SAMZA-1212 - Refactor interaction between StreamProcessor, JobCoordinator and SamzaContainer #148
Conversation
|
@prateekm @xinyuiscool Can you please review? Note I am still working on adding unit tests for StreamProecssor. Just wanted to get the review started as the changes are quite significant. Thanks! |
| STOPPED, | ||
|
|
||
| /** | ||
| * Indicates that the container failed during any of its 3 active states - |
There was a problem hiding this comment.
In the above diagram, "FAILED" does not come from "STOPPED"
There was a problem hiding this comment.
Yes. It is expected to be in either on of these states. I "failed" job cannot transition to "stopped". These are 2 different End states of the container.
| * Method invoked by a {@link org.apache.samza.coordinator.JobCoordinator} when it is shutting without any errors | ||
| * </p> | ||
| */ | ||
| void onCoordinatorStop(); |
There was a problem hiding this comment.
Since this is just JobCoordinatorListener, would it be cleaner to just call this and the following one onStop() and onFailure()?
There was a problem hiding this comment.
May be. It was getting pretty confusing when I initially started between the 3 groups of listeners - container listener, coordinator listener and processorListener, and each of them had the same onStart and onStop apis :) That's why I decided to keep it more explicitly in this case.
| * {@link org.apache.samza.container.RunLoop} | ||
| * </p> | ||
| */ | ||
| void onContainerStart(); |
There was a problem hiding this comment.
would it be cleaner to call it onStart()? And also onStop() and onFailure for the following ones?
There was a problem hiding this comment.
Same explanation as above :)
|
|
||
| @Override | ||
| public void onJobModelExpired() { | ||
| if (container != null && container.getStatus().equals(SamzaContainerStatus.RUNNING)) { |
There was a problem hiding this comment.
Better off to do SamzaContainerStatus.RUNNING.equals(container.getStatus()) to avoid check if container.getStatus() is null.
There was a problem hiding this comment.
Good catch. Will fix it.
There was a problem hiding this comment.
If container's not null but not running (hypothetical example: jobModelUpdate followed immediately by a jobModelExpired before container transitioned to running), shouldn't we try to stop and replace it regardless? Might be safer to remove this check and log the container status if not RUNNING in the body instead.
Also, Maybe log in else that expired was called but container was null?
There was a problem hiding this comment.
shouldn't we try to stop and replace it regardless?
Fair point about container not having transitioned to RUNNING state.
Might be safer to remove this check and log the container status if not RUNNING in the body instead.
I don't understand what you mean by log the container status in the body?? Are you suggesting that we invoke shutdown, irrespective of the state of the container?
There was a problem hiding this comment.
Just realized we still need the state check since calling shutdown on a stopped/failed container won't countdown the latch.
I think we can change this check to if (container != null && container != stopped or failed)
That way if it's not started yet, it'll go to RUNNING -> STOPPED immediately. Does that sound reasonable?
As an aside, we should throw in SamzaContainer if run is called on a STOPPED | FAILED container.
There was a problem hiding this comment.
I think we can change this check to if (container != null && container != stopped or failed)
Yeah. Sounds good. Negative test condition works better here.
As an aside, we should throw in SamzaContainer if run is called on a STOPPED | FAILED container.
Ok. Let me try adding these checks. Thanks!
| public synchronized void stop() { | ||
| if (container != null) { | ||
| LOGGER.info("Shutting down container " + container.toString() + " from StreamProcessor"); | ||
| container.shutdown(false); |
There was a problem hiding this comment.
besides container.shutdown, should we do jobcoordinator stop as well?
There was a problem hiding this comment.
Container shutdown should automatically trigger onContainerStop callback that will trigger the JobCoordinator to stop. There are multiple ways in which the StreamProcessor stops:
- caller of StreamProcessor invokes stop()
- Container completes processing (eg. bounded input) and shuts down
- Container fails
- Coordinator fails
When either container or coordinator stops (cleanly or due to exception), it will try to shutdown the streamprocessor. This needs to be synchronized so that only one code path gets triggered for shutdown.
If container is running,
- container is shutdown cleanly and onContainerStop will trigger jobcoordinator.stop.
- container fails to shutdown cleanly -> onContainerFailure will trigger jobcoordinator.stop
If container is not running, then we should simply shutdown the jobcoordinator.
There was a problem hiding this comment.
@navina let's document this as part of implementation notes in the method javadoc?
| for (String systemName: systemConfig.getSystemNames()) { | ||
| String systemFactoryClassName = systemConfig.getSystemFactory(systemName); | ||
| if (systemFactoryClassName == null) { | ||
| LOGGER.error(String.format("A stream uses system %s, which is missing from the configuration.", systemName)); |
There was a problem hiding this comment.
Do we have to do both logging and exception on the same message here? I think throwing the exception and let the caller to handle the exception should be good enough.
There was a problem hiding this comment.
I don't think the exception will get logged if the caller doesn't handle the exception, will it?
If exception gets logged either ways, then, I can remove the redundant log statement.
| // TODO - make a loop here with some number of attempts. | ||
| // possibly split into two method - becomeLeader() and becomeParticipant() | ||
| leaderElector.tryBecomeLeader(new LeaderElectorListener() { | ||
| @Override | ||
| public void onBecomingLeader() { | ||
| onBecomeLeader(); | ||
| listenToProcessorLiveness(); // subscribe for adding new processors |
There was a problem hiding this comment.
the comment here does not match the method here, or it does not explain well.
| /** | ||
| * Indicates that the container has not been started | ||
| */ | ||
| NOT_STARTED, |
There was a problem hiding this comment.
In ApplicationStatus we have a status "NEW", which is the same meaning as NOT_STARTED. Would you like being consistent with that?
There was a problem hiding this comment.
ApplicationStatus should rely on the status of the StreamProcessor itself, and not on its individual components. Having said that, we have not defined states for StreamProcessors yet. We should, ideally, define states for StreamProcessor and that should be inspected by the ApplicationRunner for status.
I would prefer to keep SamzaContainer's initial status as NOT_STARTED because each time we rebalance, we are creating a "new" samza container instance, which is technically not started. Calling it NEW really doesn't make sense atm.
Is there any state transition details for ApplicationStatus? What it means in the standalone scenarios?
| * @return An instance of IJobCoordinator | ||
| */ | ||
| JobCoordinator getJobCoordinator(String processorId, Config config, SamzaContainerController containerController); | ||
| JobCoordinator getJobCoordinator(String processorId, Config config); |
There was a problem hiding this comment.
This change makes the interface a lot cleaner! Thx!
| @Override | ||
| public void onJobModelExpired() { | ||
| if (container != null && container.getStatus().equals(SamzaContainerStatus.RUNNING)) { | ||
| container.shutdown(true); |
There was a problem hiding this comment.
I feel passing this flag around and then using it in the callback is kind of making the listener interface not very clean. Do you think we can set up a different listener before container.shutdown() like following:
container.setListener(new ContainerListener() {
void onStart() {//donothing}
void onStop() {// do the logic here, trigger the countdown latch}
void onfailuer() {//do the failuer logic}
);
container.shutdown();
...
Then I think we don't need this flag anymore.
There was a problem hiding this comment.
I am not clear on what you proposing here.
I agree that passing around a flag is not optimal. But we have bi-directional notifications among the components here. If there is a more elegant way, we should incorporate that. Let me sync up with you in-person.
There was a problem hiding this comment.
Spoke with @xinyuiscool and @prateekm offline. Summarizing it here:
Above, Xinyu was suggesting the overwriting the listener to the container depending on who invokes the shutdown. Or register more than one listener to the container and the container invokes the correct listener depending on who is requesting the shutdown.
The problem with either of the suggestion is:
- we are blurring the contracts of the listener interface
- container needs to be aware of the components it is interacting with. This is against the whole idea behind listener model
The main issue under discussion is the "pauseByJm" boolean flag passed to onContainerStop. This is required to identify why the container stopped or completed. If the container itself can clearly expose its state, then we wouldn't need this. Problem is that when the container "completes" processing (as in bounded or end of stream), it will automatically stop. There is no way to distinguish this state of the container from the "STOPPED" state. If we can clearly identify a "PAUSED" state and "COMPLETED" state of the SamzaContainer, we can get rid of this flag. Until such a clear definition of state becomes apparent, we have to thread the flag through the components.
Conclusion: For the sake of clarity of the code, we decided to use an "enum" to identify the source requesting the shutdown, instead of using a boolean flag.
| } | ||
| @volatile private var status = SamzaContainerStatus.NOT_STARTED | ||
| private var exceptionSeen: Throwable = null | ||
| private var paused: Boolean = false |
There was a problem hiding this comment.
As mentioned above, hopefully we can remove this flag.
|
|
||
| @Override | ||
| public void onContainerFailed(Throwable t) { | ||
| log.info("Container Failed"); |
There was a problem hiding this comment.
This needs to be handled for the yarn case. Previously container.run() will throw exception when there is a failure. Now seems the logic is changed and the exception is populated in the callback. So it seems we need to store the exception into a var and throw it after container.run(). Something like:
LocalConatinerRunner {
Throwable throwable;
...
container setContainerListener(new SamzaContainerListener() {
...
onContainerFailed(Throwable t) {
throwable = t;
}
}
container.run();
if(throwable != null) {
throw throwable
}
...
There was a problem hiding this comment.
Oh you are right. I think I actually wanted to ask you about this runner and I forgot about it.
But why do we want to throw again, only to be caught by uncaughtexceptionhandler ?
I am ok with throwing it after it returns from run. It will exit the status with error code I guess. Thanks for pointing out that I changed the existing behavior :D
| } | ||
| case SamzaContainerStatus.FAILED => | ||
| if (containerListener != null) { | ||
| containerListener.onContainerFailed(exceptionSeen) |
There was a problem hiding this comment.
Now we are not throw the exception directly from container.run(). We populate it into the callback. Please do a usage search of container.run() and confirm that the throwable from the callback is handled properly. I found one case needed to be fixed in the LocalContainerRunner.
There was a problem hiding this comment.
I actually did a usage search and that is how I identified LocalContainerRunner. I don't see any other usage of container.run. The only callers are LocalContainerRunner, ThreadJob and StreamProcessor.
If there are custom usages of this interface through CommandBuilders (ie. using task.execute), it should be handled by those custom scripts. Let me know if you find other places of usage. I couldn't find any.
| @@ -28,39 +29,41 @@ | |||
| * based on the underlying environment. In some cases, ID assignment is completely config driven, while in other | |||
| * cases, ID assignment may require coordination with JobCoordinators of other StreamProcessors. | |||
| * | |||
| * This interface contains methods required for the StreamProcessor to interact with JobCoordinator. | |||
| * This interface contains methods required for the StreamProcessor to interact with JobCoordinator. StreamProcessor | |||
There was a problem hiding this comment.
Documentation: First sentence is redundant.
"to get notified about JobModel and Coordinator state changes."
| @@ -55,7 +55,7 @@ | |||
| private final String processorId; | |||
|
|
|||
| private final ZkController zkController; | |||
| private final SamzaContainerController containerController; | |||
| private JobCoordinatorListener coordinatorListener = null; | |||
There was a problem hiding this comment.
Codestyle: Group final and non-final fields separately.
| * specific language governing permissions and limitations | ||
| * under the License. | ||
| */ | ||
| package org.apache.samza.processor; |
There was a problem hiding this comment.
JobCoordinatorLifecycleListener. Should be in the coordinator package.
| * Listener interface that can be registered with the {@link org.apache.samza.container.SamzaContainer} instance in | ||
| * order to receive notifications. | ||
| */ | ||
| public interface SamzaContainerListener { |
There was a problem hiding this comment.
SamzaContainerLifecycleListener. Should be in the container package.
There was a problem hiding this comment.
Good point. Are you also suggesting we rename this SamzaContainerLifecycleListener?
There was a problem hiding this comment.
Yeah, it's verbose but would prefer XLifecycleListener naming for all of these.
There was a problem hiding this comment.
Just realized that the lifecycle listener that we already have internally is called SamzaContainerLifecycleListener. So, there will be a name collision if we change it now. May be we can change this later on?
| public interface SamzaContainerListener { | ||
|
|
||
| /** | ||
| * <p> |
There was a problem hiding this comment.
Documentation: <p> are not necessary (here and everywhere else).
There was a problem hiding this comment.
It's not necessary. But it looks better formatted in the javadoc. Is that not the case?
There was a problem hiding this comment.
You don't need it if there's only one paragraph, javadoc will format it appropriately. If there are multiple paragraphs, you can insert
between them. E.g., http://www.oracle.com/technetwork/java/javase/documentation/index-137868.html#format
There was a problem hiding this comment.
It is so odd that
is mostly used for breaklines. I removed from this class. Will adjust other docs as and when I find them.
| throw ie | ||
| } | ||
| @volatile private var status = SamzaContainerStatus.NOT_STARTED | ||
| private var exceptionSeen: Throwable = null |
There was a problem hiding this comment.
Minor: Single space before =
| /** | ||
| * Indicates that the container started the {@link org.apache.samza.container.RunLoop} | ||
| */ | ||
| RUNNING, |
There was a problem hiding this comment.
Minor: Slightly prefer STARTED instead of RUNNING. Matches better with the previous 2 states and the lifecycle hook name (onStart). Up to you though.
There was a problem hiding this comment.
Ah.. too many places to change now . Let me try to refactor in the IDE
| throw e | ||
| } finally { | ||
| if (status.equals(SamzaContainerStatus.RUNNING)) { | ||
| error("Caught exception/error in process loop.", e) |
| } | ||
| } | ||
|
|
||
| def shutdown() = { | ||
| /** | ||
| * Triggers shutdown of the run loop |
There was a problem hiding this comment.
Same as the comment for StreamProcessor. Maybe:
Asynchronously shuts down this SamzaContainer.
Implementation:
| @@ -54,18 +52,31 @@ class ThreadJobFactory extends StreamJobFactory with Logging { | |||
| case _ => None | |||
| } | |||
|
|
|||
| val containerListener = new SamzaContainerListener { | |||
| override def onContainerFailed(t: Throwable): Unit = { | |||
| throw t | |||
There was a problem hiding this comment.
Will the thrown exception be handled correctly or result in an uncaught exception and jvm quitting?
There was a problem hiding this comment.
I think the behavior should be same as before. ThreadJob does have a try-catch and it re-throws the Throwable. Not sure if the JobRunner will handle it though. There isn't any uncaught exception handler in thread job. So, may be ApplicationRunner should deal with it??
There was a problem hiding this comment.
Can't ThreadJob be run w/o the ApplicationRunner (i.e. with the low-level APIs)?
There was a problem hiding this comment.
Iiuc, ApplicationRunner is the user-facing api, even for thread jobs.
@xinyuiscool can you please clarify ?
There was a problem hiding this comment.
Looks good to me. Log it please.
|
@prateekm @xinyuiscool I have addressed all the comments. Only exception is the one involving the boolean flag. Replacing it with the enum makes it easy to read. But I don't think we have clear values for the enum - except for JobCoordinator.
What do you think? |
|
+1. I like adding the pause() much better than passing the flag or enum around. We can have some comments saying it's actually stopping the container right now, but the code is much cleaner. |
|
My first preference would be to try to do the bookkeeping in
StreamProcessor for whether JC or SP requested shutdown, if possible.
If we use the enum instead, how about the following values:
JobCoordinator, StreamProcessor, SamzaContainer (EOS), LocalContainerRunner
(for now)
I'd prefer either over adding pause before it's an actual SamzaContainer
state.
…On Wed, May 3, 2017 at 9:31 AM, xinyuiscool ***@***.***> wrote:
+1. I like adding the pause() much better than passing the flag or enum
around. We can have some comments saying it's actually stopping the
container right now, but the code is much cleaner.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#148 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ABCRo1ZvwNDunOuLm0JU7K7Ip9zmAWmoks5r2KvXgaJpZM4NLJ3C>
.
|
That would be the most ideal case. But it is not as straightforward as we think. We have to synchronize access and ordering of calls between jobcoordinator and container. So, I would like to table this approach for now.
I can add values for the enum. But in reality, the only enum for which you will have a different behavior is when the value is JobCoordinator. The rest of them are unusable atm or don't have any functional value. I would prefer not to add enums just for the sake of it. It only feels like more tech-debt for the future and unlikely, that the debt is resolved in the "near-future".
The only problem we are actually facing right now is how to make the code more readable. I believe pause solves the problem reasonably. Functionally, there is not a lot we can change. I tried out the Enum approach and didn't like it because it was ignoring all values other than JobCoordinator. |
|
@prateekm another point that I missed above. It is actually the Streamprocessor that decides that when the jobmodel changes, it will stop the container. So, should the enum used be JobCoordinator or StreamProcessor. For all shutdown request from the listener, it should theoretically be StreamProcessor because JobCoordinator doesn't care about the state of the container. |
|
|
||
|
|
||
| /** | ||
| * <p> |
There was a problem hiding this comment.
Minor: Remove <p> in this class too.
| @@ -54,18 +52,31 @@ class ThreadJobFactory extends StreamJobFactory with Logging { | |||
| case _ => None | |||
| } | |||
|
|
|||
| val containerListener = new SamzaContainerListener { | |||
| override def onContainerFailed(t: Throwable): Unit = { | |||
| throw t | |||
There was a problem hiding this comment.
Looks good to me. Log it please.
…tener, SamzaContainerListener
…ener for ThreadJob
See SAMZA-1212 for motivation toward this refactoring.
Changes here are: