Mahadev, is it true that a lagging follower, participating in the ensemble but not part of the quorum, would continue to respond to read requests until it had received/processed the update from the leader?

Patrick

Mahadev Konar wrote:
HI Manos,

 The accepting of a txn for being processed does not mean that the txn has
been accpeted by the quorum and has been applied to the quorum servers. So,
it is very much possible that one of the client changes an acl on a node and
the other client unauthorized to read (with respect to the change by
client1) reads the data before the acl change is propagated and accepted by
the quorum.

mahadev


On 2/10/09 4:34 PM, "Manos Kapritsos" <ma...@cs.utexas.edu> wrote:

More or less, yes.
If the requests are from the same client, then you say that there will
not be a problem? I guess that is true if you always wait for the
response of the first request in order to execute the second. I am not
sure if that is a requirement for all Zookeeper client implementations.
As for two different clients (which was the case I was thinking about),
this seems to be a problem. I will agree that (if clients only have one
outstanding request) the two requests are concurrent and either order of
execution is considered to be acceptable, but it could be that two
different replicas receive the two requests in the same order, but
effectively execute them in a different order. In any case, it feels
wrong (at least to me) that a getData would succeed when a setACL that
prevents it has already been accepted to be processed.

Manos

Mahadev Konar wrote:
Hi Manos, If the setAcl and getdata are from the same client then they are all
handled in order. So you would get an unauthroized exception when you do a
getdata.

If two diff clients do setacl and getdata it might be that the getdata in
your case will succeed before the setacl returns on the first client.

Is that what you meant?

mahadev


On 2/10/09 2:15 PM, "Manos Kapritsos" <ma...@cs.utexas.edu> wrote:

Hi all,

I have a question about the way setACL functions. It seems that the
PreRequestProcessor handles all kinds of requests the same, checks the
validity of the corresponding ACL, and enqueues them to Sync and Final
processors. Maybe I am missing something here, but this behaviour seems
weird. What if a setACL request comes, setting the ACL of a path (e.g. /
) to an IP (e.g. 128.62.32.32) , instead of its old value (e.g. World).
This request will pass the ACL check, and will be enqueued to be
processed by the next processors. Assume that the next request is a
getData("/") from an IP other than 128.62.32.32. If this request is
processed by the PreRequestProcessor before the setACL request is
processed by the FinalRequestProcessor, then it will pass the ACL check
(which it should not, since it came after the setACL request). It seems
that there is a race condition here that should not exist.

Let me know if this is actually the case or I am missing something. I am
using version 3.0.1 of the code.

Thank you,
Manos

Reply via email to