IETF Logo Mail Archive

Re: [nfsv4] persistent sessions and compound atomicity

Rick Macklem <rmacklem@uoguelph.ca> Wed, 09 December 2020 16:44 UTC

Return-Path: <rmacklem@uoguelph.ca>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 494DC3A0EFA for <nfsv4@ietfa.amsl.com>; Wed, 9 Dec 2020 08:44:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=uoguelph.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tm5KdFyVRdjg for <nfsv4@ietfa.amsl.com>; Wed, 9 Dec 2020 08:44:02 -0800 (PST)
Received: from CAN01-TO1-obe.outbound.protection.outlook.com (mail-eopbgr670053.outbound.protection.outlook.com [40.107.67.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 41F7A3A0EF3 for <nfsv4@ietf.org>; Wed, 9 Dec 2020 08:44:02 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hftQdqzN8ExcevAxQvXxfIW5TVgjzAjwXEXO2Dxm0fRZL30YvfdlVxxc4OlJnOYn/uOo+CCcVdW1ZcqT4jqT+0wdbNezuMLCOR8qD6uFUWqD4VIyge5OKUcGZIOFAp2E5S7QgsxYtpcUIDbA25q71u+Gue+redUFZ5w1eqoq+2th2SZbG4eyF15NslqKaMwAU4VfOleUXdB1jEabEPoFuuNHEN2/NnCRPlO5IucoIfCWrf5Lb1nP/+uBLiHBsTBvJVYEMKii3TdlzEJ4dP9dgCKYfJw04Hhhgsx7Gkoo9XcXR35uyY+yL093Fw2DLLqIf1cGZocJXpvDmO9AeaVneg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ze5v4NVV9DdanVAFq+x01WrTicDHSqOTpBhzYPR0b1Q=; b=Yo+tnJGW2HgBepEcDIRxkpJSmHL9TvHRr5zD3qpBODhH1FPMHoLopepNSi0wYLqQfi8EZ+j3DamTnltjVs64Cf/bA2EWY73LkJdrBW8BXECucXXj8vfAmgkz3jQ9uGk6uMbYZqqLmRo6EDMBnTcggtO2ITAX4bEgyYOzMUX7/0KEZ20LyBgmtxN/rHy3PFfiBEfZBRQ4tMG2UCgqjjfNkL7sBSjtCO3A/y0gFsTEBLpkyojLpl29hoNjfc+v/9jnVLh8U1hT7PQGzx975MnT4ecXRLmplCXnpgqcIaBj9+wrjQWlQJ1uCPKxplmhUt6SIlqMsG9x3GyJZrUveg8MMw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=uoguelph.ca; dmarc=pass action=none header.from=uoguelph.ca; dkim=pass header.d=uoguelph.ca; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uoguelph.ca; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ze5v4NVV9DdanVAFq+x01WrTicDHSqOTpBhzYPR0b1Q=; b=kNGeuAqlwTurRP6+ppBe6/bhupXyvoNSmOODDQVS63mi4j5MIXV2/Od4VECLz6naGK8PecH6+CMbp15DkOpqzoifenuhi8M5ZRzQwOOSPbfBpm3FoRuI4CidW7+a/JD5VmAA35dgWQTzZjZCulVNILPsC43zU2DrRQs8bYkkEVE0R1y6jINpfTbeJwCfYw/VKrRzkBb8jFZHxMuQqW5D+X/c2mN9V2wDk6NwY9lf1/kPeLdKsH69DR1wby8Qgys8VD81CXD5o58NjmdzZ9tY44QPG0cG4wVA3Lzc+yglog8v5jYVB2pGGNSDFjvvWPbBtVauzgwkUp3Iw9nKrTAswA==
Received: from YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:c00:19::29) by YQBPR0101MB1764.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:c00:e::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3632.18; Wed, 9 Dec 2020 16:44:00 +0000
Received: from YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM ([fe80::7d6b:aa68:78f4:5d94]) by YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM ([fe80::7d6b:aa68:78f4:5d94%6]) with mapi id 15.20.3632.017; Wed, 9 Dec 2020 16:43:59 +0000
From: Rick Macklem <rmacklem@uoguelph.ca>
To: Tom Talpey <tom@talpey.com>, "J. Bruce Fields" <bfields@fieldses.org>
CC: "nfsv4@ietf.org" <nfsv4@ietf.org>
Thread-Topic: [nfsv4] persistent sessions and compound atomicity
Thread-Index: AQHWzjLkcN/xKABU9ku/9AZTu24qZ6nu2JaAgAALKICAABB6Tg==
Date: Wed, 09 Dec 2020 16:43:59 +0000
Message-ID: <YQXPR0101MB096883BD0B2EBF66D12FC732DDCC0@YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM>
References: <20201209002639.GC16661@fieldses.org> <93d4e52e-23e6-cf5f-4b0f-50060f4c6151@talpey.com> <20201209144927.GB23889@fieldses.org>, <2d94c517-04ba-75b0-9583-4b7eb4aa8ced@talpey.com>
In-Reply-To: <2d94c517-04ba-75b0-9583-4b7eb4aa8ced@talpey.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: talpey.com; dkim=none (message not signed) header.d=none;talpey.com; dmarc=none action=none header.from=uoguelph.ca;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 5b0729fe-0546-4bb9-3efd-08d89c61a0f8
x-ms-traffictypediagnostic: YQBPR0101MB1764:
x-microsoft-antispam-prvs: <YQBPR0101MB17647B395CD9D114A382FA6FDDCC0@YQBPR0101MB1764.CANPRD01.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: dU/gLhqHmMzLMnJPpYf/AKitwnKx1OqnCSxWAlGjr4KvMvaleEV9J/0BaPqPrmBJs3WKXxZj6nMAikuIgyc+dWZ09IFJw6Sl3QEtc4zAvo6bOoF9aMTTp5KA/UisJJEMgsNvxTlpWDTMl3kEIf+wazmjer42dIflczMOy5AVS4qzxtZniBwthrvXTZ3Zo4zrGf2rHRMskGiMePY8Nvd6802fcLriWFHILdNyJDq9w/E5VRjg2Ge7grIf3qjn0CS0ZbKXVcvUvJYKUzQKLjnMwWAiosI865W7euF/aMyXgk7wKDfvsvIjXf95ORXsMaL+UZ4Mssw8JdSe92H7rj3CMEfHSa5L8a36Wujr26UXQG6FNiXVg+31MAXVKlnQPaFbmWojRpnZNXuoaxYkEctj+w==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(136003)(346002)(376002)(366004)(186003)(53546011)(71200400001)(508600001)(966005)(786003)(33656002)(2906002)(110136005)(91956017)(4326008)(6506007)(52536014)(64756008)(76116006)(86362001)(66946007)(66556008)(55016002)(5660300002)(66476007)(8676002)(9686003)(66446008)(83380400001)(8936002)(7696005); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: MDvsOVQ1JpmvejTe5ZvRyFfS/vqvB8tVji3PDeal4sVPthm6kCwDCAJMkdozNXBZoA4h26hEGlnuS494+GW4m0cHuokxhbx4iglqT0OxU4Mf+SbD+KELEogbcOtBiOkFWNFtxmA7xFOLb6RGVSwUOadeByKyEGuUUzcFWuDPGJepgHi24dq6bGBCcg12isSvxy8AGcsZQxYPp+fOgnssP/NU2aiV5gYjUsuWFqmCZfH6W3BzkExDnlwpkl3YV+/cIORpvFyBaWVHuvOKgE7xdZ8tZsVEB68L69NK/8wPFVrWGwGMAYcXqjSiV6vLx81pOY9NtmvtgFl9uoTDqP+P8Fs+ktejY1HlNjwO2fkTUwgHWUiz2cKOi078XiL7wU8S5pEj/nEzwp+pMPvIpw6PMQAa9IJ1KNmL8KMs8q1GFu7VwK3lyMNCt57TJA4Pb1L7jLnF1xhYFVMGhtruhfluW74e0Od9+PVnxOpne1ZIv1JLpdoOdulPAEwA8OaGRbMIiI45+JyD6PKPZMPsnvoUYCTPM6kfeQ9hJr+dB9B7nGXM9+h6koKgu+XkzhC7l6QXw3cHKq65RYGjnua4DJ1ShO5JjR3Ig1wAebUSPWPGTP7C5+sJ5nQwE5Z1TNnYqfMnqqWc8l+QPFlcexjmOi8lM2Nmw0iIrOI8atLkTcfijuVzrNo24atd79InOf4avCuQX65b681qNV6Or/n2j8ZMNOWXgw2Ue/fO82WnqNgW6fslWv4mqVmdYIEC6WM9w+fmIHmE+ys2UKYqEWhLjPZERq4TGVQ0Z+xm5NPw3rabzzAciXWGcwlkPpNvvbu+bqJJzC6CdSXw0Q7sBEY4+H0cChR9akO8twbgmhNT3zqTQxfM21BOjoVzn0WtudqsETKqSdo0BJp16O37HGO6979ddOW6KUy8WN17M5NbF4fCP0RVyYLfYC7/s3t780a1E28VxJWmFlTF6FYVCBfbcOGVwf9i67+p4iJr5lZHml8NZ3oseeL7nXj3/HV94JBtdR/3ZMhbEF3GgiInVtXmfN8FVnsa8XE5BYha6v3wZIItWG4=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: uoguelph.ca
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 5b0729fe-0546-4bb9-3efd-08d89c61a0f8
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Dec 2020 16:43:59.8510 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: be62a12b-2cad-49a1-a5fa-85f4f3156a7d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: GJGle07pOBwcPdPbzthAngskPkq7FrCo+KBrNN6+Yg6sTeZJRhsyso8A11EgorHKIJb1Pj5UGq6N3W62kwKlBg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: YQBPR0101MB1764
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/YRT5LZxGbB1OevPwNvcHUbBMK4Q>
Subject: Re: [nfsv4] persistent sessions and compound atomicity
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Dec 2020 16:44:04 -0000

On 12/9/2020 9:49 AM, J. Bruce Fields wrote:
> On Wed, Dec 09, 2020 at 08:55:03AM -0500, Tom Talpey wrote:
>> On 12/8/2020 7:26 PM, J. Bruce Fields wrote:
>>> I hadn't given much thought to this language in RFC 5661, and now that I
>>> do, it surprises me.  If you have any pointers to discussion I forgot or
>>> overlooked, I'd be interested:
>>>
>>>     https://tools.ietf.org/html/rfc5661#section-2.10.6.5
>>>
>>>     The execution of the sequence of operations (starting with
>>>     SEQUENCE) and placement of its results in the persistent cache
>>>     MUST be atomic.  If a client retries a sequence of operations
>>>     that was previously executed on the server, the only acceptable
>>>     outcomes are either the original cached reply or an indication
>>>     that the client ID or session has been lost (indicating a
>>>     catastrophic loss of the reply cache or a session that has been
>>>     deleted because the client failed to use the session for an
>>>     extended period of time).
>>>
I think this is what others are already saying, but just in case...

I would say that the ATOMIC refers to the individual operations of the
compound. In other words, it must cache the reply to each operation
when it is completed, in the persistent cache.

Then, if a retry of the compound is received after a server reboot, the
reply for the first K operations that were completed prior to the reboot
are generated from the cache and the remaining N-K are performed on
the file system to complete the reply. (At least for the non-idempotent
operations in the compound.)

For this to all work correctly, I think the server file system would need to perform
each non-idempotent operation ATOMICALLY as well, such that after the
reboot the file system is in either the pre-operation or post-operation state.

rick, who has no intention of ever trying to implement a persistent session cache.

>>>     A server could fail and restart in the middle of a COMPOUND
>>>     procedure that contains one or more non-idempotent or
>>>     idempotent-but-modifying operations. This creates an even higher
>>>     challenge for atomic execution and placement of results in the
>>>     reply cache....
>>>
>>> And I don't see why that MUST is necessary.  Why can't the server, on
>>> encountering a nonidempotent operation, store partial compound results
>>> in its reply cache together with whatever compound state (current
>>> filehandles, etc.) it needs to resume processing on restart?
>>
>> I think the atomicity is referring to the building of the response,
>> not the execution of the COMPOUND itself (which would be impossible,
>> generally).
>>
>> The main issue it's protecting is the server's response never changing.
>> The operation must always have one result. If the client were to replay
>> a request while the server is still executing the compound, and get a
>> partial answer, followed by the final answer, that would be very bad
>> indeed.
>
> Got it, thanks.
>
>>> Or, why not allow it to return the result so far and then DEADSESSION on
>>> any following operation?
>>
>> "So far"? That only makes sense if the compound were totally complete.
>> At which point, there is one and only one result.
>
> Hm, I'm not sure what you mean.  The server comes up from a crash and
> determines that it was in the middle of processing a compound, and that
> the last thing it does was succesfully execute a nonidempotent op in the
> middle of the compound.  it has to decide what it's going to use as the
> final reply for that compound.

In the persistent restarted server case, I agree with you. I thought
you were somehow arguing that the server could provide a reply from
cache, for an in-progress operation.

In the persistence case, I guess this means the server will build the
compound response in-progress, and keep it "secret" as long as it's
partial. On restart, it will need to sweep the cache, add any
necessary error for the compounds that didn't get executed, and mark
it complete and ready for responding whne the client replays.

That seems like a lot of fiddly stuff, but I guess it's important
for any non-idempotent operations. I bet there's more language that
needs tightening up.

Tom.


>
> --b.
>
>>
>> Tom.
>>
>>> One problem is that a create operation followed by a GETATTR really
>>> shouldn't fail in between the two--that'd make it hard to implement
>>> O_CREAT, for example.
>>>
>>> But it seems like a server should be able to avoid that without making
>>> every sa_cachethis operation completely atomic.
>>>
>>> Am I missing some reason for that MUST?
>>>
>>> --b.
>>>
>>> _______________________________________________
>>> nfsv4 mailing list
>>> nfsv4@ietf.org
>>> https://www.ietf.org/mailman/listinfo/nfsv4
>>>
>>
>> _______________________________________________
>> nfsv4 mailing list
>> nfsv4@ietf.org
>> https://www.ietf.org/mailman/listinfo/nfsv4
>

_______________________________________________
nfsv4 mailing list
nfsv4@ietf.org
https://www.ietf.org/mailman/listinfo/nfsv4

v2.23.0 | Report a Bug | By Email