple of things that are not suitable for other components, and this have hurt us when we needed to solve compatibility in other components also for the same release. Back than we had some discussions about how to do this transitively for clients that are connecting to OM, but then OM also connects to SCM to fulfil the request. We also have had discussions about exotic and less exotic race conditions and what problems might come from them and how we can solve these, and most importantly we talked about how to extend the system to other components.
The problem of pre-finalized validations is the following (and you can check this for bucket layouts for example):
Priority is a thing as I mentioned we put some thoughts into already, however at that point we have not implemented it, as we did not see the use of it in the context of 1.2->1.3 upgrade support. In that context EC and Bucket layout support was two features added within the same version, so ordering the validations would not meant any difference in the overall processing because these two had to be validated anyway, and if one validation passes the other might still fail, while the use of any of them was not predicted to be more common overall. As of now even if we argue that an upgrade can now jump more than one release version, we have the possibility to order the validations based on their maxVersion, which naturally prioritizes older validators first, and still serves validators for the same release in an ad-hoc way. I do believe there is no use case where priority would be needed at least I am yet to see one, and once I saw one I am happy to revisit my stance on this.
I would argue that we have a terminology problem here... All in all:
Besides all of this we have to talk about possible race conditions with the system we are already aware of, but we left as is back than, and we still did not solved, like the one in HDDS-6682. As that may also reveal new problems and new ideas to simplify or complicate the current logic. |
processingPhase = RequestProcessingPhase.PRE_PROCESS, | ||
requestType = Type.CreateDirectory | ||
requestType = Type.CreateDirectory, | ||
maxVersion = ClientVersion.ERASURE_CODING_SUPPORT |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should be BUCKET_LAYOUT_SUPPORT as max version
@fapifta requestType can be array for requests to be supported for this... |
Change-Id: If7c47ea7242cfac29934c1a0eae6c57a46ccea58
@sumitagrawl thank you for giving an example for a generic pre-finalized state validation. The problem with this is that we do not want to disable all operations that have a new feature in the pre-finalized state, but we want to prevent using any new feature, so that if tests shows that a rollback/downgrade is needed, then it can be done. So in the pre-finalized state what we need is to disable any new features coming in, that would store metadata that the old code does not understand, but we want to ensure that all things are operational so that it is possible to verify that the upgraded software works as expected before allowing to write data/metadata that the old code can not understand. |
What changes were proposed in this pull request?
Currently RequestFeatureValidator only has a validator which checks if a certain client version for the OM request made by an older client or if the OM needs to be finalized.
There is a need for a more generic validator which should have a capability to validate the request from the client based on the server's layout version & client's version.
The patch introduces a new annotation RegisterValidator which allows to register a new feature validator for any request. The annotation enforces the validator to have a RequestType, maxVersion, ProcessingPhase in it's definition.
ValidationRegistry should be able to pull the validators registered and inturn should be able to get all the underlying validator methods based on the usage of the registered feature validator. The patch segregates the ClientVersionValidation and FINALIZATION validation into 2 validators named OMClientVersionValidator & OMLayoutVersionValidator respectively which would be responsible for checking the request client version & server side metadata layout version.
The validator has been written in such a way that the same code can be reused for other components (SCM & DN) as well to do their request validations as well.
What is the link to the Apache JIRA
https://issues.apache.org/jira/browse/HDDS-11149
How was this patch tested?
Existing unit test and additional unit tests