-
Notifications
You must be signed in to change notification settings - Fork 233
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bugfix/cldsrv 553 #5569
Closed
Closed
Bugfix/cldsrv 553 #5569
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
A corner case was found, where any PUT from the cold backend would fail if the quota is already exceeded, as the storage was reserved for the restore, but the restore itself requires some more bytes as inflights when evaluating quotas. By passing a flag in the quota evaluation function, we ensure that we can, in these cases, evaluate the quotas with 0 inflight. Thus, we compare the quota with the current bytes usage minus the reserved space. This solution is not optimal as it is expected that the quota will never exceed the limit by a lot: at the end, we might allow all objects to be restored. This case can happen only if some inflights were lost due to the limitations of the metrics update frequency. A better solution would use the total number of reserved space bytes, and perfor the following operation: utilizationMetrics - restoringBytes + currentObjectBytes <= quota In this case, we can better account for the real reserved space. This will be a second iteration.
When the API is being called by a cold backend, the x-scal-s3-version-id header is set. In this case, the quotas must be evaluated with a 0 inflight.
Hello williamlardier,My role is to assist you with the merge of this Available options
Available commands
Status report is not available. |
Jira issue not foundThe Jira issue CLDSRV-553 was not found. |
See #5570 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes a limitation during a corner case, when restoring an object within account/bucket with enabled exceeded quota:
RestoreObject
x-scal-s3-version-id
). But then tries to increase the inflights: in this case, if the quota is exceeded already, or the bytes are near to the limit, we fail, even if the space was reserved.This PR introduces a way to detect DMF calls (the specific header) and, in this case, only check the quotas, without increasing the in-flights.
We compare the quota with the current bytes usage minus the reserved space. This ensure that any already-exceeded quota won't block the operation, as the space was reserved.
This solution is not optimal as it is expected that the quota will never exceed the limit by a lot: at the end, we might allow all objects to be restored. But this case can happen only if some in-flights were lost due to the limitations of the metrics update frequency.
A better solution to account for our limitation would use the total number of reserved space bytes, and perform the following operation:
In this case, we can better account for the real reserved space: we keep track of the reserved bytes, and thus restores will not exceed space already used by other operations before.
This will be done in a second iteration: for now, we consider that the reserved space is reserved, and lost in-flights are part of the known limitations of the feature.
Alternatively, we can decide to not subtract the current bytes with the current object to restore' size: but in this case, any quota exceeded will deny the request.