Skip to content

[nexus] Make snapshot-create saga unwind-safe #2093

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 40 commits into from
Dec 29, 2022
Merged

[nexus] Make snapshot-create saga unwind-safe #2093

merged 40 commits into from
Dec 29, 2022

Conversation

@smklein
Copy link
Collaborator

@smklein smklein commented Dec 23, 2022
edited
Loading

  • Makes snapshot creation unwind-safe
  • Adds tests to validate that unwinding the saga does not leave detritus

Part of #2052

smklein added 26 commits December 15, 2022 22:38
@smklein
[sagas] Make a macro to simplify declaring saga actions
b2a2ba1
@smklein
ignore rustdoc
f399ff7
@smklein
[nexus] Instance Deletion is now a saga
66cf0c0
@smklein
[nexus] Project and VPC creation are now sagas
828ed21
@smklein
Merge branch 'main' into saga-macro
2e0a199
@smklein
Merge branch 'main' into saga-macro
533ee76
@smklein
Move some lazy_static to once_cell
6abce08
@smklein
Merge branch 'main' into saga-macro
169ed10
@smklein
Extend docs
29a3ab5
@smklein
Merge branch 'main' into saga-macro
3b62a6a
@smklein
Merge branch 'saga-macro' into more-sagas
05cbd9d
@smklein
Merge branch 'more-sagas' into project-creation-saga
f7f5fbe
@smklein
[vpc_create] Add undo actions
2f89973
@smklein
[vpc_create] Add tests for idempotency, fix things
b9fef96
@smklein
[nexus] Make project creation unwind safe, add tests
d68c763
@smklein
fix project lookup
9a8504b
@smklein
Lookup project when deleting to avoid rcgen issue during unwind
79271d2
@smklein
[nexus] Make snapshot deletion a saga
23801dd
@smklein
[nexus] Add basic test for snapshot create
80932d8
@smklein
Merge branch 'main' into project-creation-saga
bfc6048
@smklein
Merge branch 'project-creation-saga' into vpc-creation-saga-idempotent
f9c635a
@smklein
Merge branch 'vpc-creation-saga-idempotent' into project-creation-sag…
8c01fcd 
…a-idempotent
@smklein
Merge branch 'project-creation-saga-idempotent' into snapshot-delete-…
3f37a48 
…saga
@smklein
Merge branch 'snapshot-delete-saga' into snapshot-create-saga-idempotent
e1a5e5c
@smklein
fix node names
163d9c5
@smklein
Merge branch 'snapshot-delete-saga' into snapshot-create-saga-idempotent
fedfbb8
@smklein smklein changed the title Snapshot create saga idempotent Snapshot create saga unwind-safe Dec 23, 2022
@smklein smklein changed the title Snapshot create saga unwind-safe [nexus] Make snapshot-create saga unwind-safe Dec 26, 2022
@smklein smklein marked this pull request as ready for review December 26, 2022 19:05
@smklein smklein mentioned this pull request Dec 26, 2022
Open
13 tasks
smklein
smklein commented Dec 26, 2022
View reviewed changes
nexus/src/app/sagas/disk_create.rs

#[cfg(test)]
mod test {
pub(crate) mod test {
Copy link
Collaborator Author

@smklein smklein Dec 26, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm mostly modifying this so I can re-use some of the test functions which validates "disk creation doesn't leave detritus".

Most of these checks are identical for snapshot creation.

smklein
smklein commented Dec 26, 2022
View reviewed changes
nexus/src/app/sagas/snapshot_create.rs
Comment on lines +1400 to +1404
// Unfortunately, for our idempotency checks, checking for a "clean
// slate" gets more expensive when we need to compare region allocations
// between the disk and the snapshot. If we can undo the snapshot
// provisioning AND delete the disk together, these checks are much
// simpler to write.
Copy link
Collaborator Author

@smklein smklein Dec 26, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This detail matters - basically, it's easy to check "nothing exists in the DB", and harder to check "the state which was provisioned for a disk exists and matches, but nothing else was added".

Unwinding the snapshot AND deleting the disk gets us back to the simpler "nothing should exist" state.

@smklein smklein requested a review from leftwo December 26, 2022 19:15
smklein
smklein commented Dec 27, 2022
View reviewed changes
nexus/src/app/sagas/snapshot_create.rs
Comment on lines +777 to +788
// NOTE: If we later create a volume record and delete it, the
// running snapshot may be deleted (see:
// ssc_create_volume_record_undo).
//
// To cope, we treat "running snapshot not found" as "Ok", since it
// may just be the result of the volume deletion steps completing.
.or_else(|err| match err {
ErrorResponse(r) if r.status() == StatusCode::NOT_FOUND => {
Ok(())
}
_ => Err(err),
})?;
Copy link
Collaborator Author

@smklein smklein Dec 27, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I found this a little quirky; figured I'd call it out.

  • If we haven't run the later "volume creation" undo step, we need to cleanup this running snapshot.
  • If we have run the later "volume creation" undo step, it's already gone

Base automatically changed from snapshot-delete-saga to main December 28, 2022 20:48
@smklein smklein enabled auto-merge (squash) December 29, 2022 06:37
@smklein smklein merged commit 329ca35 into main Dec 29, 2022
@smklein smklein deleted the snapshot-create-saga-idempotent branch December 29, 2022 07:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@leftwo leftwo leftwo approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@smklein @leftwo