Bug #1257330 “object expirer isn't deleting objects” : Bugs : OpenStack Object Storage (swift)

Revision history for this message

gholt (gholt) wrote on 2013-12-03:

#1

Considering this style of fix: https://gist.github.com/gholt/7771150

Revision history for this message

gholt (gholt) wrote on 2013-12-03:

#2

Also, John mentioned that this will also need a one time script to scan for objects that have expired but did not actually get removed from the system due to this bug. This script will have to be carefully written so as to not delete any overwrites, updated metadata, etc.

Revision history for this message

Peter Portante (peter-a-portante) wrote on 2013-12-03:

#3

gholt: would this one time script be worth to just making it part of the object-auditor checks?

Revision history for this message

clayg (clay-gerrard) wrote on 2013-12-03:

#4

+1 to doing in the auditor

There was this discussion once that as you get enough objects in your cluster with an delete-at on them you'd rather just catch it on the walk then bother with the indexing and object-expirer daemon. Having delete-at cleanup baked into the auditor seems like a safe and prudent stride.

One thing missing there is the object-auditors don't really have any guarantee of finishing because they randomly select paths every time they start. I've been wanting to fix bug # 1183656 - I can commit to that this cycle.

Revision history for this message

Samuel Merritt (torgomatic) wrote on 2013-12-03:

#5

Another +1 to doing this in the auditor. That way, deployers don't have to know about some one-off cleanup script, nor do they have unrecoverable dark matter if they haven't kept all their object-expirer logs.

Revision history for this message

gholt (gholt) wrote on 2013-12-03:

#6

Okay, I'm not against the auditor thing, but I'll be working an external expirer.log scanning script to cleanup after this issue here, just because the auditor is pretty slow on huge clusters.

Revision history for this message

gholt (gholt) wrote on 2013-12-03:

#7

For the external script idea: https://gist.github.com/gholt/7777637

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-12-05: Fix merged to swift (master)

#8

Reviewed: https://review.openstack.org/59811
Committed: http://github.com/openstack/swift/commit/74b51c9c06fdd727e4b5911e66145daee9f6c0f2
Submitter: Jenkins
Branch: master

commit 74b51c9c06fdd727e4b5911e66145daee9f6c0f2
Author: Clay Gerrard <email address hidden>
Date: Tue Dec 3 11:17:57 2013 -0800

fix expired object deletion

fixes bug #1257330

Change-Id: I49f645abdeba97eafb3ae42ef9e3684c912cfdc6

Changed in swift:
status:	New → Fix Committed

Thierry Carrez (ttx) on 2013-12-10

Changed in swift:
status:	Fix Committed → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-12-12: Fix proposed to swift (feature/ec)

#9

Fix proposed to branch: feature/ec
Review: https://review.openstack.org/61650

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-12-13: Fix merged to swift (feature/ec)

#10

Download full text (11.2 KiB)

Reviewed: https://review.openstack.org/61650
Committed: https://git.openstack.org/cgit/openstack/swift/commit/?id=ced2e135ab4558659a3a389fef04ffddbafbbbe7
Submitter: Jenkins
Branch: feature/ec

commit ba5fe5f39e18fe8e1483a3b5851f044fe3358d0b
Author: Peter Portante <email address hidden>
Date: Wed Oct 2 23:52:30 2013 -0400

Use files in the source tree instead of cut/paste

    Many of the large files are included in the tree and the script now
    leverages a checked out swift tree to provide those files so that
    users don't have to cut/paste text from the document. The contents of
    those files are still included in the document for reference.

Updated to add sudo in appropriate places so that the entire script
can be run as the user instead of as root.

We also simplify the steps needed to get resetswift script working
(don't need to edit the user name).

Change-Id: Ie5b5a815870edcc205d273e35e0bbd2426d3b002
Signed-off-by: Peter Portante <email address hidden>

commit 038878b1a4eeb8ec94faf3a6285b43beb49a190c
Author: John Dickinson <email address hidden>
Date: Mon Dec 9 10:33:53 2013 -0800

clarify the current state of the DiskFile API

Change-Id: Ia3d62c53d14c9a5efdb9a39b08817320cf331085

commit 0b57158007fd23511b6db7be476d5952d2dc1f74
Author: Clay Gerrard <email address hidden>
Date: Wed Nov 13 11:40:27 2013 -0800

make test tooling less opinionated

Change-Id: I709afcec998795794a9ef13bbe7493ddd46c59b5

commit 353070861999a4cd98b1b9ed30ed90d83bbfac90
Author: Samuel Merritt <email address hidden>
Date: Tue Dec 3 22:18:46 2013 -0800

Stop mutating PATH_INFO in proxy server

    The proxy server was calling swob.Request.path_info_pop() prior to
    instantiating a controller so that req.path_info was just /a/c/o (sans
    /v1). The version got moved over into SCRIPT_NAME.

This lead to some unfortunate behavior when trying to re-use a request
from middleware. Something like this:

        # Imagine we're a WSGIContext object here.
        #
        # To start, SCRIPT_NAME = '' and PATH_INFO='/v1/a/c/o'

resp_iter = self._app_call(env, start_response)
# Now SCRIPT_NAME='/v1' and PATH_INFO ='/a/c/o'

        if something_special in self._response_headers:
            env['REQUEST_METHOD'] = 'GET'
            env.pop('HTTP_RANGE', None)

     # 404 SURPRISE! The proxy calls path_info_pop() again,
            # and now SCRIPT_NAME='/v1/a' and PATH_INFO='/c/o', so this
            # gets treated as a container request. Yikes.
            resp_iter = self._app_call(env, start_response)

    Now we just leave SCRIPT_NAME and PATH_INFO alone. To make life easy
    for everyone who does want just /a/c/o, I defined
    swob.Request.swift_entity_path, which just strips off the /v1.

    Note that there's still one call to path_info_pop() in tempauth, but
    that's only for requests going to /auth, so it won't affect Swift API
    requests. It might be a good idea to remove that one later, but let's
    do one thing at a time.

Change-Id: I87557a11c01f3f3889b610578cda6ba7d3933e7a

commit dd7122c70271a5fc5...

Reviewed:  https://review.openstack.org/61650
Committed: https://git.openstack.org/cgit/openstack/swift/commit/?id=ced2e135ab4558659a3a389fef04ffddbafbbbe7
Submitter: Jenkins
Branch:    feature/ec

commit ba5fe5f39e18fe8e1483a3b5851f044fe3358d0b
Author: Peter Portante <peter.portante@redhat.com>
Date:   Wed Oct 2 23:52:30 2013 -0400

Use files in the source tree instead of cut/paste
    
    Many of the large files are included in the tree and the script now
    leverages a checked out swift tree to provide those files so that
    users don't have to cut/paste text from the document. The contents of
    those files are still included in the document for reference.
    
    Updated to add sudo in appropriate places so that the entire script
    can be run as the user instead of as root.
    
    We also simplify the steps needed to get resetswift script working
    (don't need to edit the user name).
    
    Change-Id: Ie5b5a815870edcc205d273e35e0bbd2426d3b002
    Signed-off-by: Peter Portante <peter.portante@redhat.com>

commit 038878b1a4eeb8ec94faf3a6285b43beb49a190c
Author: John Dickinson <me@not.mn>
Date:   Mon Dec 9 10:33:53 2013 -0800

clarify the current state of the DiskFile API
    
    Change-Id: Ia3d62c53d14c9a5efdb9a39b08817320cf331085

commit 0b57158007fd23511b6db7be476d5952d2dc1f74
Author: Clay Gerrard <clay.gerrard@gmail.com>
Date:   Wed Nov 13 11:40:27 2013 -0800

make test tooling less opinionated
    
    Change-Id: I709afcec998795794a9ef13bbe7493ddd46c59b5

commit 353070861999a4cd98b1b9ed30ed90d83bbfac90
Author: Samuel Merritt <sam@swiftstack.com>
Date:   Tue Dec 3 22:18:46 2013 -0800

Stop mutating PATH_INFO in proxy server
    
    The proxy server was calling swob.Request.path_info_pop() prior to
    instantiating a controller so that req.path_info was just /a/c/o (sans
    /v1). The version got moved over into SCRIPT_NAME.
    
    This lead to some unfortunate behavior when trying to re-use a request
    from middleware. Something like this:
    
        # Imagine we're a WSGIContext object here.
        #
        # To start, SCRIPT_NAME = '' and PATH_INFO='/v1/a/c/o'
    
        resp_iter = self._app_call(env, start_response)
        # Now SCRIPT_NAME='/v1' and PATH_INFO ='/a/c/o'
    
        if something_special in self._response_headers:
            env['REQUEST_METHOD'] = 'GET'
            env.pop('HTTP_RANGE', None)
    
    	# 404 SURPRISE! The proxy calls path_info_pop() again,
            # and now SCRIPT_NAME='/v1/a' and PATH_INFO='/c/o', so this
            # gets treated as a container request. Yikes.
            resp_iter = self._app_call(env, start_response)
    
    Now we just leave SCRIPT_NAME and PATH_INFO alone. To make life easy
    for everyone who does want just /a/c/o, I defined
    swob.Request.swift_entity_path, which just strips off the /v1.
    
    Note that there's still one call to path_info_pop() in tempauth, but
    that's only for requests going to /auth, so it won't affect Swift API
    requests. It might be a good idea to remove that one later, but let's
    do one thing at a time.
    
    Change-Id: I87557a11c01f3f3889b610578cda6ba7d3933e7a

commit dd7122c70271a5fc5d318712ec3881fddf40d8de
Author: John Dickinson <me@not.mn>
Date:   Tue Dec 3 06:33:55 2013 -0800

Release notes for Swift 1.11.0
    
    Change-Id: Iff13ce1fb9ab662fc4965f8f2a420f58535fb5d3

commit d18b6d8d5d6ca8c0adf3b98b488042c49394a072
Author: Samuel Merritt <sam@swiftstack.com>
Date:   Thu Nov 21 17:39:56 2013 -0800

Fix HEAD tempurls
    
    HEAD-only tempurls didn't work; tempurl only allowed a HEAD request if
    the tempurl was generated for GET or PUT (that is, the method in the
    HMAC-signed string was "GET" or "PUT").
    
    The intent of the code was to allow a user with a GET or a PUT tempurl
    to also perform a HEAD request; I think the breaking of HEAD tempurls
    is just a bug.
    
    Change-Id: I621ddaac03e0d058dd9e7c7c374cb5c4b6386d36

commit 60bf2dc675a85e3b5a2708228f70374e84b037e3
Author: Peter Portante <peter.portante@redhat.com>
Date:   Thu Dec 5 15:31:09 2013 -0500

Override spelling of tempauth test name
    
    Change-Id: Ife571bbeb6dd4ba5c552a2f0725c36e133e64cf4

commit b332e3e436e780ee5ff14e9b6fe3c75d9e155db3
Author: gholt <z-launchpad@brim.net>
Date:   Thu Dec 5 18:02:06 2013 +0000

Fixed a failing test on my saio
    
    The added sleep makes this test pass on my saio. I have not heard of
    it failing for anyone else, but I figured I'd post this up just in
    case someone does have the same problem and this fixes it for them.
    
    Change-Id: Ia0bb09d36d0b531ade7c6a6034bbe31dd6c90a98

commit 1ccb5c61f459d9e70e9ba5698686065429d91afb
Author: Peter Portante <peter.portante@redhat.com>
Date:   Wed Dec 4 16:05:56 2013 -0500

Allow access to the in-memory object server
    
    This will allow functional tests to be used against it, and can then
    be used for the storage-policy work as an example diskfile
    implementation associated with a storage policy.
    
    Change-Id: I47a88e70cee99225779baaed379b0c5d4c73611a

commit 74b51c9c06fdd727e4b5911e66145daee9f6c0f2
Author: Clay Gerrard <clay.gerrard@gmail.com>
Date:   Tue Dec 3 11:17:57 2013 -0800

fix expired object deletion
    
    fixes bug #1257330
    
    Change-Id: I49f645abdeba97eafb3ae42ef9e3684c912cfdc6

commit 4873fcf626f7bc98e3f20b4fb87796c2040c7c27
Author: Donagh McCabe <donagh.mccabe@hp.com>
Date:   Mon Dec 2 13:40:01 2013 +0000

Opt out of the service catalog
    
    Set include_servce_catalog=False in Keystone's auth_token
    example configuration. Swift does not use X-Service-Catalog
    so there is no need to suffer its overhead. In addition,
    service catalogs can be larger than max_header_size so this
    change avoids a failure mode.
    
    DocImpact
    Relates to bug 1228317
    
    Change-Id: If94531ee070e4a47cbd9b848d28e2313730bd3c0

commit b57fd4343fe88996a33248cd5f31d61d0c30433d
Author: Clay Gerrard <clay.gerrard@gmail.com>
Date:   Tue Dec 3 21:12:19 2013 -0800

use diskfile in ssync_sender tests
    
    Change-Id: I7993de98ce3eb4839fa5d72d1b6ce08e4a7c1451

commit f5ba1ca1f97d3ac9c37a45527d8c5dba365be391
Author: gholt <z-launchpad@brim.net>
Date:   Wed Dec 4 00:10:46 2013 +0000

Remove ssync iter_hook usage
    
    Apparently that disappeared and now the whole thing does on its own what this
    was trying to achieve.
    
    Change-Id: If20016cb80c855e3e8373de5d56926ef8f8e7dac

commit 2db9453722745300418980a1b122cbed9e557e0b
Author: Samuel Merritt <sam@swiftstack.com>
Date:   Tue Dec 3 14:49:57 2013 -0800

Preserve closeability of app iterables
    
    PEP 333 (WSGI) says that if your iterable has a close() method, the
    framework must call it.
    
    WSGIContext._app_call pulls the first chunk off the returned iterable
    to make sure that it gets status and headers, and then it would
    itertools.chain() that first chunk back onto the iterable so the whole
    body went out. swob.Response.call_application() does it too.
    
    The problem is that an itertools.chain object doesn't have a close()
    method, so your iterable's fancy-pants close() method has no chance of
    getting called.
    
    This patch adds a slightly smarter CloseableChain that works like
    itertools.chain, but has a close() method that calls the underlying
    iterables' close() methods, if any.
    
    Change-Id: If975c93f53c27dfa0c2f52f4bbf599af25202f70

commit 33706cb97470deb75c0b2065e3d1ce04171d6b54
Author: Christian Schwede <christian.schwede@enovance.com>
Date:   Mon Dec 2 16:37:03 2013 +0000

Add option to return disk usage report with byte suffix.
    
    Disk usage is currently returned as bytes. This patch adds the option
    to return the value with a more human-friendly suffix, eg. MB/GB/TB/PB.
    
    Change-Id: I3d55181f7e6085e711bd6e09ea2ce0a12b290cc5

commit 68db481ae522acbb1fb1f1cefde8c45b9973a4df
Author: Samuel Merritt <sam@swiftstack.com>
Date:   Mon Dec 2 17:08:19 2013 -0800

Update handoff algorithm to use IP/port pairs
    
    The replica placement algorithm works on regions, then zones, then
    IP/port, then device ID. The handoff algorithm worked on regions, then
    zones, then device ID, completely skipping IP/port. It's now been
    updated to take IP/port into consideration.
    
    This means you get one handoff on each machine in the cluster before
    you start getting handoffs that share a machine with a previous
    one. In small clusters, this can help with durability.
    
    Because this is performance-critical code, here are some quick
    benchmark results:
    
    Run time averages over 25000 trials on a 1200-device ring (20 part
    power, 3 replicas, 2 regions, 10 zones, 120 nodes):
    
    		   |   master    |   branch
    ===================+=============+============
    get 1 more node	   |  2.727e-05	 |  3.076e-05
    get 6 more nodes   |  3.55e-05   |  4.214e-05
    get all more nodes |  0.002247   |  0.002691
    
    There's a small slowdown from the additional bookkeeping, but nothing
    too awful. The time to get 6 more nodes (for handoff checks on 404,
    it's 2x replica count by default, hence 6) went from 35 to 42
    microseconds, so it remains small.
    
    Change-Id: Ie7da4dfcb0fcf1a38e2fb13f60c204540fadbf06

commit 63d91386f9345cbcb20ba1f51ecc444404e7523c
Author: Chmouel Boudjnah <chmouel@enovance.com>
Date:   Mon Dec 2 12:44:20 2013 -0800

Remove swift-bench
    
    swift-bench has moved to :
    
    http://github.com/openstack/swift-bench
    
    DocImpact
    
    Change-Id: Id09765f53d1e493fb0eeae0dba57879ba9dd0ade

commit 9b38463b06ff48269668a6b05822b285d603c7f8
Author: Alex Gaynor <alex.gaynor@gmail.com>
Date:   Mon Dec 2 14:24:22 2013 -0600

Fixed DB test cases on PyPy
    
    They weren't working because of the intersection between some monkey
    patching in the tests and the fact that ``sqlite3.Connection`` and
    ``Cursor`` are Python classes on PyPy, but C-extension classes on
    CPython. The result was that trying to call the superclass's init
    didn't work because the name ``sqlite3.Connection`` pointed to a
    different class that wasn't actually the real superclass of
    ``GreenDBConnection``. Using ``super`` fixes this because the method
    called is now always the real superclass's.
    
    Change-Id: Ib45b16c7499883e560877788f13285d0a47cc2cd

commit 93d63dcf756c7cf9c31bf609116c448cf7e1a509
Author: Alex Gaynor <alex.gaynor@gmail.com>
Date:   Mon Dec 2 11:30:54 2013 -0600

GreenDBConnection no longer assumes that arguments are kwargs
    
    Previous this code assumed that almost all arguments would be passed
    as kwargs. Now the code also handles ``timeout`` occurring in
    ``*args``. This is needed because on PyPy's sqlite module, they are
    passed in ``*args``.
    
    Change-Id: I7ce25e7b262c6f46680e3f0eb391094de8051946

commit 9ce54d5860346632b15b3b64fed3c2b60b7e7acf
Author: Christian Schwede <christian.schwede@enovance.com>
Date:   Fri Oct 25 08:59:37 2013 +0200

Prevent early auth deny in tempauth when using swift3 middleware.
    
    When tempauth is used together with swift3 and keystone, groups are
    empty and tempauth denies the request too early without a chance for
    keystone to authenticate the request.
    
    Change-Id: I21d9b22ecbd18a5f1fba901abd94221a332c45ea
    Closes-Bug: 1244545

OpenStack Object Storage (swift)

object expirer isn't deleting objects

Bug Description

Other bug subscribers

Remote bug watches