Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sql: avoid tenant ID reuse #100615

Closed
knz opened this issue Apr 4, 2023 · 1 comment · Fixed by #101322
Closed

sql: avoid tenant ID reuse #100615

knz opened this issue Apr 4, 2023 · 1 comment · Fixed by #101322
Assignees
@knz
Labels
A-multitenancy Related to multi-tenancy branch-master Failures and bugs on the master branch. branch-release-23.1 Used to mark GA and release blockers, technical advisories, and bugs for 23.1 C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. GA-blocker T-multitenant Issues owned by the multi-tenant virtual team

Comments

@knz
Copy link
Contributor

knz commented Apr 4, 2023
edited by exalate-issue-sync bot
Loading

Tenant ID reuse is known to incur correctness problems in the following two cases:

  • we do not yet wait for server shutdown when the service mode is changed to 'NONE'. This makes it possible to start dropping a tenant and then reusing its ID before servers from the previous record have fully shut down. This creates a possibility for a past server to start serving traffic for a freshly created tenant, which is unacceptable.

  • we have a cache of tenant capabilites on every node. We do not yet implement an invalidation protocol to clear that cache upon tenant deletion. This makes it possible for requests from a new tenant to be authorized using the capabilities of a previous tenant, which is also unacceptable.

Until we implement the necessary synchronization, we can avoid the correctness issues by preventing ID reuse.

Jira issue: CRDB-26522
@knz knz added C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. branch-master Failures and bugs on the master branch. A-multitenancy Related to multi-tenancy GA-blocker T-multitenant Issues owned by the multi-tenant virtual team branch-release-23.1 Used to mark GA and release blockers, technical advisories, and bugs for 23.1 labels Apr 4, 2023
@knz knz mentioned this issue Apr 4, 2023
Closed
@knz knz removed the GA-blocker label Apr 11, 2023
@knz knz mentioned this issue Apr 12, 2023
Merged
@knz
Copy link
Contributor Author

knz commented Apr 12, 2023

back to ga-blocker because the fix needs a cluster version

@knz knz added the GA-blocker label Apr 12, 2023
@craig craig bot closed this as completed in 3df495f Apr 19, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@knz knz

Labels
A-multitenancy Related to multi-tenancy branch-master Failures and bugs on the master branch. branch-release-23.1 Used to mark GA and release blockers, technical advisories, and bugs for 23.1 C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. GA-blocker T-multitenant Issues owned by the multi-tenant virtual team
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

sql: avoid tenant ID reuse knz/cockroach
sql: avoid tenant ID reuse knz/cockroach
1 participant
@knz