Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Sign upraft: don't ack MsgPreVotes when it cannot succeed #8517
Conversation
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
bdarnell
Sep 7, 2017
Member
LGTM, but can you add a test of a PreVote at the current term that would fail without this change?
|
LGTM, but can you add a test of a PreVote at the current term that would fail without this change? |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
|
lgtm after adding the test @bdarnell suggested. |
xiang90
added
the
Raft
label
Sep 8, 2017
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
xiang90
Sep 14, 2017
Contributor
/cc @javaforfun would you like to help write a test for this code? i would like to get this merged as soon as possible.
|
/cc @javaforfun would you like to help write a test for this code? i would like to get this merged as soon as possible. |
| if m.Type == pb.MsgVote && m.Term != r.Term { | ||
| panic(fmt.Sprintf("m.Type == pb.MsgVote && m.Term != r.Term: %d != %d", m.Term, r.Term)) | ||
| } | ||
| if (r.Vote == None || r.Vote == m.From || (m.Type == pb.MsgPreVote && m.Term > r.Term)) && |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
lishuai87
Sep 15, 2017
Contributor
seems no different to previous.
do you mean this?
(r.Vote == None || r.Vote == m.From) && (m.Type == pb.MsgVote || (m.Type == pb.MsgPreVote && m.Term > r.Term)) &&
lishuai87
Sep 15, 2017
•
edited
Edited 1 time
-
lishuai87
edited Sep 15, 2017 (most recent)
Contributor
edited
-
Sep 15, 2017 (most recent)
seems no different to previous.
do you mean this?
(r.Vote == None || r.Vote == m.From) && (m.Type == pb.MsgVote || (m.Type == pb.MsgPreVote && m.Term > r.Term)) &&
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
xiang90
Sep 18, 2017
Contributor
the difference that we do not grant prevote if m.term <= t.term like before.
xiang90
Sep 18, 2017
Contributor
the difference that we do not grant prevote if m.term <= t.term like before.
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
bdarnell
Jan 23, 2018
Member
I'm looking at this again and the change doesn't make sense to me. It doesn't change the behavior of MsgPreVote - for MsgPreVote the condition was m.Term > r.Term both before and after the change. And adding the guard m.Type == pb.MsgPreVote doesn't really change anything because we know that for MsgVote, the terms are equal and the m.Term > r.Term condition will never be true.
The new code is slightly more explicit, so we might want to merge this as a cleanup, but I don't think there's a bug being fixed here. I've been unable to modify the test in #8571 to find any cases where this change makes a difference.
I do see one small bug: If m.Type == MsgPreVote && m.Term == r.Term && r.Vote == None && r.lead != None, then we will grant a PreVote when we shouldn't. However, there are not going to be enough nodes with r.Vote == None && r.lead != None to allow the PreVote to reach a quorum unless there have also been membership changes during the term.
I'll send a PR with some cleanups here. Testing the "leader without vote" scenario is difficult because it relies on membership changes, so unless you feel strongly I think I'll skip the test for now (I'm going to do some work on PreVote testing separately).
bdarnell
Jan 23, 2018
Member
I'm looking at this again and the change doesn't make sense to me. It doesn't change the behavior of MsgPreVote - for MsgPreVote the condition was m.Term > r.Term both before and after the change. And adding the guard m.Type == pb.MsgPreVote doesn't really change anything because we know that for MsgVote, the terms are equal and the m.Term > r.Term condition will never be true.
The new code is slightly more explicit, so we might want to merge this as a cleanup, but I don't think there's a bug being fixed here. I've been unable to modify the test in #8571 to find any cases where this change makes a difference.
I do see one small bug: If m.Type == MsgPreVote && m.Term == r.Term && r.Vote == None && r.lead != None, then we will grant a PreVote when we shouldn't. However, there are not going to be enough nodes with r.Vote == None && r.lead != None to allow the PreVote to reach a quorum unless there have also been membership changes during the term.
I'll send a PR with some cleanups here. Testing the "leader without vote" scenario is difficult because it relies on membership changes, so unless you feel strongly I think I'll skip the test for now (I'm going to do some work on PreVote testing separately).
xiang90
referenced this pull request
Sep 18, 2017
Closed
raft: don't ack MsgPreVotes when it cannot succeed #8571
bdarnell
referenced this pull request
Jan 23, 2018
Merged
raft: Clarify conditions for granting votes and prevotes. #9204
xiang90
closed this
in
#9204
Jan 23, 2018
pushed a commit
that referenced
this pull request
Jan 23, 2018
irfansharif commentedSep 7, 2017
•
edited
Edited 1 time
-
irfansharif
edited Sep 7, 2017 (most recent)
The changeset tightens the constraint around granted
PreVotes.Previously
PreVoterequests of the same term as the node's current termwould be granted despite there being no way for it to succeed
(
MsgPreVotescurrently specify the next term, if the next term of the requestingnode is the same as our current term, when subsequently calling for an
election it will fail). In this case we will now simply reject the vote.
While here we add a panic for a comment specified-constraint.
TestRawNodeStep was in violation of this by sending in Msg{Pre,}Vote
messages with unspecified terms (defaulting to 0) when the recipient
node was at a higher term.
+cc @bdarnell @xiang90