mirror of
https://github.com/neondatabase/neon.git
synced 2026-01-14 17:02:56 +00:00
1d81e70d60
## Problem On pageservers upgraded to enable generations, these INFO level logs were rather frequent. If a tenant timeline hasn't written new layers since the upgrade, it will emit the "No index_part.json*" log every time it starts. ## Summary of changes - Downgrade two log lines from info to debug - Add a tiny unit test that I wrote for sanity-checking that there wasn't something wrong with our Generation-comparing logic when loading index parts.
168 lines
5.2 KiB
Rust
168 lines
5.2 KiB
Rust
use std::fmt::Debug;
|
|
|
|
use serde::{Deserialize, Serialize};
|
|
|
|
/// Tenant generations are used to provide split-brain safety and allow
|
|
/// multiple pageservers to attach the same tenant concurrently.
|
|
///
|
|
/// See docs/rfcs/025-generation-numbers.md for detail on how generation
|
|
/// numbers are used.
|
|
#[derive(Copy, Clone, Eq, PartialEq, PartialOrd, Ord, Hash)]
|
|
pub enum Generation {
|
|
// Generations with this magic value will not add a suffix to S3 keys, and will not
|
|
// be included in persisted index_part.json. This value is only to be used
|
|
// during migration from pre-generation metadata to generation-aware metadata,
|
|
// and should eventually go away.
|
|
//
|
|
// A special Generation is used rather than always wrapping Generation in an Option,
|
|
// so that code handling generations doesn't have to be aware of the legacy
|
|
// case everywhere it touches a generation.
|
|
None,
|
|
// Generations with this magic value may never be used to construct S3 keys:
|
|
// we will panic if someone tries to. This is for Tenants in the "Broken" state,
|
|
// so that we can satisfy their constructor with a Generation without risking
|
|
// a code bug using it in an S3 write (broken tenants should never write)
|
|
Broken,
|
|
Valid(u32),
|
|
}
|
|
|
|
/// The Generation type represents a number associated with a Tenant, which
|
|
/// increments every time the tenant is attached to a new pageserver, or
|
|
/// an attached pageserver restarts.
|
|
///
|
|
/// It is included as a suffix in S3 keys, as a protection against split-brain
|
|
/// scenarios where pageservers might otherwise issue conflicting writes to
|
|
/// remote storage
|
|
impl Generation {
|
|
/// Create a new Generation that represents a legacy key format with
|
|
/// no generation suffix
|
|
pub fn none() -> Self {
|
|
Self::None
|
|
}
|
|
|
|
// Create a new generation that will panic if you try to use get_suffix
|
|
pub fn broken() -> Self {
|
|
Self::Broken
|
|
}
|
|
|
|
pub fn new(v: u32) -> Self {
|
|
Self::Valid(v)
|
|
}
|
|
|
|
pub fn is_none(&self) -> bool {
|
|
matches!(self, Self::None)
|
|
}
|
|
|
|
#[track_caller]
|
|
pub fn get_suffix(&self) -> String {
|
|
match self {
|
|
Self::Valid(v) => {
|
|
format!("-{:08x}", v)
|
|
}
|
|
Self::None => "".into(),
|
|
Self::Broken => {
|
|
panic!("Tried to use a broken generation");
|
|
}
|
|
}
|
|
}
|
|
|
|
/// `suffix` is the part after "-" in a key
|
|
///
|
|
/// Returns None if parsing was unsuccessful
|
|
pub fn parse_suffix(suffix: &str) -> Option<Generation> {
|
|
u32::from_str_radix(suffix, 16).map(Generation::new).ok()
|
|
}
|
|
|
|
#[track_caller]
|
|
pub fn previous(&self) -> Generation {
|
|
match self {
|
|
Self::Valid(n) => {
|
|
if *n == 0 {
|
|
// Since a tenant may be upgraded from a pre-generations state, interpret the "previous" generation
|
|
// to 0 as being "no generation".
|
|
Self::None
|
|
} else {
|
|
Self::Valid(n - 1)
|
|
}
|
|
}
|
|
Self::None => Self::None,
|
|
Self::Broken => panic!("Attempted to use a broken generation"),
|
|
}
|
|
}
|
|
|
|
pub fn next(&self) -> Generation {
|
|
match self {
|
|
Self::Valid(n) => Self::Valid(*n + 1),
|
|
Self::None => Self::Valid(1),
|
|
Self::Broken => panic!("Attempted to use a broken generation"),
|
|
}
|
|
}
|
|
|
|
pub fn into(self) -> Option<u32> {
|
|
if let Self::Valid(v) = self {
|
|
Some(v)
|
|
} else {
|
|
None
|
|
}
|
|
}
|
|
}
|
|
|
|
impl Serialize for Generation {
|
|
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
|
|
where
|
|
S: serde::Serializer,
|
|
{
|
|
if let Self::Valid(v) = self {
|
|
v.serialize(serializer)
|
|
} else {
|
|
// We should never be asked to serialize a None or Broken. Structures
|
|
// that include an optional generation should convert None to an
|
|
// Option<Generation>::None
|
|
Err(serde::ser::Error::custom(
|
|
"Tried to serialize invalid generation ({self})",
|
|
))
|
|
}
|
|
}
|
|
}
|
|
|
|
impl<'de> Deserialize<'de> for Generation {
|
|
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
|
|
where
|
|
D: serde::Deserializer<'de>,
|
|
{
|
|
Ok(Self::Valid(u32::deserialize(deserializer)?))
|
|
}
|
|
}
|
|
|
|
// We intentionally do not implement Display for Generation, to reduce the
|
|
// risk of a bug where the generation is used in a format!() string directly
|
|
// instead of using get_suffix().
|
|
impl Debug for Generation {
|
|
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
|
|
match self {
|
|
Self::Valid(v) => {
|
|
write!(f, "{:08x}", v)
|
|
}
|
|
Self::None => {
|
|
write!(f, "<none>")
|
|
}
|
|
Self::Broken => {
|
|
write!(f, "<broken>")
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
#[cfg(test)]
|
|
mod test {
|
|
use super::*;
|
|
|
|
#[test]
|
|
fn generation_gt() {
|
|
// Important that a None generation compares less than a valid one, during upgrades from
|
|
// pre-generation systems.
|
|
assert!(Generation::none() < Generation::new(0));
|
|
assert!(Generation::none() < Generation::new(1));
|
|
}
|
|
}
|