Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-99782

Read-your-own-writes guarantee for a cross-shard transaction if the client recovers the decision from the recovery shard that is not also a coordinator shard

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Unresolved
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: None
    • None
    • Replication
    • ALL

      Consider a sharded cluster with shard0, shard1, shard2.

      1. Let's say a client runs a transaction with 3 statements via mongos0. The first one is a read that targets shard0. The second one is a write that targets shard1. The third one is a write that targets shard2. By design, shard0 is chosen as the coordinator shard since it is first participant shard in the transaction and shard1 is chosen as the recovery shard since it is first participant shard in the transaction that performs a write.
      2. The client runs commitTransaction via mongos0. mongos0 hands off the two-phase commit to shard0 (coordinator) which sends prepareTransaction and then commitTransaction to shard0, shard1, shard2.
      3. While the transaction is being committed, the client loses the connection to mongos0 so it retries the commitTransaction against mongos1 with the recoveryToken attached.
      4. To recover the commit decision, mongos1 sends coordinateCommit with empty participant list to shard1. shard1 is not the coordinator so the decision is recovered from the local TransactionParticipant. If at that point, shard1 has already received the commitTransaction command from shard0 (coordinator) and committed the transaction locally, the coordinatorCommit command would immediately return whether the transaction has been committed globally (e.g. on shard2). If the client performs a read immediately after (without providing afterClusterTime >= commitTimestamp) before shard2 commits the transaction, then the read would not see the write against shard2. This breaks the read-your-own-writes guarantee. 

      In short, for a transaction that involves writing to multiple shards, if the recovery shard is not also the coordinator shard, then read-your-own-writes is only guaranteed in sessions with "causalConsistency" enabled. Please note that this issue doesn't impact the case where the recovery shard is also the coordinator shard, since in that case the commit decision would be recovered from the TransactionCoordinatorService which does wait for all participant shards to have committed the transaction. 

            Assignee:
            Unassigned Unassigned
            Reporter:
            cheahuychou.mao@mongodb.com Cheahuychou Mao
            Votes:
            0 Vote for this issue
            Watchers:
            11 Start watching this issue

              Created:
              Updated: