[
https://issues.apache.org/jira/browse/IGNITE-20826?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alexander Lapin updated IGNITE-20826:
-------------------------------------
Description:
h3. Motivation
In order to guarantee that there's no safe time reordering within the very
first command after node restart, it's required either to restore the last
observable ordered safe time on restart or guarantee that it'll be ordered
because of some external invariants.
h3. Definition of Done
It is possible to check whether safeTime proposed after partition listener
restart is ordered with previously observed value.
h3. Implementation notes
One of the options is to guarantee that any proposed safe time is less than
primaryReplica.expirationTime. Along with selection of a new primary on restart
(with newPrimary.startTime > oldPrimaryStartTime) it'll be enough to force the
invariant specified in DoD. However, it's not trivial to handle
proposedSafeTime out of bounds condition.
Another option is to retrieve safe time from either raft log or snapshot.
And last but not least - it's also required to restore last observable ordered
timestamp on partition listener re-creation in case of rebalance.
h3. Upd#1
It's required to initialize `maxObservableSafeTime` not only within node start
but with leader election, actually only within leader election.
was:
h3. Motivation
In order to guarantee that there's no safe time reordering within the very
first command after node restart, it's required either to restore the last
observable ordered safe time on restart or guarantee that it'll be ordered
because of some external invariants.
h3. Definition of Done
It is possible to check whether safeTime proposed after partition listener
restart is ordered with previously observed value.
h3. Implementation notes
One of the options is to guarantee that any proposed safe time is less than
primaryReplica.expirationTime. Along with selection of a new primary on restart
(with newPrimary.startTime > oldPrimaryStartTime) it'll be enough to force the
invariant specified in DoD. However, it's not trivial to handle
proposedSafeTime out of bounds condition.
Another option is to retrieve safe time from either raft log or snapshot.
And last but not least - it's also required to restore last observable ordered
timestamp on partition listener re-creation in case of rebalance.
> Restore last observable ordered timestamp on restart
> ----------------------------------------------------
>
> Key: IGNITE-20826
> URL: https://issues.apache.org/jira/browse/IGNITE-20826
> Project: Ignite
> Issue Type: Bug
> Reporter: Alexander Lapin
> Priority: Major
> Labels: ignite-3
>
> h3. Motivation
> In order to guarantee that there's no safe time reordering within the very
> first command after node restart, it's required either to restore the last
> observable ordered safe time on restart or guarantee that it'll be ordered
> because of some external invariants.
> h3. Definition of Done
> It is possible to check whether safeTime proposed after partition listener
> restart is ordered with previously observed value.
> h3. Implementation notes
> One of the options is to guarantee that any proposed safe time is less than
> primaryReplica.expirationTime. Along with selection of a new primary on
> restart (with newPrimary.startTime > oldPrimaryStartTime) it'll be enough to
> force the invariant specified in DoD. However, it's not trivial to handle
> proposedSafeTime out of bounds condition.
> Another option is to retrieve safe time from either raft log or snapshot.
>
> And last but not least - it's also required to restore last observable
> ordered timestamp on partition listener re-creation in case of rebalance.
> h3. Upd#1
> It's required to initialize `maxObservableSafeTime` not only within node
> start but with leader election, actually only within leader election.
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
