[SERVER-79337] [Serverless] Audit v7.0 featureFlag Created: 25/Jul/23  Updated: 26/Jan/24

Status: Backlog
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major - P3
Reporter: Randolph Tan Assignee: Backlog - Service Architecture
Resolution: Unresolved Votes: 0
Labels: ntdi_must_have
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
is related to SERVER-79317 Provide more documentation and helper... Closed
Assigned Teams:
Service Arch
Participants:
Story Points: 1

 Description   

Intial sync can temporarily reset the fcv value to uninitialized and sets the new value afterwards. This can cause call sites trying to inspect the fcv value to hit this invariant. We need to audit feature flag usage and determine if the feature flag check can be run during initial sync:

If it can never be called when initial sync is running, do nothing. Note that this can be tricky to prove as we once thought the catalog cache loader can never be run while initial sync is happening but it can.

If it might get run during initial sync, this could be the case if the feature is run during initial sync itself, if the feature is in a background thread that runs during initial sync, or if the feature is run in a command that is allowed during initial sync, such as hello, serverStatus, etc. In this case, use one of these options:

  • Use isEnabledUseLastLTSFCVWhenUninitialized. It checks against the last LTS FCV version if the FCV version is unset, but note that this could result in the feature not being turned on even though the FCV will be set to latest once initial sync is complete.
  • Use isEnabledUseLatestFCVWhenUninitialized. This instead checks against the latest FCV version if the FCV version is unset, but note that this could result in the feature being turned on even though the FCV has not been upgraded yet and will be set to lastLTS once initial sync is complete.
  • Write your own special logic to avoid the invariant (for example, waiting for the FCV to become initialized before checking isEnabled, or uasserting instead of invariant-ing)

See this section of the README

gFeatureFlagRequireTenantID



 Comments   
Comment by Sophia Tan [ 22/Sep/23 ]

randolph@mongodb.com How to trigger the temporarily reset during initial sync so that we can have a test case to verify the code behaviors which depend on gFeatureFlagRequireTenantID?  

Comment by Sophia Tan [ 14/Sep/23 ]

randolph@mongodb.com Thank you! 

From my understanding, this happens at the very beginning of initial sync. Not when it transitions to secondary and starts applying oplog.

I think we are safe as the gFeatureFlagRequireTenantID is only used during writing and applying oplog entries. 

Also, the feature flag will not be enabled until v7.2. We can defer this ticket to v7.2.

CC:  matt.broadstone@mongodb.com, didier.nadeau@mongodb.com 

Comment by Randolph Tan [ 21/Aug/23 ]

No particular date

Comment by Steven Vannelli [ 21/Aug/23 ]

randolph@mongodb.com is there a date this is needed by?

cc sophia.tan@mongodb.com

Generated at Thu Feb 08 06:40:43 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.