[WFLY-12610] adding properties to setup transaction recovery and operation to run recovery

[ochaloup]

https://issues.redhat.com/browse/WFLY-12610

The point of this PR is giving a way to execute Narayana recovery processing from jboss cli without a need to open socket + to make recovery configuration changes without a need to restart JVM + do not suspend the recovery manager when WildFly is suspended (e.g. WFLY suspend happens on call of the graceful shutdown).

[ochaloup]

This PR should be a working concept but I would like to hear from you - @mmusgrov @jmfinelli @mnovak1 @istraka what do you think.

With these changes the idea of the graceful shutdown recovery speedup processing would be like
./bin/jboss-cli.sh -c --commands="/subsystem=transactions:write-attribute(name=stop-recovery-when-suspended, value=false),/subsystem=transactions:write-attribute(name=recovery-period, value=1),/subsystem=transactions:write-attribute(name=orphan-safety-interval, value=1),:shutdown(timeout=300)"

[ochaloup]

I need to fix the two failing tests but the concept of the change should be working.

[mmusgrov]

The functionality looks very good indeed.

I had a number of minor non-functional comments/queries (which, apart from my comment about TransactionSubsystem61Parser.java, you may ignore) so I am approving the PR.

[mmusgrov]

Shouldn't this be stop-recovery-when-suspending or disable-recovery-before-suspend etc because there cannot be any processing when the server is suspended.

[ochaloup]

Yeap, you're right while my initial idea was letting the server being suspended while leaving the chance for recovery manager to finish the transactions. That way the whole server would be "sleeping" and recovery manager could finish anything necessary. Maybe it's not what's needed.

With this comment I realized you are right that it should be this way at least for graceful shutdown. I wrote the :shutdown(timeout=300) will be finishing with recovery but it's not true. I need to implement something like what EJB suspend controller does
https://github.com/wildfly/wildfly/blob/main/ejb3/src/main/java/org/jboss/as/ejb3/suspend/EJBSuspendHandlerService.java#L209
That's a missing piece and it's the functionality where attribute of the name stop-recovery-when-suspending makes sense. Maybe the attribute should be rather named like `suspend-with-no-indoubt-transactions" or like that.

[mmusgrov]

I will leave this conversation unresolved until you know what you want to do then.

[mmusgrov]

Remark: I don't understand the comment but I do have access to the source code so I guess I can read that and ignore the comment.

[mmusgrov]

How can periodic recovery continue when the application server is suspended?

[ochaloup]

I assume the server is suspended but recovery may be processing. The incoming connections are not permitted but the outgoing should be possible.
I need to reconsider this as per the first comment. Probably the serve should shutdown the recovery when suspended and just there should be a chance to not permit suspending when there are in-doubt transactions.

[mmusgrov]

okay, I will leave you to decide what the best approach is.

[mmusgrov]

The diff between this and the previous version (wildfly-txn_6_0.xsd) is too large for me to review it completely (personally I'd have taken copy and just added the new definitions). But I did check that it contained definitions for
recovery-period, recovery-backoff-period and stop-recovery-when-suspended which looked okay apart from the confusing name for stop-recovery-when-suspended.

[ochaloup]

Discussed above. Change probably needed.

[ochaloup]

I updated the code based of the points in the comment. Still missing to change the suspend handler to run recovery instead of not stopping it.

[mmusgrov]

I am still okay to merge this PR.

[bstansberry]

Superseded by #15382