Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

spec: Use ABORTED instead of UNIMPLEMENTED #151

Closed
wants to merge 2 commits into from
Closed

spec: Use ABORTED instead of UNIMPLEMENTED #151

wants to merge 2 commits into from

Conversation

jieyu
Copy link
Member

@jieyu jieyu commented Nov 17, 2017

For the case where the CO is not supposed to call some RPCs, the plugin
should return ABORTED to indicate that the CO may want to retry at a
higher level (e.g., by calling ControllerGetCapabilities first).

xref #115

@jieyu
spec: Use ABORTED instead of UNIMPLEMENTED
6e7b91d 
For the case where the CO is not supposed to call some RPCs, the plugin
should return ABORTED to indicate that the CO may want to retry at a
higher level (e.g., by calling `ControllerGetCapabilities` first).
@jieyu
spec: Some minor consistency fixes
4221f50
@cpuguy83
Copy link
Contributor

Unimplemented looks like the correct code to me:

Unimplemented indicates operation is not implemented or not supported/enabled in this service.

Aborted indicates the operation was aborted, typically due to a concurrency issue like sequencer check failures, transaction aborts, etc.

Aborted would indicate that given a change in state or the request the call could succeed.

@jdef
Copy link
Member

jdef commented Nov 17, 2017

@cpuguy83 it's more a matter of recovery semantics.

Unimplemented (as per grpc) has no recovery mechanism. Consider that a CO attempts to invoke a gRPC service that some plugin doesn't register/bind to it's server mechanism. The "unimplemented" code returned by the gRPC indicates that the requested service or RPC is nowhere to be found, it's completely unregistered, and there's no caller recovery for this.

With Aborted there's specific recovery logic in the case of CSI for RPCs that aren't supposed to be invoked by the CO: the CO should invoke a xxxGetCapabilities RPC to determine how to properly operate the plugin in question. This qualifies as "re-trying at a higher level" of the protocol - the CO MAY restart its process of discovering what the plugin is capable of.

jdef
jdef approved these changes Nov 17, 2017
View reviewed changes
Copy link
Member

@jdef jdef left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@saad-ali
Copy link
Member

With Aborted there's specific recovery logic in the case of CSI for RPCs that aren't supposed to be invoked by the CO: the CO should invoke a xxxGetCapabilities RPC to determine how to properly operate the plugin in question. This qualifies as "re-trying at a higher level" of the protocol - the CO MAY restart its process of discovering what the plugin is capable of.

I can buy that argument.

LGTM

@jieyu
Copy link
Member Author

jieyu commented Nov 20, 2017

@cpuguy83 @julian-hj, do you have any further thoughts on this?

@cpuguy83
Copy link
Contributor

I don't agree with the case.
It is an error for the CO to call this endpoint when not specified in the capabilities. The CO should never try to call this function again because it shouldn't have to begin with.

@julian-hj
Copy link
Contributor

I agree with @cpuguy83. UNIMPLEMENTED seems like the correct return code to me. Calling a bunch of different RPCs instead of this one does not seem to me like a recovery, and as Brian points out--the only correct recovery is to go back and fix your CO code.

@akutz
Copy link
Contributor

akutz commented Nov 20, 2017

It should be unimplemented if the SP doesn’t implement something. Aborted should be used when RPCs in a known workflow are invoked out of order. For example, if NodePublishVolume is called before ControllerPublishVolume then the former could return aborted to indicate the device is not yet available on the node host and to attempt ControllerPublishVolume.

@jdef
Copy link
Member

jdef commented Nov 20, 2017 via email

@akutz
Copy link
Contributor

akutz commented Nov 20, 2017

Absolutely, and I thought that was the purpose of the gRPC error model change. I wasn’t arguing to use an app specific code. I thought we were debating when it makes sense to use unimplemented vs aborted.

@julian-hj
Copy link
Contributor

@jdef : in this case, my feeling is that there isn't a great deal of benefit in making that distinction. Basically, if the CO is coded correctly, and the plugin is operating as advertised, we should never see UNIMPLEMENTED. So, if we see it, that means that we need to go digging in the logs to figure out whether SP or the CO is to blame. That would be true regardless of whether the error is generated by the SP or the gRPC layer.

@akutz
Copy link
Contributor

akutz commented Nov 20, 2017

I agree with Julian. Take GetNodeID for example - while it’s optional, that state is tied to the ControllerCapability PublishUnpublish.

IMO there are too many concerns regarding examining capabilities to ascertain the workflows supported by an SP. If there should only be one or two supported models then let’s abandon capabilities and replace it with something simpler. Otherwise let’s acknowledge that a COs responsibility is to query the SP’s capabilities to figure out the names and order of RPCs to invoke. If an SP returns UNIMPLEMETED at that point then the SP is invalid anyway.

@jdef
Copy link
Member

jdef commented Nov 20, 2017

this should be rebased and take into account #152

@jieyu jieyu closed this Feb 1, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jdef jdef jdef approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@jieyu @cpuguy83 @jdef @saad-ali @julian-hj @akutz