Support secondary directory for log writing.

[LykxSassinator]

Brief Introduction

This pr is used to support the secondary directory feature, referred to ISSUE: #257.
It contains:

• Add an extra configuration sub-dir to enable this feature. Default is None, and if set with Some(...), this directory will be used if the main dir is full, specified by dir option.
• Add an extra class, named as StorageInfo in pipe.rs, to make this feature compatible to other existing features, i.e. recycle logs, recoverying and so on.

[LykxSassinator]

It's a prototype for closing #257, and all reasonable suggestions are acceptable.

And please hold on, I wanna refine it and make it more coherent.

[LykxSassinator]

It's a prototype for closing #257, and all reasonable suggestions are acceptable.

[codecov]

Codecov Report

Base: 97.64% // Head: 97.60% // Decreases project coverage by -0.03% ⚠️

Coverage data is based on head (6a276e5) compared to base (5f718cf).
Patch coverage: 95.79% of modified lines in pull request are covered.

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #261      +/-   ##
==========================================
- Coverage   97.64%   97.60%   -0.04%     
==========================================
  Files          30       30              
  Lines       10655    11250     +595     
==========================================
+ Hits        10404    10981     +577     
- Misses        251      269      +18     

Impacted Files	Coverage Δ
src/env/default.rs	90.42% <37.50%> (-1.84%)	⬇️
src/log_batch.rs	97.51% <78.12%> (-0.47%)	⬇️
src/file_pipe_log/pipe_builder.rs	95.96% <93.57%> (-0.25%)	⬇️
src/file_pipe_log/pipe.rs	98.37% <94.62%> (-1.13%)	⬇️
src/config.rs	97.10% <96.49%> (-0.24%)	⬇️
src/engine.rs	97.94% <100.00%> (+0.02%)	⬆️
src/util.rs	89.58% <100.00%> (+0.18%)	⬆️
tests/failpoints/test_engine.rs	99.88% <100.00%> (+0.03%)	⬆️
tests/failpoints/test_io_error.rs	100.00% <100.00%> (ø)
... and 3 more

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

[LykxSassinator]

@tabokie Please take a review, this is a prototype for implementing secondary dir. If this design is a bit confusing, we can briefly make a offline discussion later.

[LykxSassinator]

Please hold on, the design of it should be refined and polished, to simplify the whole structure.

[tabokie]

This is not enough. fsync failure will panic. You should propagate the maybe_sync error as well.

[tabokie]

I think letting leader do all the retrying is simpler. When a write fails with NOSPC, the leader will close the current active file (it internally truncates un-sync-ed parts), and create a new file and retry the whole write group.

[LykxSassinator]

I hold a different view on it.
As I do not expect the current writing group hanging on one LogBatch writing because of NOSPC err, I think the current leader should only be responsible for successfully written LogBatchs, and the followers, failed with NOSPC, should put them LogBatch into next writing group and wait for the next leader to do the append ops. And that's the core reason why I implemented the retry strategy.

[tabokie]

Why change so much in this function? Couldn't it work by just doing two fs::read_dir(path)?.for_each?

[LykxSassinator]

The modifications just tidy codes and split the procedure of scan into three parts. It's not approapriate to code it with two fs::read_dir(path)?.for_eachs, as the definition of cfg.secondary-dir is Option<String>.

[tabokie]

Let's not change the main code, because the updated version isn't more readable IMO. You can change the original scan to scan_dir, inside it you insert the file handle into a vector. After two scan_dir, you can sort and validate the vector.

[tabokie]

The change is still too big and I don't see a clear purpose. You can keep the scan_dir simple and short as before, and do the file handle initialization early, then sort the FileToRecover list afterwards.

[LykxSassinator]

In my view, I think it's more clear than before.

scan has been splited into the following steps:

1. scanning dir to get file_seq_range of append logs and rewrite logs

• scan_dir in Main dir;
• scan_dir in Secondary dir, if it had been specified by cfg.secondary-dir;

2. Check and clear stale metadata of logs

• clear_stale_metadata in Main dir;
• clear_stale_metadata in Secondary dir, if it had been specified by cfg.secondary-dir;

3. Build file_list vector;

Still confusing?

[tabokie]

There're two things here, one is to keep diff as short as possible. I do refactor all the time, but they are often centered around a change of abstraction (i.e. interaction between different modules, usually involves changing function interface and data types). I don't often refactor the internal implementation unless it significantly improves readability.

Then let's go to the code itself, is the readability improved? IMO it is not. The LOC increased 100%. And you introduced several types for the sake of refactoring (adding glue types usually indicates a bad abstraction). In particular I don't think the min_id/max_id approach is suitable anymore.

[LykxSassinator]

PTAL cc @tabokie , several modifications have been supplied according to previous suggestions.

[tabokie]

Let's not change the main code, because the updated version isn't more readable IMO. You can change the original scan to scan_dir, inside it you insert the file handle into a vector. After two scan_dir, you can sort and validate the vector.

[LykxSassinator]

After merging #269, activate this pr again.

Ping @tabokie .

[tabokie]

On a second thought, let's move checksum-ing of footer to LogBatch from LogItemBatch. This way we don't need to create two functions in LogItemBatch, and keep everything details together in LogBatch.

[tabokie]

The change is still too big and I don't see a clear purpose. You can keep the scan_dir simple and short as before, and do the file handle initialization early, then sort the FileToRecover list afterwards.

[tabokie]

StorageManager, and use path_id to refer to path instead of storage_type.

[tabokie]

path_id as in an integer. You can make the StorageManager manages a vector of directories, and you can also let it take care of directory lock as well. (Pass it to Pipe::open).

[tabokie]

This is not what I meant by "rotate inside pipe_log". The decision to rotate should be put inside pipe_log.

fn append() {
  let mut writer = self.writer.lock();
  let r = writer.write(bytes);
  if r.errorno == NOSPC {
    self.rotate_imp(&mut writer)?;
    return Err(TryAgain);
  }
  r
}

[tabokie]

Your new code won't work. Assuming it fails to clean up metadata for file N, on the next startup, it will not attempt to clean up all metadata for file n<N.

[tabokie]

Let me be more verbose this time:

struct PipeBuilder {
  // Only available after a successful `scan`.
  dir_manager: Option<Arc<DirectoryManager>>,
}
struct DirectoryManager {
  paths: Vec<PathBuf>,
  locks: Vec<File>,
}

fn scan(&self) {
  // setup directories 
  let mut dirs = DirectoryManager::new();
  dirs.add(self.cfg.dir)?;
  dirs.add(self.second_dir)?;
  for path_id in 0..dirs.len() {
    self.scan_dir(path_id, dirs[path_id]);
  }
  self.rewrite_files.sort();
  self.append_files.sort();
  for queue, files in [] {
    if files.is_empty() { continue; }
    // check consecutiveness
    let mut invalid_files = 0;
    let mut current_seq = files[0].seq;
    for (i, f) in files.enumerate() {
      if f.seq > current_seq {
        warn!("hole");
        current_seq = f.seq + 1;
        invalid_files = i;
      } else if f.seq < current_seq {
        return Error::InvalidArgument("Duplicate file");
      }
    }
    files.drain(..invalid_files);
    if files.is_empty() { continue; }
    // cleanup metadata
    let delete_start = {...}
    'cleanup: for seq in delete_start..files[0].seq {
      for path_id in 0..dirs.len() {
        if self.file_system.exists_metadata(dirs.path(path_id)) {
          if let Err(e) = self.file_system.delete_metadata() { ...; break 'cleanup; }
        }
      }
    }
  }

  self.dir_manager = Arc::new(dirs);
}

fn scan_dir(&self, path_id: u64, dir: &Path) {
  for f in fs::read_dir(dir) {
    self.rewrite_files.push(...);
  }
}

fn build(self) {
  SinglePipe::new(self.dir_manager.clone(), ...);
}

[LykxSassinator]

This pr is based on a too obsolete master branch, which needs to be rebase.

So, I've reviewed the previous comment and re-built another pr for tackling this issue.

[tabokie]

(Some pending comments from months ago)

[tabokie]

signature -> original checksum

[LykxSassinator]

This change on BufState::Sealed() has been refactored in the new PR.

[tabokie]

Lack coverage.

[LykxSassinator]

Same as above.

[tabokie]

Lack coverage.

[LykxSassinator]

Has been refactored here.

[tabokie]

Why the comment line break is changed?

[LykxSassinator]

Tackled in the new pr.

[tabokie]

Add another error type TryAgain.

[LykxSassinator]

Done.