[Updates] Create 'volta-migrate' binary to handle layout migrations #590
Conversation
charlespierce
changed the title
charlespierce
force-pushed
the
volta_migrate
branch
from
c67f101
to
b0aec07
Compare
This particular point is super important to me, can you explain (at a high level) how the check can be done without doing a bunch of extra I/O during the "hot path" of a specific shim/tool execution? |
|
@rwjblue Absolutely! We're using a marker file that indicates the current layout (at the moment, it's |
Gotcha, thank you! So I'm still confused on the exact I/O operations that we expect in various cases. Instead of guessing, I thought maybe we could chat through various scenarios, do you mind? Assuming that is fine, here are a few scenarios that I had in mind:
|
|
Hmm, as I re-read what you said in your reply:
It seems that I misunderstood/misread. Is it correct to say that in the hot path (e.g. |
|
@rwjblue That’s it exactly. To ensure we’re on the correct layout version, we check for the current layout file. If that isn’t there, then we launch |
charlespierce
force-pushed
the
volta_migrate
branch
3 times, most recently
from
ff7b5d5
to
a74f1c2
Compare
charlespierce
force-pushed
the
volta_migrate
branch
from
92f1b07
to
9c036f7
Compare
|
Closing and reopening to debug CI not starting |
There was a problem hiding this comment.
This is awesome! I'm so excited to have auto-migrations coming. I honestly thought it was much further away, but you made it happen. :D
I left some questions and suggestions, but I'm not entirely confident of all of my feedback. Happy to discuss!
One overall comment: feature flags make it a little easier to break up PRs. This one is about 1k lines of changes. It's pretty daunting to review -- in the future you might want to aim to chunk it up a little more.
| fn regenerate_shims_for_dir(dir: &Path) -> Fallible<()> { | ||
| debug!("Rebuilding shims"); | ||
| for shim_name in get_shim_list_deduped(dir)?.iter() { | ||
| shim::delete(shim_name)?; |
There was a problem hiding this comment.
I don't quite see how deleting and recreating makes it possible to gracefully restart. Is the idea that anything you delete is recreate-able? I'm just a little nervous you could delete some data somewhere along the line that you can't recreate.
Would it be safer to recreate/copy everything fresh to a temp directory and then have an atomic (or almost-atomic, anyway) directory swap at the end?
There was a problem hiding this comment.
That's a good point that this isn't going support graceful restarting. Since the shims are symlinks, the only way (I believe) to re-target them is to remove and recreate them. For these specifically, I think we can probably do a temp directory version, since we can read through the existing directory, create whatever contents / shims we need in the temp, and then swap them over.
I initially wanted this (and the writing of the layout file) to be separated from individual migrations since it would potentially be duplicating work to have them run with each "step". However, thinking more deeply, we actually do want these operations to happen at each migration, because that lets the graceful restart actually apply happen: Any migrations that have completed will be skipped on subsequent restarts, leaving only the remaining work. It also prevents us from missing a regeneration of the shims or having to include it in every migration.
There was a problem hiding this comment.
Letting this percolate overnight and looking at the code this morning, I'm actually not sure there is a more "restartable" solution. The issue with a temporary directory is that if we get a failure during removing the existing directory or while renameing the temp directory, we lose all the contents of the shim directory (which could also include the volta binaries themselves). While this approach of removing and re-creating the shims has more potential points of failure, each failure will only affect a single shim, as opposed to the entire directory. This means at worst (if we successfully delete a shim but then fail to re-create it), we lose information about a single shim, and the error should give information about which shim failed.
It won't be an easy thing to recover from, but it will be easier than if we failed the operation in a way that lost all of the information about the shim directory at once.
|
@dherman There was a lot of discussion on Discord about the concurrency problems and corruption, but are there any outstanding concerns about this PR? I'm happy to address if we want to make changes before merging, I'm just not 100% sure where we landed, as there were a lot of hard problems discussed 😄 |
Closes #566
Info
voltaandvolta-shim) from growing unbounded in size as we add more migrations.Changes
volta-migratethat is responsible for performing the actual migration. This executable is called byvoltaand the shims if a discrepancy is detected between the binaries and the current layout.volta-migratethat contains the migration logic, including detecting the specific current layout and executing any migrations that are needed.volta-migratealong side the other binaries.Notes