Cannot force allocate primary to a node where the shard already exists #22031
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Before, it was possible that the SameShardAllocationDecider would allow force allocation of an unassigned primary to the same node on which an active replica is assigned. This could only happen with shadow replica indices, because when a shadow replica primary fails, the replica gets promoted to primary but in the INITIALIZED state, not in the STARTED state (because the engine has specific reinitialization that must take place in the case of shadow replicas). Therefore, if the now promoted primary that is initializing fails also, the primary will be in the unassigned state, because replica to primary promotion only happens when the failed shard was in the started state. The now unassigned primary shard will go through the allocation deciders, where the SameShardsAllocationDecider would return a NO decision, but would still permit force allocation on the primary if all deciders returned NO. This commit implements canForceAllocatePrimary on the SameShardAllocationDecider, which ensures that a primary cannot be force allocated to the same node on which an active replica already exists.
ywelsch
reviewed
Dec 7, 2016
ywelsch
approved these changes
Dec 8, 2016
| ); | ||
|
|
||
| // can't force allocate same shard copy to the same node | ||
| ShardRouting newPrimary = ShardRouting.newUnassigned(primaryShard.shardId(), true, |
There was a problem hiding this comment.
TestShardRouting automatically provides some of the randomness that you explicitly do here.
abeyad
pushed a commit
that referenced
this pull request
Dec 8, 2016
#22031) Before, it was possible that the SameShardAllocationDecider would allow force allocation of an unassigned primary to the same node on which an active replica is assigned. This could only happen with shadow replica indices, because when a shadow replica primary fails, the replica gets promoted to primary but in the INITIALIZED state, not in the STARTED state (because the engine has specific reinitialization that must take place in the case of shadow replicas). Therefore, if the now promoted primary that is initializing fails also, the primary will be in the unassigned state, because replica to primary promotion only happens when the failed shard was in the started state. The now unassigned primary shard will go through the allocation deciders, where the SameShardsAllocationDecider would return a NO decision, but would still permit force allocation on the primary if all deciders returned NO. This commit implements canForceAllocatePrimary on the SameShardAllocationDecider, which ensures that a primary cannot be force allocated to the same node on which an active replica already exists.
|
5.x commit: 6d3e6f2 |
jasontedor
added a commit
to jasontedor/elasticsearch
that referenced
this pull request
Dec 8, 2016
* master: Skip IP range query REST test prior to 5.1.2 Bump version to 5.1.2 Don't allow yaml tests with `warnings` that don't skip `warnings` (elastic#21989) Cannot force allocate primary to a node where the shard already exists (elastic#22031) Fix REST test for ip range aggregations. Build: NORELEASE is the same as norelease (elastic#22006) S3/Azure snapshot repo documentation wrong for "read_only"
lcawl
added
:Distributed Indexing/Distributed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Before, it was possible that the SameShardAllocationDecider would allow
force allocation of an unassigned primary to the same node on which an
active replica is assigned. This could only happen with shadow replica
indices, because when a shadow replica primary fails, the replica gets
promoted to primary but in the INITIALIZED state, not in the STARTED
state (because the engine has specific reinitialization that must take
place in the case of shadow replicas). Therefore, if the now promoted
primary that is initializing fails also, the primary will be in the
unassigned state, because replica to primary promotion only happens when
the failed shard was in the started state. The now unassigned primary
shard will go through the allocation deciders, where the
SameShardsAllocationDecider would return a NO decision, but would still
permit force allocation on the primary if all deciders returned NO.
This commit implements canForceAllocatePrimary on the
SameShardAllocationDecider, which ensures that a primary cannot be
force allocated to the same node on which an active replica already
exists.
Relates #22021