Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Guard Repository#getRepositoryData for exception throw #50970

Closed
wants to merge 4 commits into from
Closed

Guard Repository#getRepositoryData for exception throw #50970

wants to merge 4 commits into from

Conversation

albertzaharovits
Copy link
Contributor

@albertzaharovits albertzaharovits commented Jan 14, 2020
edited
Loading

In practice, Repository#getRepositoryData can throw exceptions, for example the BlobStoreRepository implementation of it

elasticsearch/server/src/main/java/org/elasticsearch/repositories/blobstore/BlobStoreRepository.java

Line 1088 in 3c6f649

throw e;

The getRepositoryData method is called before any operation involving snapshots. If the exception is thrown on the cluster state applier thread, as it happens when creating a new snapshot, the state applier thread will loop, retrying to apply the same state. If the exception is persistent, as is the case of an encrypted repository with a wrong password (see #50846), the state applier thread will get stuck.

This commit tracks and fixes all uses of Repository#getRepositoryData to make sure that at some point the exception is catched and forwarded to a Listener#onFailure.

@albertzaharovits albertzaharovits added >bug :Distributed Coordination/Snapshot/Restore Anything directly related to the `_snapshot/*` APIs v8.0.0 v7.6.0 labels Jan 14, 2020
@albertzaharovits albertzaharovits self-assigned this Jan 14, 2020
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-distributed (:Distributed/Snapshot/Restore)

@original-brownbear
Copy link
Member

@albertzaharovits sorry for not thinking of it last night, but maybe instead of fixing the callers to the repository, shouldn't we better just fix org.elasticsearch.repositories.blobstore.BlobStoreRepository#getRepositoryData to not throw and always resolve the listener? It seems like a pretty easy change as well.

@albertzaharovits
Copy link
Contributor Author

@original-brownbear TBH I don't know how it's better, I think it depends on the conventions in the codebase. I don't like functions that throw and have a listener parameter. But in this case, it felt safer to me to handle the exception at a higher level since technically BlobStoreRepository#getRepositoryData can be overridden (and also other implementations of Repository#getRepositoryData can also mistakenly throw).

We could also fix BlobStoreRepository#getRepositoryData to not throw and cover the case that some implementation erroneously throws (as this PR does).

I'm fine with any of the three options. Let me know your preference.

@albertzaharovits
Copy link
Contributor Author

We've synced and learned that the problem is not a case of a state applier thread, but the logic of listing to get the latest generation followed by a failure to read the blob for that generation and resetting the generation.
Armin is on it.

@original-brownbear
Copy link
Member

Follow up is in #50987

This was referenced Feb 3, 2020
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@original-brownbear original-brownbear Awaiting requested review from original-brownbear

Assignees

@albertzaharovits albertzaharovits

Labels
>bug :Distributed Coordination/Snapshot/Restore Anything directly related to the `_snapshot/*` APIs v7.6.0 v8.0.0-alpha1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@albertzaharovits @elasticmachine @original-brownbear @jakelandis