[SPARK-19753][CORE] Un-register all shuffle output on a host in case of slave lost or fetch failure #18150
Conversation
sitalkedia
changed the title
|
Please note that the old PR - #17088 was closed inadventantly as a stale PR. Refer to the old PR for more discussion. cc - @tgravescs |
|
Test build #77559 has finished for PR 18150 at commit
|
|
Test build #77557 has finished for PR 18150 at commit
|
| // TODO: This will be really slow if we keep accumulating shuffle map stages | ||
| for ((shuffleId, stage) <- shuffleIdToMapStage) { | ||
| stage.removeOutputsOnExecutor(execId) | ||
| hostToUnregisterOutputs match { |
There was a problem hiding this comment.
so the thing I believe @JoshRosen was talking about in the jira was instead of invalidating all stages just invalidate the outputs for that mapSTage on that host.
So something like for(all execs on failed host) stage.removeOutputsOnExecutor(exec)
There was a problem hiding this comment.
I don't think that would be the ideal behavior in case of fetch failure. Consider the case where the DAG looks like this 1 -> 2 -> 3, if we see any fetch failure while running stage 3, the current behavior invalidates the files in stage 2 as well as stage 1. That way we make sure we rerun the tasks in stage 1 first then stage 2 and at last stage 3.
If we do not invalidate the files in stage 1 (as per @josh's suggestion), then we would unnecessarily rerun the tasks in stage 2 to encounter another fetch failure and realize that the files for stage 1 are also missing. This behavior would introduce significant latency overhead.
There was a problem hiding this comment.
@sitalkedia, that's a good point: the real gains here don't necessarily come from the "multiple executors on a host" scenario; instead, it seems like the key benefit is avoiding a bunch of followup stage failures to discover the root of what needs to be recomputed. Your example in this comment is one of the most clear problem statements of this that I've seen so far.
There was a problem hiding this comment.
Ah, I remember now: the problem is that the current code already avoids the problem with the "1 -> 2 -> 3" cascading retries issue because it's already treating any fetch failure as a complete executor output loss via
handleExecutorLost(bmAddress.executorId, filesLost = true, Some(task.epoch))
Over on the earlier PR, there were a number of arguments that "fetch failure does not imply lost executor", but those are kind of moot given that we're already handling it that way in today's code and before the changes proposed here.
So now I see why the PR description focuses on the multiple executors per host scenario: this isn't actually changing behavior in the single-executor-per-host world.
In the case where the host is legitimately down then most likely we'll get fetch failures from all of the executors on that host and will remove all of the outputs, so in some scenarios we'll happen to do the right thing. But I can imagine how there are scenarios on very large clusters where we'll get unlucky and won't observe fetch failures from the complete set of executors being served from that host's shuffle service; this could be especially likely to happen if the shuffle service is serving outputs from many dead executors which OOM'd and restarted during the map phase. Therefore I can understand the argument here that it's best to just round up.
The only real question here is how often we'd regret doing this in practice: how often is a fetch failure actually a transient issue? Given that there are already fetch retry mechanisms inside of tasks, I'm guessing that the "false positive" scenario is somewhat rare.
Therefore, I'm now persuaded that this is a good change and I have a better understanding of how this fits into the larger context of fetch failure handling issues.
Since this has been somewhat controversial, what do you think about compromising and adding a feature-flag which lets users opt-in to the old behavior (i.e. the flag just disables the promotion of "all outputs on executor lost" to "all outputs on host lost")?
There was a problem hiding this comment.
@JoshRosen - I think this is a good idea to have this behavior configurable so that users have a fall back option. @tgravescs - What do you think?
There was a problem hiding this comment.
The approach looks good in general, I would vote to merge this mainly for two reasons:
- With Spark integrated with YARN, it may be sound to allow user configure to fail quickly on FetchFailure;
- The function
removeOutputsOnHostis really useful, if we can say for sure a host is dead, we should really use that to clean up the invalid outputs.
@sitalkedia Could you take more effort to add a config for this and make it default to close the feature, so we can have this conservatively?
| @@ -559,10 +559,8 @@ class DAGScheduler( | |||
| * @param callSite where in the user program this job was called | |||
| * @param resultHandler callback to pass each result to | |||
| * @param properties scheduler properties to attach to this job, e.g. fair scheduler pool name | |||
| * | |||
There was a problem hiding this comment.
nit: please keep the origin format.
| * outputs which are served by an external shuffle server (if one exists), as they are still | ||
| * registered with this execId. | ||
| */ | ||
| def removeOutputsOnHost(host: String): Unit = { |
There was a problem hiding this comment.
This function is pretty overlap in code with removeOutputsOnExecutor, How about combine them as:
def removeOutputsByFilter(f: (BlockManagerId) => Boolean): Unit = {
......
val newList = prevList.filterNot(m => f(m.location))
......
}
And in DAGScheduler, we can simply pass in the filter functions.
|
Thanks for the review @JoshRosen , @jiangxb1987. Added a config to turn of the behavior and addressed minor comments |
| @@ -190,6 +190,12 @@ class DAGScheduler( | |||
| /** | |||
| * Number of consecutive stage attempts allowed before a stage is aborted. | |||
| */ | |||
| private[scheduler] val unRegisterOutputOnHostOnFetchFailure = | |||
There was a problem hiding this comment.
Please place correct comment over the value.
| private[scheduler] val unRegisterOutputOnHostOnFetchFailure = | ||
| sc.getConf.getBoolean("spark.fetch.failure.unRegister.output.on.host", true) | ||
|
|
||
| /** |
| /** | ||
| * Removes all shuffle outputs which satisfies the filter. Note that this will also | ||
| * remove outputs which are served by an external shuffle server (if one exists), | ||
| * as they are still registered with this execId. |
There was a problem hiding this comment.
We don't mention execId here, so we should update the comment.
| @@ -138,17 +138,7 @@ private[spark] class ShuffleMapStage( | |||
| * registered with this execId. | |||
There was a problem hiding this comment.
We should also update the comment here.
| @@ -190,6 +190,12 @@ class DAGScheduler( | |||
| /** | |||
| * Number of consecutive stage attempts allowed before a stage is aborted. | |||
| */ | |||
| private[scheduler] val unRegisterOutputOnHostOnFetchFailure = | |||
| sc.getConf.getBoolean("spark.fetch.failure.unRegister.output.on.host", true) | |||
There was a problem hiding this comment.
How about rename it to spark.files.fetchFailure.unRegisterOutputOnHost and make it default to false?
There was a problem hiding this comment.
@jiangxb1987 - Do we want to set the default to false? If we believe that this is the correct and expected behavior, we should set it to true and in case we see issues, we can turn it off?
There was a problem hiding this comment.
There is no obvious right or wrong behavior due to the complex environment we face on FetchFailure, in some use cases(for example, the case Josh mentioned) it will benifit, but there are also other cases this will cause the job to run longer than expected(I think @tgravescs has explained much on this), so let's merge this feature and hide this temporarily, and wait for some days to gather enough feedback on this from other developers in Spark community, and make this the default behavior when we have enough confidence to do this.
| @@ -562,7 +568,6 @@ class DAGScheduler( | |||
| * | |||
| * @return a JobWaiter object that can be used to block until the job finishes executing | |||
| * or can be used to cancel the job. | |||
| * | |||
There was a problem hiding this comment.
nit: Let's keep this empty line too.
| @@ -188,6 +188,12 @@ class DAGScheduler( | |||
| private val disallowStageRetryForTest = sc.getConf.getBoolean("spark.test.noStageRetry", false) | |||
|
|
|||
| /** | |||
| * If enabled, fetch failure will cause all the output on that host to be unregistered. | |||
There was a problem hiding this comment.
Rephrase this by
Whether to unregister all the outputs on the host in condition that we receive a FetchFailure, this is set default to false, which means, we only unregister the outputs related to the exact executor(instead of the host) on a FetchFailure.
|
Test build #77853 has finished for PR 18150 at commit
|
|
@jiangxb1987 - Sure, turned off the behavior by default. |
|
Test build #77856 has finished for PR 18150 at commit
|
|
Test build #77859 has finished for PR 18150 at commit
|
|
Test build #77864 has finished for PR 18150 at commit
|
|
@sitalkedia Could you rebase this with the latest master? Thanks! |
|
ping @JoshRosen @tgravescs @squito |
| * executor(instead of the host) on a FetchFailure. | ||
| */ | ||
| private[scheduler] val unRegisterOutputOnHostOnFetchFailure = | ||
| sc.getConf.getBoolean("spark.files.fetchFailure.unRegisterOutputOnHost", false) |
There was a problem hiding this comment.
can we put this in org.apache.spark.internal.config?
| @@ -396,6 +396,69 @@ class DAGSchedulerSuite extends SparkFunSuite with LocalSparkContext with Timeou | |||
| assertDataStructuresEmpty() | |||
| } | |||
|
|
|||
| test("All shuffle files should on the slave should be cleaned up when slave lost") { | |||
There was a problem hiding this comment.
typo: All shuffle files should on the slave -> All shuffle files on the slave
| assert(initialMapStatus1.map{_.location.executorId}.toSet === | ||
| Set("exec-hostA1", "exec-hostA2", "exec-hostB")) | ||
|
|
||
| val initialMapStatus2 = mapOutputTracker.mapStatuses.get(0).get |
There was a problem hiding this comment.
mapOutputTracker.mapStatuses.get(1)?
|
LGTM, waiting for the rebase |
|
Sorry been out.on vacation I think invalidating all and having feature flag makes sense for now. If we get more data on it causing issues we can revisit. Sorry won't have time to review in detail for a couple days. |
…case of fetch failure or slave lost
sitalkedia
force-pushed
the
cleanup_shuffle
branch
from
78bce79
to
74f285a
Compare
|
Test build #78015 has finished for PR 18150 at commit
|
| removeExecutorAndUnregisterOutputs( | ||
| execId = execId, | ||
| fileLost = fileLost, | ||
| hostToUnregisterOutputs = None, |
There was a problem hiding this comment.
one more question: if worker lost, shouldn't we unregister outputs on that worker/host?
There was a problem hiding this comment.
seems we can't get worker id here, nvm
|
Test build #78016 has finished for PR 18150 at commit
|
|
thanks, merging to master! |
…of slave lost or fetch failure ## What changes were proposed in this pull request? Currently, when we detect fetch failure, we only remove the shuffle files produced by the executor, while the host itself might be down and all the shuffle files are not accessible. In case we are running multiple executors on a host, any host going down currently results in multiple fetch failures and multiple retries of the stage, which is very inefficient. If we remove all the shuffle files on that host, on first fetch failure, we can rerun all the tasks on that host in a single stage retry. ## How was this patch tested? Unit testing and also ran a job on the cluster and made sure multiple retries are gone. Author: Sital Kedia <skedia@fb.com> Author: Imran Rashid <irashid@cloudera.com> Closes apache#18150 from sitalkedia/cleanup_shuffle.
What changes were proposed in this pull request?
Currently, when we detect fetch failure, we only remove the shuffle files produced by the executor, while the host itself might be down and all the shuffle files are not accessible. In case we are running multiple executors on a host, any host going down currently results in multiple fetch failures and multiple retries of the stage, which is very inefficient. If we remove all the shuffle files on that host, on first fetch failure, we can rerun all the tasks on that host in a single stage retry.
How was this patch tested?
Unit testing and also ran a job on the cluster and made sure multiple retries are gone.