Page MenuHomePhabricator
Create Task
Maniphest T251378

Chaos Engineering - Stop for x hours one or more mc10xx memcached shards
Closed, ResolvedPublic
Actions

Description

Since we are now using a Gutter pool, it would be great to set up a controlled outage to verify the following:

  • since mc-gp100[1-3] (the gutter pool hosts) are running Buster with Memcached 1.5.x, it would be great to see if settings are ok and if it behaves as we expect (memcached changes a lot from our version, 1.4.x, to 1.5.x)
  • mcrouter's behavior during a long outage

The idea is to verify that our infrastructure is now resilient to shards going down without live testing it on a Sunday morning :)

If this test goes as expected, we could think about the re-image of one memcached shard to Buster!

Related Objects
Search...

Event Timeline

elukey created this task.Apr 29 2020, 8:57 AM
Restricted Application removed a project: Patch-For-Review. · View Herald TranscriptApr 29 2020, 8:57 AM
elukey updated the task description. (Show Details)Apr 29 2020, 8:58 AM
Joe added a comment.Apr 29 2020, 9:04 AM

I think we should run 3 different tests, and I would run them for 1 host first.

  • Stop memcached completely
  • drop all packets directed to port 11211
  • drop a percentage of packets incoming and outgoing
colewhite triaged this task as Medium priority.May 5 2020, 4:21 PM
Joe added a comment.May 6 2020, 4:39 AM

@elukey let's schedule this test for 6:00Z on monday, May 11th?

CDanis subscribed.May 6 2020, 5:00 AM
jijiki awarded a token.May 6 2020, 3:18 PM
elukey added a comment.May 7 2020, 6:19 AM
In T251378#6111482, @Joe wrote:

@elukey let's schedule this test for 6:00Z on monday, May 11th?

+1

Stashbot added a comment.May 11 2020, 7:09 AM

Mentioned in SAL (#wikimedia-operations) [2020-05-11T07:08:59Z] <_joe_> dropping requests to mc1020 via a firewall rule T251378

Stashbot added a comment.May 11 2020, 8:30 AM

Mentioned in SAL (#wikimedia-operations) [2020-05-11T08:30:03Z] <_joe_> removing the iptables DROP rule on mc1020 T251378

Joe closed this task as Resolved.May 11 2020, 8:39 AM
Joe claimed this task.

We ran this test, and it passed with flying colors:

  • A transient peak of memcached errors, lasting less than 1 minute
  • The gutter pool picks up the slack pretty fast
  • No noticeable effect on latency.
  • The cache hit ratio on the gutter pool was good (88% after less than one hour in the pool, but probably capped around that value by the 10 minutes TTL)
  • As soon as the server became available again, the memcached traffic went back quickly but not instantly, in the span of ~ 2 minutes. This also eases the risk of thundering herds from the deletes that get replayed.
elukey mentioned this in T252391: Reimage one memcached shard per DC to Buster.May 11 2020, 10:23 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL