Page MenuHomePhabricator
Create Task
Maniphest T260889

confd's watch functionality appears to be partially broken when interacting with etcd 3.x
Closed, ResolvedPublic
Actions

Description

confd is still reading data from etcd using the v2 datastore, so it's calling

https://{host}:4001/v2/keys/{key path}?watch=true

it appears that if we change multiple keys in rapid sequence (this happens when confctl changes multiple records in one command), confd will only see the first one changing and miss the next updates.

This means, amongst other things, that we could miss critical changes to the discovery dns, or even to the varnish backends.

As a stopgap solution I propose we switch all instances from using watch to have a polling interval of 3 seconds, while we figure out what's wrong.

Details

ProjectBranchLines +/-Subject
operations/puppetproduction+3 -3confd: only read from the master during the switchover
operations/software/spicerackmaster+2 -2dnsdisc: change retry logic
operations/puppetproduction+2 -6confd: use -interval 3 as a lower bound in all datacenters
operations/puppetproduction+6 -0confd: disable -watch for machines connected to etcd 3.x
Customize query in gerrit

Event Timeline

Joe created this task.Aug 20 2020, 9:46 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 20 2020, 9:46 AM
Joe triaged this task as High priority.Aug 20 2020, 9:46 AM
Joe added a project: Traffic.Aug 20 2020, 9:56 AM

Adding traffic as their systems are the ones affected.

Vgutierrez moved this task from Backlog to LoadBalancer on the Traffic board.Aug 20 2020, 9:58 AM
Vgutierrez added a subscriber: Vgutierrez.
gerritbot added a comment.Aug 20 2020, 10:37 AM

Change 621484 had a related patch set uploaded (by Giuseppe Lavagetto; owner: Giuseppe Lavagetto):
[operations/puppet@production] confd: disable -watch for machines connected to etcd 3.x

https://gerrit.wikimedia.org/r/621484

gerritbot added a project: Patch-For-Review.Aug 20 2020, 10:37 AM
gerritbot added a comment.Aug 24 2020, 1:08 PM

Change 621484 merged by Giuseppe Lavagetto:
[operations/puppet@production] confd: disable -watch for machines connected to etcd 3.x

https://gerrit.wikimedia.org/r/621484

Maintenance_bot removed a project: Patch-For-Review.Aug 24 2020, 1:10 PM
Joe added a comment.Aug 25 2020, 8:55 AM

For the record, the problem is more general, and also affects servers connecting to etcd 2.x - the watch functionality seem to be completely broken in confd when dealing with fast, subsequent updates.

gerritbot added a comment.Aug 25 2020, 8:59 AM

Change 622314 had a related patch set uploaded (by Giuseppe Lavagetto; owner: Giuseppe Lavagetto):
[operations/puppet@production] confd: use -interval 3 as a lower bound in all datacenters

https://gerrit.wikimedia.org/r/622314

gerritbot added a project: Patch-For-Review.Aug 25 2020, 8:59 AM
gerritbot added a comment.Aug 25 2020, 9:05 AM

Change 622314 merged by Giuseppe Lavagetto:
[operations/puppet@production] confd: use -interval 3 as a lower bound in all datacenters

https://gerrit.wikimedia.org/r/622314

Joe updated the task description. (Show Details)Aug 26 2020, 7:01 AM
Joe added a comment.Aug 26 2020, 7:09 AM

After more digging, it seems the problem always existed, and it has to do with how confd watches for changes.

Specifically you can see here:

https://github.com/kelseyhightower/confd/blob/34a6ce8897ab3bde10f49c30c815fe496d592860/backends/etcd/client.go#L118

that if a waitIndex is present, it's ignored in the first request at line 127 that creates the watcher. This means that if WatchPrefix returns and the result is processed in a time that exceeds the time it takes to etcd to write the next value, the next iteration of WatchPrefix will start anew from the latest update, losing whatever happened in the meanwhile.

I'm convinced this could be patched relatively easily - probably not in time for the switchover, but we should definitely try to fix this.

gerritbot added a comment.Aug 31 2020, 7:02 AM

Change 623228 had a related patch set uploaded (by Giuseppe Lavagetto; owner: Giuseppe Lavagetto):
[operations/software/spicerack@master] dnsdisc: change retry logic

https://gerrit.wikimedia.org/r/623228

gerritbot added a comment.Aug 31 2020, 7:11 AM

Change 623228 merged by Volans:
[operations/software/spicerack@master] dnsdisc: change retry logic

https://gerrit.wikimedia.org/r/623228

Volans added a subscriber: Volans.Aug 31 2020, 7:17 PM

After today's failure of the check_ttl step in the switchdc of the services, I had a chat with Brandon on the gdnsd side and it seems that there shouldn't be any different behaviour in the handling of the TTL vs the UP/DOWN state.
After that I took a look at the logs in the different involved hosts.

On cumin1001 the failure was due to:

2020-08-31 14:12:08,407 rzl 8957 [DEBUG dnsdisc.py:209 in resolve] [authdns2001.wikimedia.org] search -> 10.2.2.30 TTL 300

where we were expecting a TTL of 10.

On authdns1001, the confd changes were applied all within 1s at 14:11:40, while on authdns2001 the changes started at 14:11:40 but the last one was at 14:12:07, a whole 27s after the first one.

Looking at conf2002 logs, I found that etcdmirror-conftool-eqiad-wmnet logs started to replicate keys at 14:11:39 and seems to end at 14:12:03 (I say seems because it restarts at 14:13:09 replicating the same keys again).

This might explain the delay and seems to point to etcd-mirror as a possible culprit but I don't had time to investigate it more right now, but wanted to share this update with you.

Joe added a comment.Sep 1 2020, 8:44 AM

etcd-mirror is ok, it's just that writes need to be serialized and etcd2 is orders of magnitude slower at doing that than etcd3.

As a workaround for the switchover, we'll just point all confds to eqiad.

gerritbot added a comment.Sep 1 2020, 8:45 AM

Change 623535 had a related patch set uploaded (by Giuseppe Lavagetto; owner: Giuseppe Lavagetto):
[operations/puppet@production] confd: only read from the master during the switchover

https://gerrit.wikimedia.org/r/623535

gerritbot added a comment.Sep 1 2020, 9:33 AM

Change 623535 merged by Giuseppe Lavagetto:
[operations/puppet@production] confd: only read from the master during the switchover

https://gerrit.wikimedia.org/r/623535

ArielGlenn removed a project: Patch-For-Review.Sep 28 2020, 12:04 PM
BBlack edited projects, added Traffic-Icebox; removed Traffic.Sep 1 2021, 11:21 PM
BBlack added a subscriber: BBlack.

The swap of Traffic for Traffic-Icebox in this ticket's set of tags was based on a bulk action for all such tickets that haven't been updated in 6 months or more. This does not imply any human judgement about the validity or importance of the task, and is simply the first step in a larger task cleanup effort. Further manual triage and/or requests for updates will happen this month for all such tickets. For more detail, have a look at the extended explanation on the main page of Traffic-Icebox . Thank you!

BBlack moved this task from Backlog to Close or Untag? on the Traffic-Icebox board.Apr 13 2022, 8:22 PM
jijiki moved this task from Incoming 🐫 to 🙈🙉🙊Backlog on the serviceops board.Sep 28 2022, 2:27 PM
jijiki moved this task from 🙈🙉🙊Backlog to 💾 Datastores on the serviceops board.Nov 17 2022, 4:20 PM
BCornwall added a subscriber: BCornwall.Mar 29 2023, 6:21 PM

@Joe, thank you for all the work on this ticket! Would you say that this is resolved since the CRs have all been merged?

BCornwall changed the task status from Open to Stalled.Mar 29 2023, 6:22 PM
BCornwall assigned this task to Joe.
BCornwall closed this task as Resolved.May 2 2023, 8:16 PM
Content licensed under Creative Commons Attribution-ShareAlike 4.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL