Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-55451

Create (or reuse) the named FIFO proxy to simulate mongod process entering uninterruptible sleep state

XMLWordPrintableJSON

    • Type: Icon: Improvement Improvement
    • Resolution: Won't Fix
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: None
    • Labels:
      None
    • Storage Engines

      Background

      In HELP ticket I suspect the scenario when a faulty disk made all disk I/O to be blocked for indefinite time, which caused the process to enter the uninterruptible sleep state. The main culprit of this state is that when SIGKILL is issued the process is not killed because it's blocked on a syscall. The user killed the primary mongod server with -9 but it was not killed. After 13 minutes after SIGKILL, the user had to shut down the Amazon EC2 instance to break down hung sessions from multiple mongos proxies to the faulty primary.

      More background on why `kill -9` will never kill the process in the uninterruptible sleep state:
      https://askubuntu.com/questions/59811/kill-pid-not-really-killing-the-process-why

      Various tricks people use to simulate the uninterruptible sleep state:
      https://unix.stackexchange.com/questions/134888/simulate-an-unkillable-process-in-d-state

      More background on why kernel prevents killing process in this kind of state:
      https://stackoverflow.com/questions/223644/what-is-an-uninterruptible-process

      and LWN article: https://lwn.net/Articles/288056/

      Proposal

      The trick we can use is the idea that a named FIFO pipe is also a blocked syscall that will make the process uninterruptible if there is no data for some time. Two changes are needed:

      1. We need to either write or reuse a proxy server between FIFO and hard disk. It will present itself as multiple named pipes, and redirect each pipe to a file on hard disk.

      2. Modify mongod / WT to detect a special file format and ping the FIFO proxy with special command instead of creating a new file itself. The proxy should listen for those requests and create a new FIFO when asked. Then mongod can open the FIFO like a regular file, the rest of the code is unchanged.

      To simulate the outage, the FIFO proxy should be instructed to stop replying to R/W requests.

      Not the same as network proxy

      Please note that we already have mongobridge to simulate network errors, however this is not the same. The mongo bridge cannot make the outage in the mongod, it can only make the client to think that mongod has an outage, which is very different from the scenario in HELP ticket.

            Assignee:
            backlog-server-storage-engines [DO NOT USE] Backlog - Storage Engines Team
            Reporter:
            andrew.shuvalov@mongodb.com Andrew Shuvalov (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: