Re: [PR] Sling 12743 -- Add topology delay mechanism to ensure system stability during topology changes [sling-org-apache-sling-discovery-base]

Tue, 29 Apr 2025 02:30:22 -0700 


stefan-egli commented on code in PR #12:
URL: 
https://github.com/apache/sling-org-apache-sling-discovery-base/pull/12#discussion_r2065892578


##########
src/main/java/org/apache/sling/discovery/base/commons/BaseDiscoveryService.java:
##########
@@ -93,6 +97,18 @@ public TopologyView getTopology() {
                 .listInstances(localClusterView);
         topology.addInstances(attachedInstances);
 
+        // Check if topology changes should be delayed
+        if (topologyReadinessHandler != null && 
topologyReadinessHandler.shouldDelayTopologyChange()) {
+            if (topologyReadinessHandler.isShutdown()) {
+                // On shutdown, mark oldView as not current to trigger 
TOPOLOGY_CHANGING
+                if (oldView != null) {
+                    oldView.setNotCurrent();
+                }
+            }
+            logger.debug("getTopology: topology changes are delayed, returning 
old view");
+            return oldView;

Review Comment:
   yes, I think this should work. I was wondering if the wording 
`shouldDelayTopologyChange` applies for the shutdown case too.. more of a 
naming aspect.
   
   btw: in both cases the `oldView.isCurrent()` should return `false` after 
this section - for the startup case that should be implicitly already the case, 
for the normal case. There might be a race condition, although not very likely, 
where the `topologyReadinessHandler` is still `null` and thus this section is 
skipped. In that case the local instance would send a `TOPOLOGY_INIT` still. So 
perhaps it might actually make it more robust if for both startup and shutdown 
cases the `setNotCurrent` is explicitly called...



##########
src/main/java/org/apache/sling/discovery/base/commons/TopologyReadinessHandler.java:
##########
@@ -0,0 +1,166 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.discovery.base.commons;
+
+import java.util.concurrent.atomic.AtomicReference;
+
+import org.apache.felix.hc.api.condition.SystemReady;
+import org.osgi.service.component.annotations.Activate;
+import org.osgi.service.component.annotations.Component;
+import org.osgi.service.component.annotations.Deactivate;
+import org.osgi.service.component.annotations.Reference;
+import org.osgi.service.component.annotations.ReferenceCardinality;
+import org.osgi.service.component.annotations.ReferencePolicy;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.osgi.service.component.ComponentContext;
+
+/**
+ * Coordinates topology changes based on system readiness state.
+ * This component ensures that topology changes only occur when the system is 
in a stable state,
+ * both during startup and shutdown sequences.
+ * 
+ * The handler manages three main states:
+ * 1. STARTUP: Initial state when the system is starting up
+ * 2. READY: System is ready for normal operation and topology changes
+ * 3. SHUTDOWN: System is in the process of shutting down
+ * 
+ * State Transitions:
+ * - System starts in STARTUP state
+ * - Transitions to READY state only when SystemReady service is bound
+ * - Transitions to SHUTDOWN state when:
+ *   * SystemReady service is unbound
+ *   * Component is deactivated
+ * 
+ * Note: This component requires the Felix SystemReady service to function 
properly.
+ * The system will remain in STARTUP state until SystemReady service is bound,
+ * and will transition to SHUTDOWN state when the service is unbound.
+ */
+@Component(service = TopologyReadinessHandler.class, immediate = true)
+public class TopologyReadinessHandler {
+
+    private final Logger logger = LoggerFactory.getLogger(this.getClass());
+
+    /**
+     * Represents the possible states of the system with explicit transitions.
+     */
+    private enum SystemState {
+        STARTUP {
+            @Override
+            protected SystemState[] getAllowedTransitions() {
+                return new SystemState[] { READY };
+            }
+        },
+        READY {
+            @Override
+            protected SystemState[] getAllowedTransitions() {
+                return new SystemState[] { SHUTDOWN };
+            }
+        },
+        SHUTDOWN {
+            @Override
+            protected SystemState[] getAllowedTransitions() {
+                return new SystemState[] { };  // No transitions allowed from 
SHUTDOWN
+            }
+        };
+
+        protected abstract SystemState[] getAllowedTransitions();
+    }
+
+    private final StateMachine stateMachine = new StateMachine();
+
+    @Reference(cardinality = ReferenceCardinality.MANDATORY, policy = 
ReferencePolicy.STATIC)
+    private volatile SystemReady systemReady;

Review Comment:
   does it work like this? ( 
[docu](https://github.com/apache/felix-dev/blob/master/healthcheck/api/src/main/java/org/apache/felix/hc/api/condition/SystemReady.java)
 mentions it needs the tag `systemready` )



##########
bnd.bnd:
##########
@@ -4,4 +4,12 @@
 # whitelist the private reference usage
 -fixupmessages:"Export 
org.apache.sling.discovery.base.connectors.announcement,  has 1,  private 
references [org.apache.sling.discovery.base.connectors.announcement.impl]"; \
     restrict:=warning; \
-    is:=warn
\ No newline at end of file
+    is:=warn
+
+Bundle-Version: 3.0.0

Review Comment:
   One thing I was always wondering: does the version need to be increased? 
Could the `TopologyReadinessHandler` not be an internal detail of 
discovery.base, and the package/major version would not have to be changed? 
(but there might be another reason that I'm missing)



##########
src/main/java/org/apache/sling/discovery/base/commons/BaseDiscoveryService.java:
##########
@@ -41,12 +42,15 @@ public abstract class BaseDiscoveryService implements 
DiscoveryService {
     /** the old view previously valid and sent to the TopologyEventListeners 
**/
     private DefaultTopologyView oldView;
 
+    @Reference
+    private TopologyReadinessHandler topologyReadinessHandler;
+
     protected abstract ClusterViewService getClusterViewService();
     
     protected abstract AnnouncementRegistry getAnnouncementRegistry();
     
     protected abstract void handleIsolatedFromTopology();
-    
+

Review Comment:
   detail: I'd remove this (there are a couple other similar cases in other 
files)



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to