mirror of
https://github.com/scylladb/scylladb.git
synced 2026-04-22 01:20:39 +00:00
e4b2dfb54d
The current implementation of the Alternator expiration (TTL) feature has each node scan for expired partitions in its own primary ranges. This means that while a node is down, items in its primary ranges will not get expired. But we note that doesn't have to be this way: If only a single node is down, and RF=3, the items that node owns are still readable with QUORUM - so these items can still be safely read and checked for expiration - and also deleted. This patch implements a fairly simple solution: When a node completes scanning its own primary ranges, also checks whether any of its *secondary* ranges (ranges where it is the *second* replica) has its primary owner down. For such ranges, this node will scan them as well. This secondary scan stops if the remote node comes back up, but in that case it may happen that both nodes will work on the same range at the same time. The risks in that are minimal, though, and amount to wasted work and duplicate deletion records in CDC. In the future we could avoid this by using LWT to claim ownership on a range being scanned. We have a new dtest (see a separate patch), alternator_ttl_tests.py:: TestAlternatorTTL::test_expiration_with_down_node, which reproduces this and verifies this fix. The test starts a 5-node cluster, with 1000 items with random tokens which are due to be expired immediately. The test expects to see all items expiring ASAP, but when one of the five nodes is brought down, this doesn't happen: Some of the items are not expired, until this patch is used. Fixes #9787 Signed-off-by: Nadav Har'El <nyh@scylladb.com> Message-Id: <20211222131933.406148-1-nyh@scylladb.com>