feat: compute node unregisters from meta for graceful shutdown #17662
Conversation
This stack of pull requests is managed by Graphite. Learn more about stacking. Join @BugenZhao and the rest of your teammates on |
BugenZhao
force-pushed
the
bz/07-09-standalone_graceful_shutdown
branch
from
3142219 to
d9a8caf
Compare
BugenZhao
force-pushed
the
bz/more-graceful-shutdown
branch
from
5543066 to
f369a26
Compare
BugenZhao
force-pushed
the
bz/more-graceful-shutdown
branch
from
f369a26 to
698dbe0
Compare
BugenZhao
changed the title
BugenZhao
changed the title
BugenZhao
changed the title
BugenZhao
changed the title
| } | ||
| } | ||
| for (node_id, actors) in deleted_actors { | ||
| let node = self.node_map.get(&node_id); | ||
| warn!( |
There was a problem hiding this comment.
This is to make the logs more concise.
| if !worker_is_streaming_compute(&worker) { | ||
| continue; | ||
| } |
There was a problem hiding this comment.
Otherwise we get false warnings.
| // This is because the meta service will reset the control stream manager and | ||
| // drop the connection to us upon recovery. As a result, the receiver part of | ||
| // this sender will also be dropped, causing the stream to close. | ||
| sender.closed().await; |
There was a problem hiding this comment.
Note the newly introduced procedure of self.control_stream_manager.clear(); during recovery.
|
One issue is that scaling-in is also triggered unnecessarily when killing single-node or playground instances, leading to verbose warning logs. 🤡 I'm considering whether to introduce a flag to bypass the procedure. |
| // Unregister from the meta service, then... | ||
| // - batch queries will not be scheduled to this compute node, | ||
| // - streaming actors will not be scheduled to this compute node after next recovery. | ||
| meta_client.try_unregister().await; |
There was a problem hiding this comment.
Will a worker without any actors trigger a meta recovery if it exits?
There was a problem hiding this comment.
This is a good point. Updated the code to not tigger recovery if an idle compute node exits.
There was a problem hiding this comment.
Reverted per discussion in https://github.com/risingwavelabs/risingwave/pull/17662/files#r1692609064.
There was a problem hiding this comment.
The impl totally LGTM. Btw, normal upgrades and going online and offline will also lead to frequent scaling. In cases where the cluster load is very high, I am not sure if the current auto scaling stability is sufficient. That's the only thing I concern.
Not related to this PR, I have discussed with @shanicky , we can introduced a pre-unregister interface for cn, so that meta can schedule a online scale in without recovery. We can do it when this PR get merged.
+1, one similar thing is that we can avoid lead election as well for single-node or playground instances. |
This is a good point. Theoretically everything can be done online without a recovery. However, due to the fact that
I'm not sure it this can improve much. 🤔 |
src/meta/src/barrier/rpc.rs
Outdated
| .nodes | ||
| .remove(&worker_id) | ||
| .expect("should exist when get shutdown resp"); | ||
| let has_inflight_barrier = !node.inflight_barriers.is_empty(); |
There was a problem hiding this comment.
Note that, in #17758, inflight_barriers will be removed
This reverts commit 3142219.
Signed-off-by: Bugen Zhao <[email protected]>
Signed-off-by: Bugen Zhao <[email protected]>
Signed-off-by: Bugen Zhao <[email protected]>
Signed-off-by: Bugen Zhao <[email protected]>
Signed-off-by: Bugen Zhao <[email protected]>
Signed-off-by: Bugen Zhao <[email protected]>
Signed-off-by: Bugen Zhao <[email protected]>
BugenZhao
force-pushed
the
bz/more-graceful-shutdown
branch
from
8c20bad to
4dcfb9d
Compare
Oh indeed. I didn't realize it until you mentioned it. If so there's no much difference from recovery. |
I hereby agree to the terms of the RisingWave Labs, Inc. Contributor License Agreement.
What's changed and what's your intention?
We left some TODOs when introducing graceful shutdown for compute node in #17533. After this PR, the compute node will unregisters itself from the meta service and proactively shutdown its barrier control stream on graceful shutdown.
Specifically,
Shutdownmessage on the barrier control stream, triggering a recovery on the new set of compute nodes.Additionally, improved error reporting and code styles.
After this PR, I suppose we can get rid of the extra manual step of
risingwave ctl meta unregister-workerwhen scaling-in, as described in the doc.Checklist
./risedev check(or alias,./risedev c)Documentation
Release note
If this PR includes changes that directly affect users or other significant modifications relevant to the community, kindly draft a release note to provide a concise summary of these changes. Please prioritize highlighting the impact these changes will have on users.