From dd5843d1b135f3fd57019ab4834a062b8d8c655b Mon Sep 17 00:00:00 2001 From: Tobias Schottdorf Date: Wed, 21 Aug 2019 11:34:21 +0200 Subject: [PATCH] raft: clarify ApplyConfChange contract for rejected conf changes Apps typically maintain the raft configuration as part of the state machine. As a result, they want to be able to reject configuration change entries at apply time based on the state on which the entry is supposed to be applied. When this happens, the app should not call ApplyConfChange, but the comments did not make this clear. As a result, it was tempting to pass an empty pb.ConfChange or it's V2 version instead of not calling ApplyConfChange. However, an empty V1 or V2 proto aren't noops when the configuration is joint: an empty V1 change is treated internally as a single configuration change for NodeID zero and will cause a panic when applied in a joint state. An empty V2 proto is treated as a signal to leave a joint state, which means that the app's config and raft's would diverge. The comments updated in this commit now ask users to not call ApplyConfState when they reject a conf change. Apps that never use joint consensus can keep their old behavior since the distinction only matters when in a joint state, but we don't want to encourage that. --- raft/node.go | 4 +++- raft/rawnode.go | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/raft/node.go b/raft/node.go index ab6185b99ec..28579c9ca81 100644 --- a/raft/node.go +++ b/raft/node.go @@ -168,7 +168,9 @@ type Node interface { Advance() // ApplyConfChange applies a config change (previously passed to // ProposeConfChange) to the node. This must be called whenever a config - // change is observed in Ready.CommittedEntries. + // change is observed in Ready.CommittedEntries, except when the app decides + // to reject the configuration change (i.e. treats it as a noop instead), in + // which case it must not be called. // // Returns an opaque non-nil ConfState protobuf which must be recorded in // snapshots. diff --git a/raft/rawnode.go b/raft/rawnode.go index 90eb69493c6..3ee52e0bb04 100644 --- a/raft/rawnode.go +++ b/raft/rawnode.go @@ -98,7 +98,9 @@ func (rn *RawNode) ProposeConfChange(cc pb.ConfChangeI) error { return rn.raft.Step(m) } -// ApplyConfChange applies a config change to the local node. +// ApplyConfChange applies a config change to the local node. The app must call +// this when it applies a configuration change, except when it decides to reject +// the configuration change, in which case no call must take place. func (rn *RawNode) ApplyConfChange(cc pb.ConfChangeI) *pb.ConfState { cs := rn.raft.applyConfChange(cc.AsV2()) return &cs