Zen2: Fail fast on disconnects (#34503)

Integrates the failure detectors with the Connection lifecycle, to fail nodes as soon as:
- a leader detects one of his followers disconnecting.
- a follower detects its leader disconnecting.

Author: ywelsch

server/src/main/java/org/elasticsearch/cluster/coordination/Coordinator.java

@@ -107,8 +107,6 @@ public class Coordinator extends AbstractLifecycleComponent implements Discovery
     private Releasable electionScheduler;
     @Nullable
     private Releasable prevotingRound;
-    @Nullable
-    private Releasable leaderCheckScheduler;
     private long maxTermSeen;
     private final Reconfigurator reconfigurator;
 
@@ -140,7 +138,7 @@ public Coordinator(Settings settings, ClusterSettings clusterSettings, Transport
         this.publicationHandler = new PublicationTransportHandler(settings, transportService, this::handlePublishRequest,
             this::handleApplyCommit);
         this.leaderChecker = new LeaderChecker(settings, transportService, getOnLeaderFailure());
-        this.followersChecker = new FollowersChecker(settings, transportService, this::onFollowerCheckRequest, this::onFollowerFailure);
+        this.followersChecker = new FollowersChecker(settings, transportService, this::onFollowerCheckRequest, this::removeNode);
         this.nodeRemovalExecutor = new NodeRemovalClusterStateTaskExecutor(allocationService, logger);
         this.clusterApplier = clusterApplier;
         masterService.setClusterStateSupplier(this::getStateForMasterService);
@@ -163,11 +161,11 @@ public String toString() {
         };
     }
 
-    private void onFollowerFailure(DiscoveryNode discoveryNode) {
+    private void removeNode(DiscoveryNode discoveryNode, String reason) {
         synchronized (mutex) {
             if (mode == Mode.LEADER) {
                 masterService.submitStateUpdateTask("node-left",
-                    new NodeRemovalClusterStateTaskExecutor.Task(discoveryNode, "node left"),
+                    new NodeRemovalClusterStateTaskExecutor.Task(discoveryNode, reason),
                     ClusterStateTaskConfig.build(Priority.IMMEDIATE),
                     nodeRemovalExecutor,
                     nodeRemovalExecutor);
@@ -358,11 +356,7 @@ void becomeCandidate(String method) {
 
             peerFinder.activate(coordinationState.get().getLastAcceptedState().nodes());
             leaderChecker.setCurrentNodes(DiscoveryNodes.EMPTY_NODES);
-
-            if (leaderCheckScheduler != null) {
-                leaderCheckScheduler.close();
-                leaderCheckScheduler = null;
-            }
+            leaderChecker.updateLeader(null);
 
             followersChecker.clearCurrentNodes();
             followersChecker.updateFastResponseState(getCurrentTerm(), mode);
@@ -391,7 +385,7 @@ void becomeLeader(String method) {
         closePrevotingAndElectionScheduler();
         preVoteCollector.update(getPreVoteResponse(), getLocalNode());
 
-        assert leaderCheckScheduler == null : leaderCheckScheduler;
+        assert leaderChecker.leader() == null : leaderChecker.leader();
         followersChecker.updateFastResponseState(getCurrentTerm(), mode);
     }
 
@@ -415,10 +409,7 @@ void becomeFollower(String method, DiscoveryNode leaderNode) {
         preVoteCollector.update(getPreVoteResponse(), leaderNode);
 
         if (restartLeaderChecker) {
-            if (leaderCheckScheduler != null) {
-                leaderCheckScheduler.close();
-            }
-            leaderCheckScheduler = leaderChecker.startLeaderChecker(leaderNode);
+            leaderChecker.updateLeader(leaderNode);
         }
 
         followersChecker.clearCurrentNodes();
@@ -515,7 +506,7 @@ public void invariant() {
                 assert electionScheduler == null : electionScheduler;
                 assert prevotingRound == null : prevotingRound;
                 assert becomingMaster || getStateForMasterService().nodes().getMasterNodeId() != null : getStateForMasterService();
-                assert leaderCheckScheduler == null : leaderCheckScheduler;
+                assert leaderChecker.leader() == null : leaderChecker.leader();
                 assert applierState.nodes().getMasterNodeId() == null || getLocalNode().equals(applierState.nodes().getMasterNode());
                 assert preVoteCollector.getLeader() == getLocalNode() : preVoteCollector;
 
@@ -553,7 +544,7 @@ public void invariant() {
                 assert prevotingRound == null : prevotingRound;
                 assert getStateForMasterService().nodes().getMasterNodeId() == null : getStateForMasterService();
                 assert leaderChecker.currentNodeIsMaster() == false;
-                assert leaderCheckScheduler != null;
+                assert lastKnownLeader.equals(Optional.of(leaderChecker.leader()));
                 assert followersChecker.getKnownFollowers().isEmpty();
                 assert currentPublication.map(Publication::isCommitted).orElse(true);
                 assert preVoteCollector.getLeader().equals(lastKnownLeader.get()) : preVoteCollector;
@@ -564,7 +555,7 @@ public void invariant() {
                 assert prevotingRound == null || electionScheduler != null;
                 assert getStateForMasterService().nodes().getMasterNodeId() == null : getStateForMasterService();
                 assert leaderChecker.currentNodeIsMaster() == false;
-                assert leaderCheckScheduler == null : leaderCheckScheduler;
+                assert leaderChecker.leader() == null : leaderChecker.leader();
                 assert followersChecker.getKnownFollowers().isEmpty();
                 assert applierState.nodes().getMasterNodeId() == null;
                 assert currentPublication.map(Publication::isCommitted).orElse(true);

server/src/main/java/org/elasticsearch/cluster/coordination/FollowersChecker.java

@@ -33,6 +33,7 @@
 import org.elasticsearch.threadpool.ThreadPool.Names;
 import org.elasticsearch.transport.ConnectTransportException;
 import org.elasticsearch.transport.TransportChannel;
+import org.elasticsearch.transport.TransportConnectionListener;
 import org.elasticsearch.transport.TransportException;
 import org.elasticsearch.transport.TransportRequest;
 import org.elasticsearch.transport.TransportRequestOptions;
@@ -46,6 +47,7 @@
 import java.util.Map;
 import java.util.Objects;
 import java.util.Set;
+import java.util.function.BiConsumer;
 import java.util.function.Consumer;
 import java.util.function.Predicate;
 
@@ -78,7 +80,7 @@ public class FollowersChecker extends AbstractComponent {
     private final TimeValue followerCheckInterval;
     private final TimeValue followerCheckTimeout;
     private final int followerCheckRetryCount;
-    private final Consumer<DiscoveryNode> onNodeFailure;
+    private final BiConsumer<DiscoveryNode, String> onNodeFailure;
     private final Consumer<FollowerCheckRequest> handleRequestAndUpdateState;
 
     private final Object mutex = new Object(); // protects writes to this state; read access does not need sync
@@ -91,7 +93,7 @@ public class FollowersChecker extends AbstractComponent {
 
     public FollowersChecker(Settings settings, TransportService transportService,
                             Consumer<FollowerCheckRequest> handleRequestAndUpdateState,
-                            Consumer<DiscoveryNode> onNodeFailure) {
+                            BiConsumer<DiscoveryNode, String> onNodeFailure) {
         super(settings);
         this.transportService = transportService;
         this.handleRequestAndUpdateState = handleRequestAndUpdateState;
@@ -104,6 +106,12 @@ public FollowersChecker(Settings settings, TransportService transportService,
         updateFastResponseState(0, Mode.CANDIDATE);
         transportService.registerRequestHandler(FOLLOWER_CHECK_ACTION_NAME, Names.SAME, FollowerCheckRequest::new,
             (request, transportChannel, task) -> handleFollowerCheck(request, transportChannel));
+        transportService.addConnectionListener(new TransportConnectionListener() {
+            @Override
+            public void onNodeDisconnected(DiscoveryNode node) {
+                handleDisconnectedNode(node);
+            }
+        });
     }
 
     /**
@@ -228,6 +236,15 @@ Set<DiscoveryNode> getKnownFollowers() {
         }
     }
 
+    private void handleDisconnectedNode(DiscoveryNode discoveryNode) {
+        synchronized (mutex) {
+            FollowerChecker followerChecker = followerCheckers.get(discoveryNode);
+            if (followerChecker != null && followerChecker.running()) {
+                followerChecker.failNode("disconnected");
+            }
+        }
+    }
+
     static class FastResponseState {
         final long term;
         final Mode mode;
@@ -303,36 +320,21 @@ public void handleException(TransportException exp) {
 
                         failureCountSinceLastSuccess++;
 
+                        final String reason;
                         if (failureCountSinceLastSuccess >= followerCheckRetryCount) {
                             logger.debug(() -> new ParameterizedMessage("{} failed too many times", FollowerChecker.this), exp);
+                            reason = "followers check retry count exceeded";
                         } else if (exp instanceof ConnectTransportException
                             || exp.getCause() instanceof ConnectTransportException) {
                             logger.debug(() -> new ParameterizedMessage("{} disconnected", FollowerChecker.this), exp);
+                            reason = "disconnected";
                         } else {
                             logger.debug(() -> new ParameterizedMessage("{} failed, retrying", FollowerChecker.this), exp);
                             scheduleNextWakeUp();
                             return;
                         }
 
-                        transportService.getThreadPool().generic().execute(new Runnable() {
-                            @Override
-                            public void run() {
-                                synchronized (mutex) {
-                                    if (running() == false) {
-                                        logger.debug("{} no longer running, not marking faulty", FollowerChecker.this);
-                                        return;
-                                    }
-                                    faultyNodes.add(discoveryNode);
-                                    followerCheckers.remove(discoveryNode);
-                                }
-                                onNodeFailure.accept(discoveryNode);
-                            }
-
-                            @Override
-                            public String toString() {
-                                return "detected failure of " + discoveryNode;
-                            }
-                        });
+                        failNode(reason);
                     }
 
 
@@ -343,6 +345,28 @@ public String executor() {
                 });
         }
 
+        void failNode(String reason) {
+            transportService.getThreadPool().generic().execute(new Runnable() {
+                @Override
+                public void run() {
+                    synchronized (mutex) {
+                        if (running() == false) {
+                            logger.debug("{} condition no longer applies, not marking faulty", discoveryNode);
+                            return;
+                        }
+                        faultyNodes.add(discoveryNode);
+                        followerCheckers.remove(discoveryNode);
+                    }
+                    onNodeFailure.accept(discoveryNode, reason);
+                }
+
+                @Override
+                public String toString() {
+                    return "detected failure of " + discoveryNode;
+                }
+            });
+        }
+
         private void scheduleNextWakeUp() {
             transportService.getThreadPool().schedule(followerCheckInterval, Names.SAME, new Runnable() {
                 @Override

server/src/main/java/org/elasticsearch/cluster/coordination/LeaderChecker.java

@@ -22,6 +22,7 @@
 import org.apache.logging.log4j.message.ParameterizedMessage;
 import org.elasticsearch.cluster.node.DiscoveryNode;
 import org.elasticsearch.cluster.node.DiscoveryNodes;
+import org.elasticsearch.common.Nullable;
 import org.elasticsearch.common.component.AbstractComponent;
 import org.elasticsearch.common.io.stream.StreamInput;
 import org.elasticsearch.common.io.stream.StreamOutput;
@@ -33,6 +34,7 @@
 import org.elasticsearch.threadpool.ThreadPool.Names;
 import org.elasticsearch.transport.ConnectTransportException;
 import org.elasticsearch.transport.TransportChannel;
+import org.elasticsearch.transport.TransportConnectionListener;
 import org.elasticsearch.transport.TransportException;
 import org.elasticsearch.transport.TransportRequest;
 import org.elasticsearch.transport.TransportRequestOptions;
@@ -46,6 +48,7 @@
 import java.util.Objects;
 import java.util.concurrent.atomic.AtomicBoolean;
 import java.util.concurrent.atomic.AtomicLong;
+import java.util.concurrent.atomic.AtomicReference;
 
 /**
  * The LeaderChecker is responsible for allowing followers to check that the currently elected leader is still connected and healthy. We are
@@ -77,6 +80,8 @@ public class LeaderChecker extends AbstractComponent {
     private final TransportService transportService;
     private final Runnable onLeaderFailure;
 
+    private AtomicReference<CheckScheduler> currentChecker = new AtomicReference<>();
+
     private volatile DiscoveryNodes discoveryNodes;
 
     public LeaderChecker(final Settings settings, final TransportService transportService, final Runnable onLeaderFailure) {
@@ -88,19 +93,39 @@ public LeaderChecker(final Settings settings, final TransportService transportSe
         this.onLeaderFailure = onLeaderFailure;
 
         transportService.registerRequestHandler(LEADER_CHECK_ACTION_NAME, Names.SAME, LeaderCheckRequest::new, this::handleLeaderCheck);
+        transportService.addConnectionListener(new TransportConnectionListener() {
+            @Override
+            public void onNodeDisconnected(DiscoveryNode node) {
+                handleDisconnectedNode(node);
+            }
+        });
+    }
+
+    public DiscoveryNode leader() {
+        CheckScheduler checkScheduler = currentChecker.get();
+        return checkScheduler == null ? null : checkScheduler.leader;
     }
 
     /**
-     * Start a leader checker for the given leader. Should only be called after successfully joining this leader.
+     * Starts and / or stops a leader checker for the given leader. Should only be called after successfully joining this leader.
      *
-     * @param leader the node to be checked as leader
-     * @return a `Releasable` that can be used to stop this checker.
+     * @param leader the node to be checked as leader, or null if checks should be disabled
      */
-    public Releasable startLeaderChecker(final DiscoveryNode leader) {
+    public void updateLeader(@Nullable final DiscoveryNode leader) {
         assert transportService.getLocalNode().equals(leader) == false;
-        CheckScheduler checkScheduler = new CheckScheduler(leader);
-        checkScheduler.handleWakeUp();
-        return checkScheduler;
+        final CheckScheduler checkScheduler;
+        if (leader != null) {
+            checkScheduler = new CheckScheduler(leader);
+        } else {
+            checkScheduler = null;
+        }
+        CheckScheduler previousChecker = currentChecker.getAndSet(checkScheduler);
+        if (previousChecker != null) {
+            previousChecker.close();
+        }
+        if (checkScheduler != null) {
+            checkScheduler.handleWakeUp();
+        }
     }
 
     /**
@@ -137,6 +162,15 @@ private void handleLeaderCheck(LeaderCheckRequest request, TransportChannel tran
         }
     }
 
+    private void handleDisconnectedNode(DiscoveryNode discoveryNode) {
+        CheckScheduler checkScheduler = currentChecker.get();
+        if (checkScheduler != null) {
+            checkScheduler.handleDisconnectedNode(discoveryNode);
+        } else {
+            logger.trace("disconnect event ignored for {}, no check scheduler", discoveryNode);
+        }
+    }
+
     private class CheckScheduler implements Releasable {
 
         private final AtomicBoolean isClosed = new AtomicBoolean();
@@ -222,14 +256,20 @@ public String executor() {
                 });
         }
 
-        private void leaderFailed() {
+        void leaderFailed() {
             if (isClosed.compareAndSet(false, true)) {
                 transportService.getThreadPool().generic().execute(onLeaderFailure);
             } else {
                 logger.debug("already closed, not failing leader");
             }
         }
 
+        void handleDisconnectedNode(DiscoveryNode discoveryNode) {
+            if (discoveryNode.equals(leader)) {
+                leaderFailed();
+            }
+        }
+
         private void scheduleNextWakeUp() {
             logger.trace("scheduling next check of {} for [{}] = {}", leader, LEADER_CHECK_INTERVAL_SETTING.getKey(), leaderCheckInterval);
             transportService.getThreadPool().schedule(leaderCheckInterval, Names.SAME, new Runnable() {