Add dynamodb retry config for throttling and other errors. Add exponential backoff and jitter for unprocessed keys. Fix edge case where we succesfully process keys on our last attempt but still fail #1023
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -4,6 +4,7 @@ | |
| import math | ||
| import os | ||
| import pickle | ||
| import random | ||
| import threading | ||
| import time | ||
| from collections import defaultdict | ||
|
|
@@ -20,6 +21,7 @@ | |
| from typing import TypeVar | ||
|
|
||
| import boto3 # type: ignore | ||
| from botocore.config import Config # type: ignore | ||
|
|
||
| import tron.prom_metrics as prom_metrics | ||
| from tron.core.job import Job | ||
|
|
@@ -35,16 +37,33 @@ | |
| # to contain other attributes like object name and number of partitions. | ||
| OBJECT_SIZE = 200_000 # TODO: TRON-2240 - consider swapping back to 400_000 now that we've removed pickles | ||
| MAX_SAVE_QUEUE = 500 | ||
| # This is distinct from the number of retries in the retry_config as this is used for handling unprocessed | ||
| # keys outside the bounds of something like retrying on a ThrottlingException. We need this limit to avoid | ||
| # infinite loops in the case where a key is truly unprocessable. | ||
| MAX_UNPROCESSED_KEYS_RETRIES = 10 | ||
| MAX_TRANSACT_WRITE_ITEMS = 100 | ||
| log = logging.getLogger(__name__) | ||
| T = TypeVar("T") | ||
|
|
||
|
|
||
| class DynamoDBStateStore: | ||
| def __init__(self, name, dynamodb_region, stopping=False) -> None: | ||
| # Standard mode includes an exponential backoff by a base factor of 2 for a | ||
| # maximum backoff time of 20 seconds (min(b*r^i, MAX_BACKOFF) where b is a | ||
| # random number between 0 and 1 and r is the base factor of 2). This might | ||
| # look like: | ||
| # | ||
| # seconds_to_sleep = min(1 × 2^1, 20) = min(2, 20) = 2 seconds | ||
| # | ||
| # By our 5th retry (2^5 is 32) we will be sleeping *up to* 20 seconds, depending | ||
| # on the random jitter. | ||
| # | ||
| # It handles transient errors like RequestTimeout and ConnectionError, as well | ||
| # as Service-side errors like Throttling, SlowDown, and LimitExceeded. | ||
| retry_config = Config(retries={"max_attempts": 5, "mode": "standard"}) | ||
|
|
||
| self.dynamodb = boto3.resource("dynamodb", region_name=dynamodb_region, config=retry_config) | ||
| self.client = boto3.client("dynamodb", region_name=dynamodb_region, config=retry_config) | ||
| self.name = name | ||
| self.dynamodb_region = dynamodb_region | ||
| self.table = self.dynamodb.Table(name) | ||
|
|
@@ -63,11 +82,11 @@ def build_key(self, type, iden) -> str: | |
|
|
||
| def restore(self, keys, read_json: bool = False) -> dict: | ||
| """ | ||
| Fetch all under the same partition key(s). | ||
| ret: <dict of key to states> | ||
| """ | ||
| # format of the keys always passed here is | ||
| # job_state job_name --> high level info about the job: enabled, run_nums | ||
| # job_run_state job_run_name --> high level info about the job run | ||
| first_items = self._get_first_partitions(keys) | ||
| remaining_items = self._get_remaining_partitions(first_items, read_json) | ||
|
|
@@ -87,8 +106,11 @@ def _get_items(self, table_keys: list) -> object: | |
| items = [] | ||
| # let's avoid potentially mutating our input :) | ||
| cand_keys_list = copy.copy(table_keys) | ||
| attempts = 0 | ||
| base_delay_seconds = 0.5 | ||
| max_delay_seconds = 10 | ||
|
|
||
| while len(cand_keys_list) != 0 and attempts < MAX_UNPROCESSED_KEYS_RETRIES: | ||
| with concurrent.futures.ThreadPoolExecutor(max_workers=5) as executor: | ||
| responses = [ | ||
| executor.submit( | ||
|
|
@@ -106,20 +128,33 @@ def _get_items(self, table_keys: list) -> object: | |
| cand_keys_list = [] | ||
| for resp in concurrent.futures.as_completed(responses): | ||
| try: | ||
| result = resp.result() | ||
|
There was a problem hiding this comment. I wonder if we should also print the response when we get into the exception block to also have an idea on why we got unprocessed keys and why we exceeded the attempts There was a problem hiding this comment. so maybe we add it here |
||
| items.extend(result.get("Responses", {}).get(self.name, [])) | ||
|
|
||
| # If DynamoDB returns unprocessed keys, we need to collect them and retry | ||
| unprocessed_keys = result.get("UnprocessedKeys", {}).get(self.name, {}).get("Keys", []) | ||
| if unprocessed_keys: | ||
| cand_keys_list.extend(unprocessed_keys) | ||
| except Exception as e: | ||
| log.exception("Encountered issues retrieving data from DynamoDB") | ||
| raise e | ||
| if cand_keys_list: | ||
| attempts += 1 | ||
| # Exponential backoff for retrying unprocessed keys | ||
| exponential_delay = min(base_delay_seconds * (2 ** (attempts - 1)), max_delay_seconds) | ||
| # Full jitter (i.e. from 0 to exponential_delay) will help minimize the number and length of calls | ||
| jitter = random.uniform(0, exponential_delay) | ||
| delay = jitter | ||
|
There was a problem hiding this comment. did we mean to add the exponential delay + the jitter? or is waiting for a random time between 0 and the expected delay what we wanted? (i.e., is waiting 0 seconds fine?) There was a problem hiding this comment. oh, i see - boto is doing it's own exponential backoff? imo, we can likely skip adding any jitter - each dynamodb table only has a single reader/writer (tron) so there's not much of a risk of a thundering herd scenario :) |
||
| log.warning( | ||
| f"Attempt {attempts}/{MAX_UNPROCESSED_KEYS_RETRIES} - Retrying {len(cand_keys_list)} unprocessed keys after {delay:.2f}s delay." | ||
| ) | ||
| time.sleep(delay) | ||
|
There was a problem hiding this comment. What to do about this lil guy? There was a problem hiding this comment. !8ball we should use a restore thread There was a problem hiding this comment. yea, we should probably try to figure out a non-blocking way to do this or have this run in a separate thread - if we get to the worst case of 5 attempts and this is running on the reactor thread, we'll essentially block all of tron from doing anything for 20s There was a problem hiding this comment. although, actually - this is probably fine since we do all sorts of blocking stuff in restore and aren't expecting tron to be usable/do anything until we've restored everything ...so maybe this is fine? |
||
| if cand_keys_list: | ||
| error = Exception( | ||
| f"tron_dynamodb_restore_failure: failed to retrieve items with keys \n{cand_keys_list}\n from dynamodb after {MAX_UNPROCESSED_KEYS_RETRIES} retries." | ||
| ) | ||
| log.error(repr(error)) | ||
| raise error | ||
| return items | ||
|
|
||
| def _get_first_partitions(self, keys: list): | ||
|
|
@@ -337,25 +372,21 @@ def __setitem__(self, key: str, value: Tuple[bytes, str]) -> None: | |
| "N": str(num_json_val_partitions), | ||
| } | ||
|
|
||
| items.append(item) | ||
|
|
||
| # We want to write the items when we've either reached the max number of items | ||
| # for a transaction, or when we're done processing all partitions | ||
| if len(items) == MAX_TRANSACT_WRITE_ITEMS or index == max_partitions - 1: | ||
| try: | ||
| self.client.transact_write_items(TransactItems=items) | ||
| items = [] | ||
| except Exception as e: | ||
| timer( | ||
| name="tron.dynamodb.setitem", | ||
| delta=time.time() - start, | ||
| ) | ||
| log.error(f"Failed to save partition for key: {key}, error: {repr(e)}") | ||
| raise e | ||
| timer( | ||
| name="tron.dynamodb.setitem", | ||
| delta=time.time() - start, | ||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we should use the native pytest/python assertions in new code - testifycompat shouldn't really be used for new code (it's a compatibility layer to aid in migrating from our old testing framework to pytest )
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(and related, I'd probably replace the new
assert_equalcalls withassert X == Y)