[ https://issues.apache.org/jira/browse/HADOOP-8220?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13239976#comment-13239976 ]
Bikas Saha commented on HADOOP-8220: ------------------------------------ Do you mean? 1. Succeed in getting lock 2. Call becomeActive() 3. ZKFC fails to become active. Call quitElection. 4. drop ZK session (lock disappears) 5. reconnect to ZK 6. Goto 1 Otherwise I dont see why lock disappears. If yes, then this might be ok, since by design we are deciding to sleep and let someone else take a shot at becoming active because we are having trouble doing so. Could you please add this in comments so that the sleeping is explained. Now that I am looking at the patch in a less sleep state I think the following might be a better flow because the actions on failure and success are in one place if (becomeActive()) { monitorActiveStatus(); } else { LOG.warn("Failed to become active. Rejoin election to try again but sleep before that to let someone else try."); reJoinElection(SLEEP_AFTER_FAILURE_TO_BECOME_ACTIVE); } This puts the fail/success handling of becomeActive() in 1 place and avoids the calling of becomeActive() have a side-effect of also calling rejoinElection() on failure. What do you think? > ZKFailoverController doesn't handle failure to become active correctly > ---------------------------------------------------------------------- > > Key: HADOOP-8220 > URL: https://issues.apache.org/jira/browse/HADOOP-8220 > Project: Hadoop Common > Issue Type: Bug > Components: ha > Affects Versions: 0.23.3, 0.24.0 > Reporter: Todd Lipcon > Assignee: Todd Lipcon > Priority: Critical > Attachments: hadoop-8220.txt > > > The ZKFC doesn't properly handle the case where the monitored service fails > to become active. Currently, it catches the exception and logs a warning, but > then continues on, after calling quitElection(). This causes a NPE when it > later tries to use the same zkClient instance while handling that same > request. There is a test case, but the test case doesn't ensure that the node > that had the failure is later able to recover properly. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira