JAVA-3145: Implement some notion of retry logic around call to metadata service for Astra clients #1902
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -17,6 +17,7 @@ | |
| */ | ||
| package com.datastax.oss.driver.internal.core.config.cloud; | ||
|
|
||
| import com.datastax.oss.driver.api.core.DriverTimeoutException; | ||
| import com.datastax.oss.driver.api.core.metadata.EndPoint; | ||
| import com.datastax.oss.driver.internal.core.metadata.SniEndPoint; | ||
| import com.datastax.oss.driver.internal.core.ssl.SniSslEngineFactory; | ||
|
|
@@ -58,6 +59,8 @@ | |
| @ThreadSafe | ||
| public class CloudConfigFactory { | ||
| private static final Logger LOG = LoggerFactory.getLogger(CloudConfigFactory.class); | ||
| private static final int METADATA_RETRY_MAX_ATTEMPTS = 4; | ||
| private static final int METADATA_RETRY_INITIAL_DELAY_MS = 250; | ||
| /** | ||
| * Creates a {@link CloudConfig} with information fetched from the specified Cloud configuration | ||
| * URL. | ||
|
|
@@ -225,22 +228,40 @@ protected TrustManagerFactory createTrustManagerFactory( | |
| @NonNull | ||
| protected BufferedReader fetchProxyMetadata( | ||
| @NonNull URL metadataServiceUrl, @NonNull SSLContext sslContext) throws IOException { | ||
| HttpsURLConnection connection = null; | ||
| int attempt = 0; | ||
| while(attempt < METADATA_RETRY_MAX_ATTEMPTS){ | ||
| try { | ||
| connection = (HttpsURLConnection) metadataServiceUrl.openConnection(); | ||
| connection.setSSLSocketFactory(sslContext.getSocketFactory()); | ||
| connection.setRequestMethod("GET"); | ||
| connection.setRequestProperty("host", "localhost"); | ||
| attempt++; | ||
|
There was a problem hiding this comment. It's not a problem logically but I'd argue it's a bit cleaner to increment the number of attempts at the very top of this loop. You can probably do it even before going into the try block honestly. |
||
| // if this is the last attempt, throw | ||
| // else if the response code is not 200, retry | ||
| // else, throw | ||
| if (attempt != METADATA_RETRY_MAX_ATTEMPTS && connection.getResponseCode() != 200) { | ||
|
There was a problem hiding this comment. This should be There was a problem hiding this comment. I want it to throw the error at the last attempt. Otherwise, a There was a problem hiding this comment. We might need to make this a bit more granular. For example: 300 errors (3xx) indicate that a resource has been moved (or that we're being redirected someplace else). We should probably follow those if URLConnection doesn't do so already. 4xx errors are all client errors; my guess is that in most cases we won't want to retry these, although we have seen at least one case with a 421 (misdirected request) response which could benefit from a retry. JAVA-3033 also makes reference to a case in which 401 errors can be returned apparently due to a hibernated Astra instance. 5xx errors indicate a failure server-side; these should probably be retried in case there's a transient server error of some kind. It might be worth changing this to an if test only here and then having a set of if tests underneath that to check for the various error codes; that way you can handle each case independently without making the code too complex. There was a problem hiding this comment. 3xx should be redirected as long as the redirection is in the same protocol. How about if "a set of if tests underneath that" do you mean extracting the conditions into a function, like There was a problem hiding this comment. HttpURLConnection.HTTP_OK is probably preferred here to the literal 200 |
||
| try { | ||
| Thread.sleep(METADATA_RETRY_INITIAL_DELAY_MS); | ||
| continue; | ||
| } catch (InterruptedException interruptedException) { | ||
| Thread.currentThread().interrupt(); | ||
|
There was a problem hiding this comment. You shouldn't need to do an explicit interrupt of the current thread here; that's already happened (in order to get the InterruptedException to you). :) |
||
| throw new IOException("Interrupted while waiting to retry metadata fetch", interruptedException); | ||
| } | ||
| } | ||
| return new BufferedReader( | ||
| new InputStreamReader(connection.getInputStream(), StandardCharsets.UTF_8)); | ||
|
There was a problem hiding this comment. We know that connection.getInputStream() can throw an IOException under various cases (including some non-200 response codes). Presumably if we add checks above to make sure we only hit this code if we have a 200 response code we can avoid that issue... but any such code is probably a bit more brittle than we'd like. While we're here it may be best to just wrap this line of code in it's own try/catch and either (a) return an IllegalStateException if we get an IOException (like we do in the other catch blocks here) or (b) fold any such error into our retry logic. Note that this issue is really what JAVA-3033 is about. |
||
| } catch (ConnectException e) { | ||
| throw new IllegalStateException( | ||
| "Unable to connect to cloud metadata service. Please make sure your cluster is not parked or terminated", | ||
| e); | ||
| } catch (UnknownHostException e) { | ||
| throw new IllegalStateException( | ||
| "Unable to resolve host for cloud metadata service. Please make sure your cluster is not terminated", | ||
| e); | ||
| } | ||
| } | ||
| throw new DriverTimeoutException("Unable to fetch metadata from cloud metadata service"); // dead code | ||
| } | ||
|
|
||
| @NonNull | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note: per an earlier conversation @SiyaoIsHiding and I decided to leave these as constants for now. We can move them to configurable values if an explicit need prevents itself (or perhaps as a future enhancement).