Excerpts from Adam Young's message of 2013-07-09 06:19:19 -0700: > On 07/08/2013 11:06 PM, Clint Byrum wrote: > > Excerpts from Adam Young's message of 2013-07-08 17:32:30 -0700: > >> On 07/08/2013 04:35 PM, Clint Byrum wrote: > >>> Excerpts from Adam Young's message of 2013-07-08 13:18:55 -0700: > >>>> On 07/01/2013 01:35 PM, Clint Byrum wrote: > >>>>> The way the new keystone-manage command "token_flush" works right now > >>>>> is quite broken by MySQL and InnoDB's gap locking behavior: > >>>>> > >>>>> https://bugs.launchpad.net/1188378 > >>>>> > >>>>> Presumably other SQL databases like PostgreSQL will have similar > >>>>> problems > >>>>> with doing massive deletes, but I am less familiar with them. > >>>>> > >>>>> I am trying to solve this in keystone, and my first attempt is here: > >>>>> > >>>>> https://review.openstack.org/#/c/32044/ > >>>>> > >>>>> However, MySQL does not support using "LIMIT" in a sub-query that > >>>>> is feeding an IN() clause, so that approach will not work. Likewise, > >>>>> sqlalchemy does not support the MySQL specific extension to DELETE which > >>>>> allows it to have a LIMIT clause. > >>>>> > >>>>> Now, I can do some hacky things, like just deleting all of the expired > >>>>> tokens from the oldest single second, but that could also potentially > >>>>> be millions of tokens, and thus, millions of gaps to lock. > >>>>> > >>>>> So, there is just not one way to work for all databases, and we have to > >>>>> have a special mode for MySQL. > >>>>> > >>>>> I was wondering if anybody has suggestions and/or examples of how to do > >>>>> that with sqlalchemy. > >>>>> > >>>>> _______________________________________________ > >>>>> OpenStack-dev mailing list > >>>>> OpenStack-dev@lists.openstack.org > >>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > >>>> In general, if you have millions of roles, you need a real database. I > >>>> would not try to work through SQL Alchemy for this. Instead, you > >>>> probably just want to make sure that the token_flush is run fairly > >>>> regularly on your database. > >>>> > >>> I'm not sure I understand you. > >>> > >>> * I am asking about millions of tokens, not roles. > >> Heh, I mean Rows, and somehow type roles. > >> > >>> * I am asking about MySQL.. presumably a "real" database. > >> I have to admit I am a bit of a Postgresql Bigot. I don't really > >> consider MySQL a real database, althought it has improved a lot over the > >> years. I am not up to speed on"InnoDB's gap locking behavior" but it is > >> not something I would expect to be a problem in Postgresql. > >> > > You may want to update your snark! MySQL has its warts which are pretty > > easy to take shots at, but it has been a "real" ACID compliant database > > for well over a decade. > My snark is more recently generated than that. There are plenty of > places where MySQL has fallen down. > > InnoDB support was not mandatory, and without it, MySQL was not really > ACID compliant. Using InnoDB was troublesome enough that the RHEL 6 > version of MySQL defaults to MyISAM. >
Its not so much that it was troublesome to use InnoDB as it was that people were used to MyISAM's few mis-features (fulltext and delayed inserts mostly) and needed a long warning (run up to 5.5) that the default was changing. Before 5.5 was released, Drizzle _completely removed_ MyISAM because it causes way more problems than it solves. > > > > Please have a read at how InnoDB's isolation level handling works > > [1]. You can compare it to Postgres [2]. InnoDB's default isolation > > level, repeatable read, has a locking behavior that is particularly > > ugly for indexes like 'token.valid'. Put simply, you can't add more > > valid tokens until you're done deleting any valid expired tokens (if > > you mention valid in the delete, which flush_tokens does not). > > > > This is because token.valid == 1 may end up locked during the entire > > DELETE. The same could be true for expires too, even the primary key, > > though that is typically not locked with ranges. > > > > Yes, Postgres's behaviors are much more desirable here, as inserts almost > > go unmentioned in the postgres description of transaction isolation. But > > there are well documented ways of working around this weirdness. I had > > forgotten that one way is to use READ UNCOMMITTED. That should avoid > > any of the large range locks and work with MySQL, Postgres, and Sqlite. > > > I think the real solution is for us to stop writing tokens to the > Database. If we are using PKI tokens, there is no need for a database > entry for valid tokens, only for revoked tokens. > > That makes this whole thing into a non-problem. Yes please! Is this something that is in development, or at least recorded in a bug that someone like me can grab? I would love for that to be the default behavior. Of course, that would not solve the issue for those who want to audit tokens (is this a large contingent of users?). In fact the flush tokens command would be bad for those users as well, whereas pt-archiver's nibbling approach that copies rows out of the table into another database would work quite nicely. _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
