feat(meta): support meta store recovery #6737
Conversation
153b9dc to
413e909
Compare
413e909 to
1afeefa
Compare
Codecov Report
@@ Coverage Diff @@
## main #6737 +/- ##
==========================================
+ Coverage 73.22% 73.25% +0.03%
==========================================
Files 1026 1032 +6
Lines 164174 164627 +453
==========================================
+ Hits 120215 120603 +388
- Misses 43959 44024 +65
Flags with carried forward coverage won't be shown. Click here to find out more.
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
# Conflicts: # risedev.yml
| Self { | ||
| id, | ||
| hummock_version_id: v.id, | ||
| ssts: v.get_sst_ids(), |
There was a problem hiding this comment.
Does SSTs in uncleaned versions before v need to be stored?
There was a problem hiding this comment.
From the perspective of the newly restored cluster, SSTs in uncleaned versions of previous cluster are treated as orphan SSTs and can be deleted via full GC, as it is completely unaware of these uncleaned versions.
Compared with taking care of these SSTs in backup/recovery procedure, I think current implementation would be simpler.
hzxa21
left a comment
There was a problem hiding this comment.
Overall LGTM. Many tricky corner cases are covered. Great job!
I left some comments but they are not big issues so it is okay to merge this PR first.
| let job_status = meta_client.get_backup_job_status(job_id).await?; | ||
| match job_status { | ||
| BackupJobStatus::Running => { | ||
| tracing::info!("backup job is still running: job {}", job_id); |
There was a problem hiding this comment.
should we print out the result instead?
| .enable_all() | ||
| .build() | ||
| .unwrap() | ||
| .block_on(risingwave_meta::backup_restore::restore(opts)) |
There was a problem hiding this comment.
Just a note: I am thinking whether we should have a mechnism to check whether the cluster functions as expected after restore. Maybe we should try to query the pg_catalog tables. This can also be done externally.
| .finish_backup_job(job_id, BackupJobResult::Failed(e)) | ||
| .await; | ||
| } | ||
| let job_result = job.await.unwrap_or_else(BackupJobResult::Failed); |
There was a problem hiding this comment.
Do we need a way to GC snapshot objects for the failed jobs? Given that the objects are small, to keep it simple, I think exposing a metric and doing the GC manually seems okay to me.
|
|
||
| pub enum BackupJobResult { | ||
| Finished, | ||
| Succeeded, |
There was a problem hiding this comment.
We need to expose some metrics for backup and restore (e.g. success/fail rate, elasped time, ...)
| } | ||
|
|
||
| async fn restore_metadata<S: MetaStore>(meta_store: S, snapshot: MetaSnapshot) -> BackupResult<()> { | ||
| restore_default_cf(&meta_store, &snapshot).await?; |
There was a problem hiding this comment.
Do we need to guarantee the atomicity of restoring different parts of the metadata? In other words, do we need to wrap restore_metadata_model in a meta transaction?
There was a problem hiding this comment.
Do we need to guarantee the atomicity of restoring different parts of the metadata? In other words, do we need to wrap
restore_metadata_modelin a meta transaction?
why? I think while restore_metadata is called, there will not be other tasks.
There was a problem hiding this comment.
I am mainly thinking about simplifying metadata cleanup when restore fails after some of the metadata has been written to etcd. Doing it manually also looks acceptable to me.
| /// `HummockVersionSafePoint` prevents hummock versions GE than it from being GC. | ||
| /// It's used by meta node itself to temporarily pin versions. | ||
| #[derive(Clone, PartialEq, Eq)] | ||
| pub struct HummockVersionSafePoint { |
There was a problem hiding this comment.
Better add a metric for the min safe point so that if min pinned id is stuck we know whether it is caused by backup or CN version pin.
Add metrics for backup manager, as a follow-up to #6737. Also refactor backup integration test, to avoid unnecessary compilation of risectl. <img width="1459" alt="Screen Shot 2022-12-14 at 12 41 45 PM" src="https://user-images.githubusercontent.com/70626450/207508448-73f9ad49-f1af-4995-9c17-48a6bb52b36a.png"> u64 watermark like min safe point is displayed as -1, as prometheus IntCounter is i64. <img width="733" alt="Screen Shot 2022-12-14 at 12 42 29 PM" src="https://user-images.githubusercontent.com/70626450/207508456-1a5dbbd4-216e-437b-8e72-5fd2710463a1.png"> Approved-By: hzxa21 Co-Authored-By: zwang28 <[email protected]>
I hereby agree to the terms of the Singularity Data, Inc. Contributor License Agreement.
What's changed and what's your intention?
This is the restoring part of meta backup&restore. The PR looks a bit huge, but lots line changes are test or generated files:
backup-restore, which is used to restore meta snapshot to an empty meta store.backup-metaanddelete-meta-snapshots, which are used to create and delete meta snapshot respectively, via meta service../risedev meta-backup-restore-test. Included in CI daily test.Checklist
./risedev check(or alias,./risedev c)Documentation
If your pull request contains user-facing changes, please specify the types of the changes, and create a release note. Otherwise, please feel free to remove this section.
Types of user-facing changes
Please keep the types that apply to your changes, and remove those that do not apply.
Release note
Add support for meta store backup and recovery.
Refer to a related PR or issue link (optional)
#6482