[
https://issues.apache.org/jira/browse/CASSANDRA-3569?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13163423#comment-13163423
]
Sylvain Lebresne commented on CASSANDRA-3569:
---------------------------------------------
A coouple of things:
* Streaming doesn't use the same threshold than 'live query' as far as failure
detection is concerned. So 'using a failure detector tuned to detecting when
not to send real-time sensitive request' is *not* what we do as far as
streaming is concerned. Now maybe the threshold is still not good for
streaming, I'm happy to discuss that.
* The initial goal was to fail repairs when a remote end died (or was
restarted) because there have been boat load of user complaining about repair
hanging doing nothing and that is one case where that would happen. Please note
that it is a real pain point for users. The proposition of this ticket doesn't
solve that at all. This ticket proposes to get back to the preceding situation,
only maybe with the slight optimisation of adding a timeout to close the socket
after a few hour of inactivity, but honestly nobody ever complained about that.
CASSANDRA-2433 has never been about releasing a OS socket.
* That being said, if we really don't trust our FD, I could be convinced to
remove the 'FD breaks streams' behavior. As long as we keep the behavior of
failing repair when we know a node has been restarted (which we know without
doubt). But I still don't understand why we wouldn't trust the FD as long as we
correctly tune it for long-running process.
> Failure detector downs should not break streams
> -----------------------------------------------
>
> Key: CASSANDRA-3569
> URL: https://issues.apache.org/jira/browse/CASSANDRA-3569
> Project: Cassandra
> Issue Type: Bug
> Reporter: Peter Schuller
> Assignee: Peter Schuller
>
> CASSANDRA-2433 introduced this behavior just to get repairs to don't sit
> there waiting forever. In my opinion the correct fix to that problem is to
> use TCP keep alive. Unfortunately the TCP keep alive period is insanely high
> by default on a modern Linux, so just doing that is not entirely good either.
> But using the failure detector seems non-sensicle to me. We have a
> communication method which is the TCP transport, that we know is used for
> long-running processes that you don't want to incorrectly be killed for no
> good reason, and we are using a failure detector tuned to detecting when not
> to send real-time sensitive request to nodes in order to actively kill a
> working connection.
> So, rather than add complexity with protocol based ping/pongs and such, I
> propose that we simply just use TCP keep alive for streaming connections and
> instruct operators of production clusters to tweak
> net.ipv4.tcp_keepalive_{probes,intvl} as appropriate (or whatever equivalent
> on their OS).
> I can submit the patch. Awaiting opinions.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
