persisted queries: improve Uplink failover and error handling #3863
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This comment has been minimized.
This comment has been minimized.
|
CI performance tests
|
glasser
force-pushed
the
glasser/fetch-with-callback
branch
from
1e17a4e
to
9ae5277
Compare
glasser
commented
Sep 20, 2023
| return Ok(()); | ||
| } | ||
| Err(e) => { | ||
| if it.peek().is_some() { |
There was a problem hiding this comment.
This is a different pattern from how stream_from_uplink (or specifically, fetch) handles errors.
In stream_from_uplink, individual failures are logged to debug with a message specifying "Other endpoints will be tried" (even if it's the last one!), and if they all fail, a constant Err without the specific error message in it is returned. My understanding is that we don't want to spam stderr with single-endpoint errors, but this does mean that the eventual error doesn't have specific details on the problem that occurred (unless you go and reproduce with the log level set to debug).
Here, we do the debug-with-"Other endpoints will be tried" thing only when there actually are more URLs to try; errors from the last URL are returned directly.
I think this is better than the existing approach because it's nice to actually include information about some failure in the eventual error, but I'm happy to rewrite this to work more like fetch if you'd like.
glasser
force-pushed
the
glasser/fetch-with-callback
branch
from
9ae5277
to
bb57b65
Compare
.circleci/config.yml
Outdated
Comment on lines
387
to
416
| # As of 2023-09-20, no current kube versions are supported by kubeconform, | ||
| # due to https://github.com/yannh/kubeconform/issues/233. So we skip | ||
| # this check for now. | ||
| # | ||
| # # Install Helm | ||
| # curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash | ||
|
|
||
| # # Install kubeconform | ||
| # KUBECONFORM_INSTALL=$(mktemp -d) | ||
| # curl -L https://github.com/yannh/kubeconform/releases/latest/download/kubeconform-linux-amd64.tar.gz | tar xz -C "${KUBECONFORM_INSTALL}" | ||
|
|
||
| # # Create list of kube versions | ||
| # CURRENT_KUBE_VERSIONS=$(curl -L https://raw.githubusercontent.com/kubernetes/website/main/data/releases/schedule.yaml \ | ||
| # | yq -o json '.' \ | ||
| # | jq --raw-output '.schedules[] | select((now | strftime("%Y-%m-%dT00:00:00Z")) as $date | .releaseDate < $date and .endOfLifeDate > $date) | .previousPatches[0].release') | ||
|
|
||
| # # Use helm to template our chart against all kube versions | ||
| # TEMPLATE_DIR=$(mktemp -d) | ||
| # for kube_version in ${CURRENT_KUBE_VERSIONS}; do | ||
| # # Use helm to template our chart against kube_version | ||
| # helm template --kube-version "${kube_version}" router helm/chart/router --set autoscaling.enabled=true > "${TEMPLATE_DIR}/router-${kube_version}.yaml" | ||
|
|
||
| # # Execute kubeconform on our templated charts to ensure they are good | ||
| # "${KUBECONFORM_INSTALL}/kubeconform" \ | ||
| # --kubernetes-version "${kube_version}" \ | ||
| # --strict \ | ||
| # --schema-location default \ | ||
| # --verbose \ | ||
| # "${TEMPLATE_DIR}/router-${kube_version}.yaml" | ||
| # done |
There was a problem hiding this comment.
#3867 (review) addresses this (workaround)
bnjjj
reviewed
Sep 21, 2023
If an Uplink request fails, the `stream_from_uplink` function automatically tries the next configured Uplink endpoint. However, in the case of the persisted queries feature, the Uplink response contains an URL located in the same cloud provider as the Uplink endpoint (which is used to fetch the full PQ list chunk). Before this PR, the PQ code fetched this second URL "outside" of `stream_from_uplink`, so an error downloading this file would *not* result in re-trying the Uplink request itself on the next endpoint. This PR factors out the body of `stream_from_uplink` into `stream_from_uplink_transforming_new_response`, which takes an async function that is called on any `UplinkResponse::New` to transform the response. (`stream_from_link` passes the identity function here, so its API is not affected.) If this function returns `Err`, the uplink code moves on to the next endpoint URL, just like if the initial Uplink fetch had failed. The PQ layer now fetches the PQ manifest chunk bodies inside this async function instead of by mapping the uplink stream. This means that if our GCP Uplink server is up but the GCS servers that serve manifests from GCP are down, we will fail over to the AWS Uplink server instead of just failing to fetch PQs. Additionally, the response from Uplink can specify multiple valid URLs for each chunk. (Uplink does not currently do this.) Before this PR, Router would only look at the first URL listed; after this PR, it tries each URL in order until finding one that does not fail. Additionally, before this PR, any errors fetching PQs from Uplink or GCS after a successful startup were ignored. (They would be sent on the `ready_sender` channel whose receiver is dropped, which could lead to a `debug`-level logged message about how the channel wasn't open, but they were not *directly* logged.) After this PR, we don't try to send these errors on the channel after the channel was used once; instead, we log them at the `error` level (similarly to how schema and license uplink errors work). Note that this only occurs if Router fails to fetch PQs from all configured Uplink endpoints; a failure to fetch from a single endpoint is still only logged at the `debug` level. Co-authored-by: Jeremy Lempereur <jeremy.lempereur@iomentum.com>
glasser
force-pushed
the
glasser/fetch-with-callback
branch
from
fa13e6a
to
3a9492d
Compare
bnjjj
approved these changes
Sep 21, 2023
EverlastingBugstopper
approved these changes
Sep 22, 2023
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
If an Uplink request fails, the
stream_from_uplinkfunction automatically tries the next configured Uplink endpoint. However, in the case of the persisted queries feature, the Uplink response contains an URL located in the same cloud provider as the Uplink endpoint (which is used to fetch the full PQ list chunk). Before this PR, the PQ code fetched this second URL "outside" ofstream_from_uplink, so an error downloading this file would not result in re-trying the Uplink request itself on the next endpoint.This PR factors out the body of
stream_from_uplinkintostream_from_uplink_transforming_new_response, which takes an async function that is called on anyUplinkResponse::Newto transform the response. (stream_from_uplinkpasses the identity function here, so its API is not affected.) If this function returnsErr, the uplink code moves on to the next endpoint URL, just like if the initial Uplink fetch had failed. The PQ layer now fetches the PQ manifest chunk bodies inside this async function instead of by mapping the uplink stream.This means that if our GCP Uplink server is up but the GCS servers that serve manifests from GCP are down, we will fail over to the AWS Uplink server instead of just failing to fetch PQs.
Additionally, the response from Uplink can specify multiple valid URLs for each chunk. (Uplink does not currently do this, but the protocol allows for it.) Before this PR, Router would only look at the first URL listed; after this PR, it tries each URL in order until finding one that does not fail.
Additionally, before this PR, any errors fetching PQs from Uplink or GCS after a successful startup were ignored. (They would be sent on the
ready_senderchannel whose receiver is dropped, which could lead to adebug-level logged message about how the channel wasn't open, but they were not directly logged.) After this PR, we don't try to send these errors on the channel after the channel was used once; instead, we log them at theerrorlevel (similarly to how schema and license uplink errors work). Note that this only occurs if Router fails to fetch PQs from all configured Uplink endpoints; a failure to fetch from a single endpoint is still only logged at thedebuglevel.Co-authored-by: Jeremy Lempereur jeremy.lempereur@iomentum.com