<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:24:15 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[DRIVERS-1904] Handle invalid $clusterTime documents when gossiping cluster time</title>
                <link>https://jira.mongodb.org/browse/DRIVERS-1904</link>
                <project id="10980" key="DRIVERS">Drivers</project>
                    <description>&lt;div class=&quot;panel&quot; style=&quot;background-color: #fafbfc;border-color: #21313c;border-style: solid;border-width: 1px;&quot;&gt;&lt;div class=&quot;panelContent&quot; style=&quot;background-color: #fafbfc;&quot;&gt;
&lt;h3&gt;&lt;a name=&quot;Summary&quot;&gt;&lt;/a&gt;&lt;b&gt;Summary&lt;/b&gt;&lt;/h3&gt;
&lt;p&gt;MongoDB 3.6+ replica sets and sharded clusters return a &lt;tt&gt;$clusterTime&lt;/tt&gt; document on all operations. Drivers are required to send the newest seen &lt;tt&gt;$clusterTime&lt;/tt&gt; document on all operations (called &lt;a href=&quot;https://github.com/mongodb/specifications/blob/master/source/sessions/driver-sessions.rst#gossipping-the-cluster-time&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;gossiping cluster time&lt;/a&gt;).&lt;/p&gt;

&lt;p&gt;E.g. &lt;tt&gt;$clusterTime&lt;/tt&gt; document:&lt;/p&gt;
&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;{&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;    &quot;$clusterTime&quot;: {&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;        &quot;clusterTime&quot;: {&quot;$timestamp&quot;: {&quot;t&quot;: &quot;1629939437&quot;,&quot;i&quot;: &quot;1&quot;}},&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;        &quot;signature&quot;: {&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;            &quot;hash&quot;: {&quot;$binary&quot;: {&quot;base64&quot;: &quot;XXXXXXXXXXXXXXXXXXXXXXXXXXX=&quot;,&quot;subType&quot;: &quot;00&quot;}},&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;            &quot;keyId&quot;: {&quot;$numberLong&quot;: &quot;6952215213588348932&quot;}&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;        }&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;    }&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;}&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;

&lt;p&gt;A server may respond with a &lt;tt&gt;$clusterTime&lt;/tt&gt; document containing a &lt;a href=&quot;https://github.com/mongodb/mongo/blob/43d2596424/src/mongo/db/service_entry_point_common.cpp#L345-L349&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;&quot;dummy signed&quot; cluster time&lt;/a&gt; that specifies &lt;tt&gt;keyId: 0&lt;/tt&gt;. If that happens, subsequent operations that gossip the new &lt;tt&gt;$clusterTime&lt;/tt&gt; document with &lt;tt&gt;keyId: 0&lt;/tt&gt; may get a &lt;tt&gt;KeyNotFound&lt;/tt&gt; server error instead of the expected operation result. New operations may continue to fail until a server response includes a newer &lt;tt&gt;$clusterTime&lt;/tt&gt; document (i.e. with a greater timestamp) containing a valid signature with valid &lt;tt&gt;keyId&lt;/tt&gt;.&lt;/p&gt;

&lt;p&gt;The proposed improved behavior when the server responds with a &lt;tt&gt;KeyNotFound&lt;/tt&gt; error (code 211):&lt;/p&gt;
&lt;ul&gt;
	&lt;li&gt;Drop the Client&apos;s stored &lt;tt&gt;$clusterTime&lt;/tt&gt; document (that we&apos;re assuming has a &lt;a href=&quot;https://github.com/mongodb/mongo/blob/43d2596424/src/mongo/db/service_entry_point_common.cpp#L345-L349&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;&quot;dummy signed&quot; cluster time&lt;/a&gt; with &lt;tt&gt;keyId: 0&lt;/tt&gt;).&lt;/li&gt;
	&lt;li&gt;Invalidate the current implicit session.&lt;/li&gt;
	&lt;li&gt;Retry the operation with a new implicit session.&lt;/li&gt;
&lt;/ul&gt;


&lt;h3&gt;&lt;a name=&quot;Motivation&quot;&gt;&lt;/a&gt;&lt;b&gt;Motivation&lt;/b&gt;&lt;/h3&gt;
&lt;h4&gt;&lt;a name=&quot;Whoistheaffectedenduser%3F&quot;&gt;&lt;/a&gt;Who is the affected end user?&lt;/h4&gt;
&lt;p&gt;Users who encounter the &lt;tt&gt;KeyNotFound&lt;/tt&gt; server error caused by receiving an invalid &lt;tt&gt;$clusterTime&lt;/tt&gt; document from the server while attempting to run operations. See &lt;a href=&quot;https://jira.mongodb.org/browse/GODRIVER-2127?jql=text%20~%20%22(KeyNotFound)%20Cache%20Reader%20No%20keys%20found%20for%20HMAC%20that%20is%20valid%20for%20time%3A%20*%20with%20id%3A%200%22%20ORDER%20BY%20created%20DESC&quot; class=&quot;external-link&quot; rel=&quot;nofollow&quot;&gt;related tickets&lt;/a&gt;&lt;/p&gt;

&lt;h4&gt;&lt;a name=&quot;Howdoesthisaffecttheenduser%3F&quot;&gt;&lt;/a&gt;How does this affect the end user?&lt;/h4&gt;
&lt;p&gt;Users who encounter the &lt;tt&gt;KeyNotFound&lt;/tt&gt; server error may encounter up to a 100% operation error rate until a server responds with a newer, valid &lt;tt&gt;$clusterTime&lt;/tt&gt; document. The cluster time is only advanced on a write operation, so the client&apos;s &lt;tt&gt;$clusterTime&lt;/tt&gt; document will be updated as soon as a write happens and the client performs another operation.&lt;/p&gt;

&lt;h4&gt;&lt;a name=&quot;Howlikelyisitthatthisproblemorusecasewilloccur%3F&quot;&gt;&lt;/a&gt;How likely is it that this problem or use case will occur?&lt;/h4&gt;
&lt;p&gt;Conditions required:&lt;/p&gt;
&lt;ul&gt;
	&lt;li&gt;The server must respond with a &quot;dummy signed&quot; &lt;tt&gt;$clusterTime&lt;/tt&gt; document with &lt;tt&gt;keyId: 0&lt;/tt&gt; in a replicaset or cluster that contains mixed authentication requirements (e.g. if &lt;a href=&quot;https://docs.mongodb.com/manual/tutorial/enforce-keyfile-access-control-in-existing-replica-set-without-downtime/&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;--transitionToAuth&lt;/a&gt; is enabled on some but not all nodes). Unknown frequency, but happens enough to get reported in &lt;a href=&quot;https://jira.mongodb.org/browse/GODRIVER-2127?jql=text%20~%20%22(KeyNotFound)%20Cache%20Reader%20No%20keys%20found%20for%20HMAC%20that%20is%20valid%20for%20time%3A%20*%20with%20id%3A%200%22%20ORDER%20BY%20created%20DESC&quot; class=&quot;external-link&quot; rel=&quot;nofollow&quot;&gt;numerous tickets&lt;/a&gt;.&lt;/li&gt;
	&lt;li&gt;The driver must store the new, invalid &lt;tt&gt;$clusterTime&lt;/tt&gt; document on the Client. The driver stores new &lt;tt&gt;$clusterTime&lt;/tt&gt; documents on the Client whenever the document has a greater timestamp than the one it currently has.&lt;/li&gt;
	&lt;li&gt;Other servers in the replicaset/cluster must have a &lt;tt&gt;$clusterTime&lt;/tt&gt; timestamp that is lower than the one in the &lt;tt&gt;$clusterTime&lt;/tt&gt; document stored on the Client.&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;If those conditions happen, when the driver sends any operation to a server that has a lower &lt;tt&gt;$clusterTime&lt;/tt&gt; timestamp, the server will respond with a &lt;tt&gt;KeyNotFound&lt;/tt&gt; error.&lt;/p&gt;

&lt;p&gt;Simplified example of what&apos;s happening:&lt;/p&gt;
&lt;ol&gt;
	&lt;li&gt;Create new driver Client. Client&apos;s cluster time doc is empty.&lt;/li&gt;
	&lt;li&gt;Send an &lt;tt&gt;Insert&lt;/tt&gt; operation to the primary with no auth enabled. Server responds, including a &quot;dummy signed&quot; &lt;tt&gt;$clusterTime&lt;/tt&gt; document with &lt;tt&gt;keyId: 0&lt;/tt&gt;. Driver stores the new cluster time doc on the Client.&lt;/li&gt;
	&lt;li&gt;Send a &lt;tt&gt;Find&lt;/tt&gt; operation to a secondary with &lt;tt&gt;--transitionToAuth&lt;/tt&gt; enabled and using an authenticated user. Client &lt;a href=&quot;https://github.com/mongodb/specifications/blob/master/source/sessions/driver-sessions.rst#gossipping-the-cluster-time&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;gossips cluster time&lt;/a&gt; by attaching the stored cluster time doc (with the &quot;dummy signed&quot; &lt;tt&gt;keyId&lt;/tt&gt;).&lt;/li&gt;
	&lt;li&gt;If the secondary has a lower local &lt;tt&gt;$clusterTime&lt;/tt&gt; timestamp, return a &lt;tt&gt;KeyNotFound&lt;/tt&gt; error.&lt;/li&gt;
&lt;/ol&gt;


&lt;h4&gt;&lt;a name=&quot;Iftheproblemdoesoccur%2Cwhataretheconsequencesandhowseverearethey%3F&quot;&gt;&lt;/a&gt;If the problem does occur, what are the consequences and how severe are they?&lt;/h4&gt;
&lt;p&gt;Some percentage of operations, up to 100%, will fail until the driver receives a new, valid &lt;tt&gt;$clusterTime&lt;/tt&gt; document from a server response (until another write happens that advances the cluster time). The percentage of operations that fail depends on the percentage of operations sent to servers that have a &lt;tt&gt;$clusterTime&lt;/tt&gt; timestamp lower than the one sent on the operation.&lt;/p&gt;

&lt;p&gt;For example, if the driver is sending all read/write operations to the primary server in a replicaset, it&apos;s unlikely to impossible that the Client has a &lt;tt&gt;$clusterTime&lt;/tt&gt; document that is newer than the one on the primary server because all &lt;tt&gt;$clusterTime&lt;/tt&gt; documents are coming from the primary server. However, if the driver is configured to send writes to a primary and reads to a secondary, a &lt;tt&gt;$clusterTime&lt;/tt&gt; document received from a primary could have a greater timestamp than the current &lt;tt&gt;$clusterTime&lt;/tt&gt; document on the secondary. Subsequent read operations sent to the secondary would include the newer &lt;tt&gt;$clusterTime&lt;/tt&gt; document and could cause a &lt;tt&gt;KeyNotFound&lt;/tt&gt; error if the &lt;tt&gt;keyId&lt;/tt&gt; on the &lt;tt&gt;$clusterTime&lt;/tt&gt; document is invalid.&lt;/p&gt;

&lt;h4&gt;&lt;a name=&quot;Isthisissueurgent%3F&quot;&gt;&lt;/a&gt;Is this issue urgent?&lt;/h4&gt;
&lt;p&gt;No.&lt;/p&gt;

&lt;h4&gt;&lt;a name=&quot;Isthisticketrequiredbyadownstreamteam%3F&quot;&gt;&lt;/a&gt;Is this ticket required by a downstream team?&lt;/h4&gt;
&lt;p&gt;No.&lt;/p&gt;

&lt;h4&gt;&lt;a name=&quot;Isthisticketonlyfortests%3F&quot;&gt;&lt;/a&gt;Is this ticket only for tests?&lt;/h4&gt;
&lt;p&gt;No.&lt;/p&gt;
&lt;/div&gt;&lt;/div&gt;</description>
                <environment></environment>
        <key id="1861956">DRIVERS-1904</key>
            <summary>Handle invalid $clusterTime documents when gossiping cluster time</summary>
                <type id="4" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14710&amp;avatarType=issuetype">Improvement</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="10038" iconUrl="https://jira.mongodb.org/images/icons/subtask.gif" description="">Backlog</status>
                    <statusCategory id="2" key="new" colorName="default"/>
                                    <resolution id="-1">Unresolved</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="matt.dale@mongodb.com">Matt Dale</reporter>
                        <labels>
                            <label>leads-triage</label>
                    </labels>
                <created>Fri, 27 Aug 2021 18:51:43 +0000</created>
                <updated>Thu, 31 Mar 2022 14:07:55 +0000</updated>
                                                                <component>Sessions</component>
                                        <votes>2</votes>
                                    <watches>9</watches>
                                                                                                                    <issuelinks>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                                                <inwardlinks description="is related to">
                                        <issuelink>
            <issuekey id="1961297">SERVER-62486</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="1946024">CDRIVER-4238</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="1849205">GODRIVER-2127</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                            <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                    <customfield id="customfield_10951" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Driver Changes</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10748"><![CDATA[Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hvwqvz:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        </customfields>
    </item>
</channel>
</rss>