void-ptr974 opened a new pull request, #25795:
URL: https://github.com/apache/pulsar/pull/25795
### Motivation
`ManagedLedger.terminate()` marks the managed ledger as a final write
state: no more entries should be accepted after termination.
There is a race between `terminate()` and ledger rollover:
1. An add fills the current ledger and triggers rollover.
2. The managed ledger moves into `ClosingLedger` / `CreatingLedger`.
3. `terminate()` runs before the rollover create/switch callback finishes,
and marks the managed ledger as `Terminated`.
4. The delayed `createComplete()` or `updateLedgersIdsComplete()` callback
resumes the old rollover flow.
5. The callback can set the state back to `LedgerOpened`, making a
terminated managed ledger writable again.
This breaks the terminate semantics and can leave queued writes handled as
normal rollover writes instead of terminated writes.
### Modifications
This change makes `Terminated` a final write state for the rollover
completion path.
The fix includes:
- Check `Terminated` in `createComplete()` before continuing the ledger
creation flow.
- Close a ledger handle if it was created after the managed ledger had
already been terminated.
- Fail pending add operations with `ManagedLedgerTerminatedException` when
rollover completion observes `Terminated`.
- Prevent `updateLedgersIdsComplete()` from setting the state back to
`LedgerOpened` after termination.
- Prevent creating a replacement ledger after the current ledger is closed
if the managed ledger is already `Terminated`.
- Add logs for late ledger-create / ledger-switch callbacks observed after
termination.
### Verifying this change
- [x] Make sure that the change passes the CI checks.
This change added tests and can be verified as follows:
- Added `terminateDuringLedgerSwitchKeepsTerminatedState` to simulate a
delayed BookKeeper ledger create callback returning after `terminate()`.
- Added `ledgerSwitchCompletionDoesNotReopenTerminatedLedger` to verify
that a late ledger-switch completion cannot move the state from `Terminated`
back to `LedgerOpened`.
- Verified that pending writes during the race fail with
`ManagedLedgerTerminatedException`.
- Verified that reopening the managed ledger still observes the terminated
state.
### Does this pull request potentially affect one of the following parts:
- [ ] Dependencies (add or upgrade a dependency)
- [ ] The public API
- [ ] The schema
- [ ] The default values of configurations
- [ ] The threading model
- [ ] The binary protocol
- [ ] The REST endpoints
- [ ] The admin CLI options
- [ ] The metrics
- [ ] Anything that affects deployment
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
