IETF Logo Mail Archive

Re: [nfsv4] persistent sessions and compound atomicity

"J. Bruce Fields" <bfields@fieldses.org> Fri, 11 December 2020 16:57 UTC

Return-Path: <bfields@fieldses.org>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E86643A0B2B for <nfsv4@ietfa.amsl.com>; Fri, 11 Dec 2020 08:57:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fieldses.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KBhIsjDG5Mub for <nfsv4@ietfa.amsl.com>; Fri, 11 Dec 2020 08:57:27 -0800 (PST)
Received: from fieldses.org (fieldses.org [IPv6:2600:3c00:e000:2f7::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 992B53A0CD4 for <nfsv4@ietf.org>; Fri, 11 Dec 2020 08:57:26 -0800 (PST)
Received: by fieldses.org (Postfix, from userid 2815) id E6AAC6F72; Fri, 11 Dec 2020 11:57:25 -0500 (EST)
DKIM-Filter: OpenDKIM Filter v2.11.0 fieldses.org E6AAC6F72
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fieldses.org; s=default; t=1607705845; bh=zV6rU34tKRgINE8d91zizaLR2UyEFRQexvQjne3KN9U=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=aGFA7XMC2kAwTjESS/kv3kplUvOhYpgF5FdPY0QVGWGWUTmVsOqh3iZ3S+vhuAO3y nVaBet/QBtLdYINq9/ruqszss2qecXNjZ+H0MMDucegK9kNFekqkMk/uQurHorgb/M zs4/9P+XS+cKIHLPi50h5uAd2MweBgIUEtBUeRLM=
Date: Fri, 11 Dec 2020 11:57:25 -0500
From: "J. Bruce Fields" <bfields@fieldses.org>
To: Trond Myklebust <trondmy@gmail.com>
Cc: David Noveck <davenoveck@gmail.com>, Tom Talpey <tom@talpey.com>, Rick Macklem <rmacklem@uoguelph.ca>, "nfsv4@ietf.org" <nfsv4@ietf.org>
Message-ID: <20201211165725.GB16050@fieldses.org>
References: <20201209002639.GC16661@fieldses.org> <93d4e52e-23e6-cf5f-4b0f-50060f4c6151@talpey.com> <20201209144927.GB23889@fieldses.org> <2d94c517-04ba-75b0-9583-4b7eb4aa8ced@talpey.com> <YQXPR0101MB096883BD0B2EBF66D12FC732DDCC0@YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM> <20201209225944.GC24283@fieldses.org> <CADaq8jdYyigfkHDbAdk7uARzdSsoNHdPZdUJjPMka5_4tZ6C6Q@mail.gmail.com> <7246cdd69b6e53fee4b657d9c51a973208c96cbf.camel@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <7246cdd69b6e53fee4b657d9c51a973208c96cbf.camel@gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/r1QonDcHAIRja0PP1BI04b6dZhA>
Subject: Re: [nfsv4] persistent sessions and compound atomicity
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Dec 2020 16:57:31 -0000

On Thu, Dec 10, 2020 at 09:23:52PM -0500, Trond Myklebust wrote:
> On Thu, 2020-12-10 at 17:07 -0500, David Noveck wrote:
> > 
> > 
> > On Wed, Dec 9, 2020, 5:59 PM J. Bruce Fields <bfields@fieldses.org>
> > wrote:
> > > On Wed, Dec 09, 2020 at 04:43:59PM +0000, Rick Macklem wrote:
> > > > I would say that the ATOMIC refers to the individual operations
> > > of the
> > > > compound. In other words, it must cache the reply to each
> > > operation
> > > > when it is completed, in the persistent cache.
> > > > 
> > > > Then, if a retry of the compound is received after a server
> > > reboot,
> > > > the reply for the first K operations that were completed prior to
> > > the
> > > > reboot are generated from the cache and the remaining N-K are
> > > > performed on the file system to complete the reply. (At least for
> > > the
> > > > non-idempotent operations in the compound.)
> > > > 
> > > > For this to all work correctly, I think the server file system
> > > would
> > > > need to perform each non-idempotent operation ATOMICALLY as well,
> > > such
> > > > that after the reboot the file system is in either the pre-
> > > operation
> > > > or post-operation state.
> > > 
> > > Great, sounds like everyone agrees, I'll calm down.
> > 
> > I don't see the need for individual ops to be atomic especially since
> > they (e.g. writes) are not defined as atomic in general.
> > 
> > I don't think we have total agreement but we are moving in the same
> > direction.  No reason to be anything but calm.
> 
> in Section 2.10.6.5 of RFC5661, there is the following snippet:
> 
>    One way to
>    view the problem is as a single transaction consisting of each
>    operation in the COMPOUND followed by storing the result in
>    persistent storage, then finally a transaction commit.  If there is a
>    failure before the transaction is committed, then the server rolls
>    back the transaction.  If the server itself fails, then when it
>    restarts, its recovery logic could roll back the transaction before
>    starting the NFSv4.1 server.
> 
> Why shouldn't a client implementer reading the above be able to
> conclude that a NFS4ERR_DEADSESSION error implies that the operation
> failed with no side-effects?

Yes--they can conclude that the one operation failed.  But previous
operations may have succeeded and had side effects.

I had that wrong--I thought the spec said somewhere that DEADSESSION
could only be returned to the initial SEQUENCE op, but actually it's
quite explicit that it can be returned later:

	https://tools.ietf.org/html/rfc5661#section-18.46.4

	In the case of a partially executed COMPOUND, processing may
	reach an operation not processed during the earlier server
	instance, making this operation a new one and not performable on
	the existing session.  In this case, NFS4ERR_DEADSESSION will be
	returned from that operation.

	https://tools.ietf.org/html/rfc5661#section-15.1.11.5

	15.1.11.5.  NFS4ERR_DEADSESSION (Error Code 10078)

	The specified session is a persistent session that is dead and
	does not accept new requests or perform new operations on
	existing requests (in the case in which a request was partially
	executed before server restart).

The table in https://tools.ietf.org/html/rfc5661#section-8.4.2 gives it
as a valid error return for any operation, I think, except GETFH.

So actually, forget DELAY, the server returns DEADSESSION at the point
it stopped processing.  (With the one exception of GETFH as otherwise it
would be impossible to implement stuff like O_CREAT reliably.)

Thus the 2.10.6.5 language was clearly meant to treat each op (and
storage of its encoded result in the persistent DRC) as a transaction,
not to treat the entire compound as a transaction.

--b.

v2.23.0 | Report a Bug | By Email