Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[FAB-17523] Endorsing peer was not honoring RequiredPeerCount #716

Merged
merged 1 commit into from
Feb 24, 2020
Merged

[FAB-17523] Endorsing peer was not honoring RequiredPeerCount #716

merged 1 commit into from
Feb 24, 2020

Conversation

denyeart
Copy link
Contributor

@denyeart denyeart commented Feb 22, 2020

Type of change

  • Bug fix

Description

If there were not enough known eligible peers to meet a private data
collection RequiredPeerCount, endorsement was succeeding rather
than returning an error.

This was a regression caused by FAB-15389 in v1.4.4.
FAB-15389 shifted entirely to per-peer dissemination where required
peers were tagged up front before dissemination, however there was
no overall check to ensure that RequiredPeerCount was met. Prior
to FAB-15389, the check was handled deeper in the gossip dissemination.
Gossip still checks that each selected required peer disseminates
the private data.

This fix adds the overall RequiredPeerCount check for cases where
there are not enough known eligible peers.

Also, improvements are made to variable names, error messages, and
comments to make dissemination code easier to understand.

Related issues

https://jira.hyperledger.org/browse/FAB-17523

Signed-off-by: David Enyeart enyeart@us.ibm.com

@denyeart denyeart marked this pull request as ready for review February 24, 2020 05:49
@denyeart denyeart requested a review from a team as a code owner February 24, 2020 05:49
// With the shift to per peer dissemination in FAB-15389, we must first check
// that there are enough eligible peers to satisfy RequiredPeerCount.
if (len(eligiblePeers)) < colAP.RequiredPeerCount() {
return nil, fmt.Errorf("required to disseminate to at least %d peers, but know of only %d eligible peers", colAP.RequiredPeerCount(), len(eligiblePeers))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We seem to have a good set of methods to ensure that pvtData is never lost and also the block commit performance is not impacted.

  1. PvtData should be disseminated to the requiredPeerCount number of peers. Otherwise, the endorsement is rejected (fixed by this PR).
  2. As per the collection's endorsement policy, by default, the PvtData is replicated across the transient stores.
  3. If a peer does not find PvtData in the transient store during the commit time, it would fetch from other peers. If the peer could not fetch the required pvtData from any other peers, it would record that particular pvtData is missing and proceed with the commit. Later, the reconciler fetches the missing pvtData from other peers.
  4. Most BaaS platforms also provide HA — one from IBP https://cloud.ibm.com/docs/blockchain-sw?topic=blockchain-sw-ibp-console-ha

As there could be duplicate communications (i.e., every endorser disseminating the pvt data even to the peer which already has the pvtData -- happens when there are multiple endorsers), such an approach in WAN could be bad for the performance. Anyway, this needs to be benchmarked to see whether it is really a problem. If we find this to be a problem, we can keep track of the previous senders and reduce the number of dissemination (for the future).

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the onus is on the admin to configure requiredPeerCount and maxPeerCount depending on the endorsement policy to avoid duplicate transmissions.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense. I'm looking forward to your private data perf test results.

gossip/privdata/distributor.go Outdated Show resolved Hide resolved
gossip/privdata/distributor.go Outdated Show resolved Hide resolved
gossip/service/gossip_service.go Outdated Show resolved Hide resolved
gossip/privdata/distributor.go Outdated Show resolved Hide resolved
gossip/privdata/distributor.go Outdated Show resolved Hide resolved
If there were not enough known eligible peers to meet a private data
collection RequiredPeerCount, endorsement was succeeding rather
than returning an error.

This was a regression caused by FAB-15389 in v1.4.4.
FAB-15389 shifted entirely to per-peer dissemination where required
peers were tagged up front before dissemination, however there was
no overall check to ensure that RequiredPeerCount was met. Prior
to FAB-15389, the check was handled deeper in the gossip dissemination.
Gossip still checks that each selected required peer disseminates
the private data.

This fix adds the overall RequiredPeerCount check for cases where
there are not enough known eligible peers.

Also, improvements are made to variable names, error messages, and
comments to make dissemination code easier to understand.

Signed-off-by: David Enyeart <enyeart@us.ibm.com>
Copy link
Contributor Author

@denyeart denyeart left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Addressed comments.

@manish-sethi manish-sethi merged commit b7a3eba into hyperledger:master Feb 24, 2020
@denyeart denyeart deleted the d_fix_maxpeercount branch February 24, 2020 19:05
manish-sethi pushed a commit that referenced this pull request Feb 24, 2020
…729)

If there were not enough known eligible peers to meet a private data
collection RequiredPeerCount, endorsement was succeeding rather
than returning an error.

This was a regression caused by FAB-15389 in v1.4.4.
FAB-15389 shifted entirely to per-peer dissemination where required
peers were tagged up front before dissemination, however there was
no overall check to ensure that RequiredPeerCount was met. Prior
to FAB-15389, the check was handled deeper in the gossip dissemination.
Gossip still checks that each selected required peer disseminates
the private data.

This fix adds the overall RequiredPeerCount check for cases where
there are not enough known eligible peers.

Also, improvements are made to variable names, error messages, and
comments to make dissemination code easier to understand.

Signed-off-by: David Enyeart <enyeart@us.ibm.com>
manish-sethi pushed a commit that referenced this pull request Feb 25, 2020
…733)

If there were not enough known eligible peers to meet a private data
collection RequiredPeerCount, endorsement was succeeding rather
than returning an error.

This was a regression caused by FAB-15389 in v1.4.4.
FAB-15389 shifted entirely to per-peer dissemination where required
peers were tagged up front before dissemination, however there was
no overall check to ensure that RequiredPeerCount was met. Prior
to FAB-15389, the check was handled deeper in the gossip dissemination.
Gossip still checks that each selected required peer disseminates
the private data.

This fix adds the overall RequiredPeerCount check for cases where
there are not enough known eligible peers.

Also, improvements are made to variable names, error messages, and
comments to make dissemination code easier to understand.

Signed-off-by: David Enyeart <enyeart@us.ibm.com>
C0rWin pushed a commit to C0rWin/fabric that referenced this pull request Sep 15, 2020
…edger#716) (hyperledger#733)

If there were not enough known eligible peers to meet a private data
collection RequiredPeerCount, endorsement was succeeding rather
than returning an error.

This was a regression caused by FAB-15389 in v1.4.4.
FAB-15389 shifted entirely to per-peer dissemination where required
peers were tagged up front before dissemination, however there was
no overall check to ensure that RequiredPeerCount was met. Prior
to FAB-15389, the check was handled deeper in the gossip dissemination.
Gossip still checks that each selected required peer disseminates
the private data.

This fix adds the overall RequiredPeerCount check for cases where
there are not enough known eligible peers.

Also, improvements are made to variable names, error messages, and
comments to make dissemination code easier to understand.

Signed-off-by: David Enyeart <enyeart@us.ibm.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants