Refactor session ↔︎ leader interaction for durable shared subscriptions #14428
Conversation
* Rename "groups" to "ssubscribers" (shared subscribers). * Eliminate group_id concept, just use subscription id. * Use aliases for ssubscriber identification. * Recreate ssubscriber on invalidation. This reduces posibility of stale messages and simplifies ssubscriber lifecycle. * Do not opaquely handle messages to ssubscribers.
We cannot drain messages at this level because they require unpacking on higher levels.
savonarola
force-pushed
the
1206-refactor-shared-subs
branch
from
22b6812 to
c2d17f5
Compare
savonarola
changed the title
savonarola
changed the title
savonarola
changed the title
savonarola
force-pushed
the
1206-refactor-shared-subs
branch
from
797a849 to
122cf89
Compare
Co-authored-by: Thales Macedo Garitezi <[email protected]>
savonarola
force-pushed
the
1206-refactor-shared-subs
branch
from
a7b4f17 to
8d64f5b
Compare
|
|
||
| -type options() :: #{ | ||
| session_id := emqx_persistent_session_ds:id() | ||
| }. | ||
|
|
||
| -record(ssubscriber_entry, { |
There was a problem hiding this comment.
Nit / random idea. Worth introducing something like "subtenant" here or some similar term, for it to be a bit shorter and easier to parse?
There was a problem hiding this comment.
Do you refer to the "entry" data item or the ssubscriber terminology in general?
| @@ -92,7 +104,7 @@ can_subscribe(_State, #share{group = Group, topic = Topic}, _SubOpts) -> | |||
| exists -> | |||
| ok; | |||
| {error, Class, Reason} -> | |||
| ?tp(warning, "Shared queue declare failed", #{ | |||
| ?tp(debug, ds_shared_sub_agent_queue_declare_failed, #{ | |||
There was a problem hiding this comment.
Q: On debug level would be easier to lose such error, do you think there's a risk of flooding the logs with warnings? It's something that's not supposed to usually happen, especially if unrecoverable.
| {MsFieldName, | ||
| ?HOCON( | ||
| emqx_schema:timeout_duration_ms(), |
There was a problem hiding this comment.
Nit. Duration unit is already encoded in the type here, so it feels a bit awkward to have _ms suffix everywhere. E.g. durable_queues { leader_ssubscriber_timeout_ms = "5s" }.
| -type stream_data() :: #{ | ||
| status := stream_status(), | ||
| progress := progress(), | ||
| use_finished := boolean() |
There was a problem hiding this comment.
Nit. I think a comment describing what it is and what it is for would be welcome here.
| %% Should never happen. | ||
| reset(St); |
There was a problem hiding this comment.
Nit. Could be great to have better visibility into such events. Or perhaps something like a test-profile-only assertion?
|
I will add some updates in a follow-up. |
Fixes EMQX-13515
Release version: v/e5.9.0
Here, we make several internal model simplifications, resulting in less code, less complex code, and thus, hopefully, in more robust code.
These changes do not affect the code interacting with durable shared subscriptions, e.g., durable session.
Old code structure
emqx_persistent_session_ds_shared_subs, symmetrically toemqx_persistent_session_ds_subs.emqx_persistent_session_ds_shared_substalks toemqx_ds_shared_sub_agenthiding session internals from it.emqx_ds_shared_sub_agent;emqx_ds_shared_sub_agent: stream leases and revokes;emqx_ds_shared_sub_agent.emqx_ds_shared_sub_agentbelongs toemqx_ds_shared_subup and talks to shared sub leaders. Technically it does little itself but delegates calls to a collection ofemqx_ds_shared_sub_group_sm's instances, one for each topic subscription.emqx_ds_shared_sub_group_smrepresents a stateful connection to a leader. It actually talks to the leader, receives streams from it, etc.emqx_ds_shared_sub_leaderis responsible for renewing and distributing streams across connectedemqx_ds_shared_sub_group_sms and recording progress.Changes
The general structure or layers remains the same.
emqx_persistent_session_ds_shared_subsWe radically simplify
emqx_persistent_session_ds_shared_subs. (The first step was done in #14227).The relevant commit is f65eccd
Now
emqx_persistent_session_ds_shared_subsdoes not have any additional state exceptemqx_ds_shared_sub_agentto which it talks to receive streams.emqx_ds_shared_sub_agentsubscribers(formergroup_sms). This is not necessary for dispatching messages to individual subscription handlers.group_sms) an ability to request a complete recreation (in case inconsistent state is detected).The relevant commit is 81271d3
emqx_ds_shared_sub_group_smemqx_ds_shared_sub_group_smtoemqx_ds_shared_sub_subscriber. We identify it throughout the code asssubscribers, shared subscribers.ssubscriberfinishes and requests the agent to be recreated. The states are [new] ->connecting(to the leader) ->connected->unsubscribing-> [deleted].ssubscriber's states from stream states, and the related events are handled mostly independently.The corresponding commit is 12acd63.
emqx_ds_shared_sub_leadergen_serversince it always appeared to have a single state.emqx_ds_shared_sub_subscriberupdates, we change the model. Instead of having subscribers with versioned sets of revoking/granted streams, we have a plain structure of streams with status and owner.The corresponding commit is 3975178
I tried to group the described changes into distinct relevant commits. However, since the changes were quite significant, individual commits do not keep the code in a working state. There are some final changes to make everything up and running.
Summary
PR Checklist
Please convert it to a draft if any of the following conditions are not met. Reviewers may skip over until all the items are checked:
changes/(ce|ee)/(feat|perf|fix|breaking)-<PR-id>.en.mdfiles (internal change of unreleased feature).