Snapshot: Migrate TransportRequestHandler to TransportMasterNodeAction

[dnhatn]

Currently, we are using a plain TransportRequestHandler to post snapshot status messages to the master. However, it doesn't have a robust retry mechanism as TransportMasterNodeAction. This change migrates from TransportRequestHandler to TransportMasterNodeAction for the new versions and keeps the current implementation for the old versions (BWC).

Closes #27151

[imotov]

Left a couple of comments/questions. In general, it looks good to me, but we need to figure out and outline our backport strategy more clearly. I feel like a lot of code here will not be actually needed in 7.x, when we will backport this to 6.x.

[imotov]

This is clever, but at the same time might be trap-y. This class is used in a lot of places and I think I would rather have 2 different clean implementation in 6.x and one clean implementation in 7.x then this here.

[dnhatn]

I agree, having two handlers may be safer than this approach.

[imotov]

Is this temporary solution until we backport his to 6.x branch? If this is the case, could you mark all this places with //TODO: or something like this so it would be obvious what we keep in 7.x and what goes only into 6.x.

[imotov]

Could you add a comment here why this is needs to be a listener and not an applier and why it's ok to have this as addListener and not addLast?

[dnhatn]

The test DedicatedClusterSnapshotRestoreIT#testSnapshotWithStuckNode was failed with an Applier but passed with a Listener. However, I don't really know the root cause.

[dnhatn]

@imotov, I think I have figured out the root cause. A Listener is called after the new state is set, while an Applier is called before that. In SnapshotShardsService, we call #syncShardStatsOnNewMaster -> #updateIndexShardSnapshotStatus which in turn uses a TransportMasterNodeAction. The TransportMasterNodeAction accesses the state of the cluster directly which may not be available yet if it's invoked from the Applier.

Caused by: java.lang.AssertionError: should not be called by a cluster state applier. reason [the applied cluster state is not yet available]

This explains why #testSnapshotWithStuckNode was failed with an Applier but passed with a Listener.

[dnhatn]

@imotov, I have reverted the first commit and added a new commit with 2 separate handlers. Could you please have another look? Thank you.

[imotov]

LGTM, but I would like @ywelsch to also take a look from ClusterState perspective.

[ywelsch]

I think I found an issue with the new action being invoked incorrectly. Also, we should think about a sensible timeout. Finally, I would like to see a test which shows that the retry mechanism works. Please also update PR description.

[ywelsch]

this request has a default masterNodeTimeout of 30 seconds. Shouldn't we wait longer (possibly forever?).

[dnhatn]

I pushed cb73eea

[ywelsch]

if you send the request like this, and the master is unavailable, there will be no retry (i.e. the retry code in TransportMasterNodeAction won't come into play). The action needs to be sent to to the node itself.

[dnhatn]

I pushed ea7ec38

[ywelsch]

again, masterNodeTimeout?

[dnhatn]

Done

[dnhatn]

@ywelsch, I have added a disruption test and verified that the retry mechanism works. Could you please take another look? Thank you.

[ywelsch]

Does the newly added test actually fail without your changes?

[ywelsch]

we should try to avoid Thread.sleep calls in our tests

[ywelsch]

this is usually done by calling networkDisruption.stopDisrupting();

[dnhatn]

@ywelsch, The newly added test was failed with a plain transport handler, but passed with TransportMasterNodeAction. I pushed 85da45d to address your suggestions. Could you please take another quick look? Thank you.

[dnhatn]

@ywelsch, The result of the test is false positive. As we enabled the delayed disruption, the MockTransportService clones an outgoing request using the request handler of that request on a sender node (eg. the data node in the test). However, in SnapshotShardsService, we only register the request handler for master nodes only.

elasticsearch/core/src/main/java/org/elasticsearch/snapshots/SnapshotShardsService.java

Lines 125 to 128 in dfdf496

	if (DiscoveryNode.isMasterNode(settings)) {
	// This needs to run only on nodes that can become masters
	transportService.registerRequestHandler(UPDATE_SNAPSHOT_ACTION_NAME, UpdateIndexShardSnapshotStatusRequest::new, ThreadPool.Names.SAME, new UpdateSnapshotStateRequestHandler());
	}

This causes the MockTransportService throw NPE when simulating network delay.

elasticsearch/test/framework/src/main/java/org/elasticsearch/test/transport/MockTransportService.java

Lines 430 to 433 in 4c06b8f

	RequestHandlerRegistry reg = MockTransportService.this.getRequestHandler(action);
	BytesStreamOutput bStream = new BytesStreamOutput();
	request.writeTo(bStream);
	final TransportRequest clonedRequest = reg.newRequest(bStream.bytes().streamInput());

I registered that handler for all nodes, then the test was passed with both approaches.

I tried with other kinds of disruption but no luck.

1. NetworkDisruption.NetworkDisconnect: both approaches were either success or failed.

2. Stop the current master node. This actually showed a difference between a plain transport handler and a master node action if I commented out syncShardStatsOnNewMaster(event)

   elasticsearch/core/src/main/java/org/elasticsearch/snapshots/SnapshotShardsService.java

   Lines 158 to 169 in dfdf496

   	public void applyClusterState(ClusterChangedEvent event) {
   	try {
   	SnapshotsInProgress prev = event.previousState().custom(SnapshotsInProgress.TYPE);
   	SnapshotsInProgress curr = event.state().custom(SnapshotsInProgress.TYPE);
   	if ((prev == null && curr != null) || (prev != null && prev.equals(curr) == false)) {
   	processIndexShardSnapshots(event);
   	}
   	String masterNodeId = event.state().nodes().getMasterNodeId();
   	if (masterNodeId != null && masterNodeId.equals(event.previousState().nodes().getMasterNodeId()) == false) {
   	syncShardStatsOnNewMaster(event);
   	}

syncShardStatsOnNewMaster(event) actually sends the snapshot status to a new elected master (I think a master node action does more than this). Actually, all existing tests were passed with the new approach (but not with the existing one) when I commented out syncShardStatsOnNewMaster(event).

What do you think? Thank you.

[ywelsch]

We probably can't get rid of syncShardStatsOnNewMaster as long as we run in mixed-version clusters with 6.0 nodes. If this is backported to v6.x, we could get rid of it in v7.0.0, however. @imotov WDYT?

[imotov]

@ywelsch, @dnhatn Yes, I think 6.x needs both because 6.x can talk to 6.0 and 6.0 is using the old way. However, 7.0 is only going to talk to 6.last and 6.last is going to have both protocols so we don't need support for both in 7.0. That's should be the final state, I think.

However, to get there we need to figure out how we are going to merge these changes in without breaking backward compatibility tests. One way to do it is to merge both protocols in 7.0, bake it there for a while, then back port it to 6.x, and remove old protocol from 7.0 at the same time.

[dnhatn]

@imotov Thank you for your suggestion. Just to confirm the backport steps.

1. Merge this PR to the 7.0 only
2. Backport this PR with a new commit updating the version checking to 6.x
3. Add a clean up commit to 7.0 only. This commit merely removes the BWC code.

[imotov]

Yes, except you can combine 7.x portion of 2) and 3) into a single commit.

[ywelsch]

LGTM

[dnhatn]

Thanks @imotov and @ywelsch for your helpful reviews.