[
https://issues.apache.org/jira/browse/HDFS-3077?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13472053#comment-13472053
]
Todd Lipcon commented on HDFS-3077:
-----------------------------------
The JN would need to respond additionally with the rest of the fields in
PrepareRecoveryResponseProto (eg acceptedInEpoch), as if the client called
PrepareRecovery on whatever the highest segment txid was. Then we could
evaluate those responses, and only feed those that agreed on the
max(segmentTxId) into the recovery comparator.
But, I'm not sure it's simpler or more robust. My reasoning is that starting a
new epoch (thus fencing the prior writer) is semantically different than
beginning recovery for a particular segment. So I think it's clearer to put
them in different pieces of code, even if they could be piggy-backed one on top
of the other for future round trips. Here's one example of why I think it makes
more sense to keep them separate:
Currently, we only run recovery on the highest txid segment at startup. This
means that every segment is stored on at least a quorum of nodes. But it does
not mean that previous segments get replicated to all available nodes. If we
wanted to improve this, however, you could have each of the NNs return a list
of segment txids for which they have an incomplete segment. Then, the NN can
run the recovery process for each of these earlier segments individually, all
from the same epoch. If we merged NewEpoch and PrepareRecovery, that wouldn't
be possible.
Another reason is that the current separation allows correct behavior in the
face of IPC retries on PrepareRecovery, since PrepareRecovery is idempotent.
NewEpoch is necessarily _not_ idempotent, because it is the one IPC that
requires a strictly greater epoch id (in order to preserve uniqueness of
epochs). This means that, if there's some timeout prepare phase, we can safely
add retries a few times to get past it, while such a policy doesn't work on
NewEpoch.
> Quorum-based protocol for reading and writing edit logs
> -------------------------------------------------------
>
> Key: HDFS-3077
> URL: https://issues.apache.org/jira/browse/HDFS-3077
> Project: Hadoop HDFS
> Issue Type: New Feature
> Components: ha, name-node
> Reporter: Todd Lipcon
> Assignee: Todd Lipcon
> Fix For: QuorumJournalManager (HDFS-3077)
>
> Attachments: hdfs-3077-partial.txt, hdfs-3077-test-merge.txt,
> hdfs-3077.txt, hdfs-3077.txt, hdfs-3077.txt, hdfs-3077.txt, hdfs-3077.txt,
> hdfs-3077.txt, hdfs-3077.txt, qjournal-design.pdf, qjournal-design.pdf,
> qjournal-design.pdf, qjournal-design.pdf, qjournal-design.pdf,
> qjournal-design.pdf, qjournal-design.tex, qjournal-design.tex
>
>
> Currently, one of the weak points of the HA design is that it relies on
> shared storage such as an NFS filer for the shared edit log. One alternative
> that has been proposed is to depend on BookKeeper, a ZooKeeper subproject
> which provides a highly available replicated edit log on commodity hardware.
> This JIRA is to implement another alternative, based on a quorum commit
> protocol, integrated more tightly in HDFS and with the requirements driven
> only by HDFS's needs rather than more generic use cases. More details to
> follow.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
