Skip to content

Update pauser to handle exception and run unpause as long as possible #33

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 22 commits into from
May 20, 2025
Merged

Update pauser to handle exception and run unpause as long as possible #33

Show file tree
Hide file tree
Changes from 18 commits
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
92ebb3a
Update pauser to handle exception and run unpause as long as possible
kota2and3kan Apr 25, 2025
07d8325
[WIP] Add several unit tests
kota2and3kan Apr 25, 2025
08312b2
[WIP] Add several unit tests
kota2and3kan Apr 28, 2025
34a03fc
Fix minor things
kota2and3kan Apr 28, 2025
25c10f6
Merge remote-tracking branch 'origin/main' into add-error-handling-wh…
kota2and3kan Apr 30, 2025
4d22a34
Update exception handling based on review feedback
kota2and3kan May 1, 2025
42f1a30
Update pauser logic based on feedback and discussion
kota2and3kan May 2, 2025
1d17af9
Update unit tests
kota2and3kan May 7, 2025
f087077
Update dummy object name variable to static constant
kota2and3kan May 7, 2025
d3b54c0
Add exception handling for getTarget() after pause
kota2and3kan May 8, 2025
55ba29c
Apply suggestions from code review
kota2and3kan May 8, 2025
891beb8
Change variable name from backupOk to isPauseOk
kota2and3kan May 8, 2025
c233242
Update name of target status variable and method
kota2and3kan May 8, 2025
744da27
Return PausedDuration from pauseInternal() method
kota2and3kan May 8, 2025
c413386
Move variable definition in catch block
kota2and3kan May 8, 2025
600e7b1
Make the logic a bit simpler
kota2and3kan May 9, 2025
9e9132d
Update error message generation and definition based on feedback
kota2and3kan May 9, 2025
909e596
Add code comments
kota2and3kan May 9, 2025
f9dc445
Implement buildException() based on feedback
kota2and3kan May 13, 2025
5cca44c
Run targetStatusEquals() only if targetAfterPause is not null
kota2and3kan May 14, 2025
639e132
Apply suggestions from code review
kota2and3kan May 15, 2025
b93c054
Fix code comments based on feedback
kota2and3kan May 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions lib/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ dependencies {
testImplementation(platform("org.junit:junit-bom:${junitVersion}"))
testImplementation 'org.junit.jupiter:junit-jupiter'
testImplementation "org.mockito:mockito-core:${mockitoVersion}"
testImplementation "org.mockito:mockito-inline:${mockitoVersion}"
}

test {
Expand Down
11 changes: 11 additions & 0 deletions lib/src/main/java/com/scalar/admin/kubernetes/PauseFailedException.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
package com.scalar.admin.kubernetes;

public class PauseFailedException extends PauserException {
public PauseFailedException(String message) {
super(message);
}

public PauseFailedException(String message, Throwable cause) {
super(message, cause);
}
}
167 changes: 136 additions & 31 deletions lib/src/main/java/com/scalar/admin/kubernetes/Pauser.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package com.scalar.admin.kubernetes;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.util.concurrent.Uninterruptibles;
import com.scalar.admin.RequestCoordinator;
import io.kubernetes.client.openapi.Configuration;
Expand All @@ -13,8 +14,6 @@
import java.util.stream.Collectors;
import javax.annotation.Nullable;
import javax.annotation.concurrent.NotThreadSafe;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
* This class implements a pause operation for Scalar product pods in a Kubernetes cluster. The
Expand All @@ -34,11 +33,29 @@
@NotThreadSafe
public class Pauser {

private static final int MAX_UNPAUSE_RETRY_COUNT = 3;
@VisibleForTesting static final int MAX_UNPAUSE_RETRY_COUNT = 3;

private final Logger logger = LoggerFactory.getLogger(Pauser.class);
private final TargetSelector targetSelector;

private static final String UNPAUSE_ERROR_MESSAGE =
"Unpause operation failed. Scalar products might still be in a paused state. You"
+ " must restart related pods by using the `kubectl rollout restart deployment"
+ " <DEPLOYMENT_NAME>` command to unpause all pods. ";
private static final String PAUSE_ERROR_MESSAGE =
"Pause operation failed. You cannot use the backup that was taken during this pause"
+ " duration. You need to retry the pause operation from the beginning to"
+ " take a backup. ";
private static final String GET_TARGET_AFTER_PAUSE_ERROR_MESSAGE =
"Failed to find the target pods to examine if the targets pods were updated during"
+ " paused. ";
private static final String STATUS_CHECK_ERROR_MESSAGE =
"Status check failed. You cannot use the backup that was taken during this pause"
+ " duration. You need to retry the pause operation from the beginning to"
+ " take a backup. ";
private static final String STATUS_DIFFERENT_ERROR_MESSAGE =
"The target pods were updated during the pause duration. You cannot use the backup that"
+ " was taken during this pause duration. ";

/**
* @param namespace The namespace where the pods are deployed.
* @param helmReleaseName The Helm release name used to deploy the pods.
Expand Down Expand Up @@ -77,67 +94,155 @@ public PausedDuration pause(int pauseDuration, @Nullable Long maxPauseWaitTime)
"pauseDuration is required to be greater than 0 millisecond.");
}

TargetSnapshot target;
// Get pods and deployment information before pause.
TargetSnapshot targetBeforePause;
try {
target = targetSelector.select();
targetBeforePause = getTarget();
} catch (Exception e) {
throw new PauserException("Failed to find the target pods to pause.", e);
}

RequestCoordinator coordinator = getRequestCoordinator(target);

coordinator.pause(true, maxPauseWaitTime);

Instant startTime = Instant.now();
// Get RequestCoordinator of Scalar Admin to pause.
RequestCoordinator requestCoordinator;
try {
requestCoordinator = getRequestCoordinator(targetBeforePause);
} catch (Exception e) {
throw new PauserException("Failed to initialize the request coordinator.", e);
}

Uninterruptibles.sleepUninterruptibly(pauseDuration, TimeUnit.MILLISECONDS);
// From here, we cannot throw exceptions right after they occur because we need to take care of
// the unpause operation failure. We will throw the exception after the unpause operation or at
// the end of this method.

Instant endTime = Instant.now();
// Run a pause operation.
PausedDuration pausedDuration = null;
PauseFailedException pauseFailedException = null;
try {
pausedDuration = pauseInternal(requestCoordinator, pauseDuration, maxPauseWaitTime);
} catch (Exception e) {
pauseFailedException = new PauseFailedException("Pause operation failed.", e);
}

unpauseWithRetry(coordinator, MAX_UNPAUSE_RETRY_COUNT, target);
// Run an unpause operation.
UnpauseFailedException unpauseFailedException = null;
try {
unpauseWithRetry(requestCoordinator, MAX_UNPAUSE_RETRY_COUNT);
} catch (Exception e) {
unpauseFailedException = new UnpauseFailedException("Unpause operation failed.", e);
}

// Get pods and deployment information after pause.
TargetSnapshot targetAfterPause;
try {
targetAfterPause = targetSelector.select();
targetAfterPause = getTarget();
} catch (Exception e) {
throw new PauserException(
"Failed to find the target pods to examine if the targets pods were updated during"
+ " paused.",
e);
PauserException pauserException =
new PauserException(GET_TARGET_AFTER_PAUSE_ERROR_MESSAGE, e);
if (unpauseFailedException == null) {
throw pauserException;
} else {
throw new UnpauseFailedException(UNPAUSE_ERROR_MESSAGE, pauserException);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This code seems to drop the cause of unpauseFailedException. How about just adding pauserException to the unpauseFailedException as a suppressed one?

    // Run an unpause operation.
    UnpauseFailedException unpauseFailedException = null;
    try {
      unpauseWithRetry(requestCoordinator, MAX_UNPAUSE_RETRY_COUNT);
    } catch (Exception e) {
      unpauseFailedException = new UnpauseFailedException(UNPAUSE_ERROR_MESSAGE, e);
    }

    // Get pods and deployment information after pause.
    TargetSnapshot targetAfterPause;
    try {
      targetAfterPause = getTarget();
    } catch (Exception e) {
      PauserException pauserException =
          new PauserException(GET_TARGET_AFTER_PAUSE_ERROR_MESSAGE, pauserException);
      if (unpauseFailedException == null) {
        throw pauserException;
      } else {
        unpauseFailedException.addSuppressed(e);
        throw unpauseFailedException;
      }
    }

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@komamitsu
Ah, I see. Indeed, it drops the cause of unpauseFailedException... I overlooked it...

I think this issue should be resolved on the buildException() side, which we are discussing in another comment. So, I will fix it in the buildException() process.

Thank you for pointing it out!

}
}

if (!target.getStatus().equals(targetAfterPause.getStatus())) {
throw new PauserException("The target pods were updated during paused. Please retry.");
// Check if pods and deployment information are the same between before pause and after pause.
boolean isTargetStatusEqual;
try {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How about executing this block only when targetAfterPause != null? The method seems to return StatusUnmatchedException when the argument after is null, but in this case comparing before and after itself isn't conducted.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, yes. That's right. I will fix it. Thank you for the suggestion!

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in 5cca44c.

isTargetStatusEqual = targetStatusEquals(targetBeforePause, targetAfterPause);
} catch (Exception e) {
StatusCheckFailedException statusCheckFailedException =
new StatusCheckFailedException(STATUS_CHECK_ERROR_MESSAGE, e);
if (unpauseFailedException == null) {
throw statusCheckFailedException;
} else {
throw new UnpauseFailedException(UNPAUSE_ERROR_MESSAGE, statusCheckFailedException);
}
}

return new PausedDuration(startTime, endTime);
// Create an error message if any of the operations failed.
String errorMessage =
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[just an idea] Sorry for repeated minor suggestions. But, I just noticed adding additional exceptions to the primary exception might be an option so that all the detailed informations are preserved, although it would drop the benefit of outputting a fully concatenated error message in the first exception.

Like this:

    ...

    Exception exception = buildException(pauseFailedException, unpauseFailedException,
        statusCheckException, statusUnmatchedException);
    if (exception != null) {
      throw exception;
    }
    return pausedDuration;
  }
  
  @Nullable
  private Exception buildException(
      @Nullable PauseFailedException pauseFailedException,
      @Nullable UnpauseFailedException unpauseFailedException,
      @Nullable StatusCheckFailedException statusCheckFailedException,
      @Nullable StatusUnmatchedException statusUnmatchedException) {
    Exception exception = null;
    if (unpauseFailedException != null) {
      exception = unpauseFailedException;
    }
    if (pauseFailedException != null) {
      if (exception == null) {
        exception = pauseFailedException;
      } else {
        exception.addSuppressed(pauseFailedException);
      }
    }
    if (statusCheckFailedException != null) {
      if (exception == null) {
        exception = statusCheckFailedException;
      } else {
        exception.addSuppressed(statusCheckFailedException);
      }
    }
    if (statusUnmatchedException != null) {
      if (exception == null) {
        exception = statusUnmatchedException;
      } else {
        exception.addSuppressed(statusUnmatchedException);
      }
    }
    return exception;
  }

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1 to the idea ;)

With this, API clients can decide what to do based on the primary + secondary(suppressed) exceptions, e.g., primary = UnpauseFailedException, secondary = [StatusUnmatchedException].

@komamitsu Just wanted to confirm, you'd like to throw PauserExcpetion instead of Exception? 👀 Since all the exception types are subclasses of PauserExcpetion (e.g., PauseFailedException extends PauserExcpetion), I think it's ok to throw PauserExcpetion in this case? 🙄 (Or maybe I'm missing something :-)

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@monkey-mas Good point. Agreed, although StatusUnmatchedException doesn't exist at the moment 😁

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@komamitsu @monkey-mas
Thank you for your review and suggestions!
It looks good to me!
I'm fixing it now. Please give me a bit of time.

(I didn't know Throwable.addSuppressed(). I was able to learn one new thing about Java!)

createErrorMessage(unpauseFailedException, pauseFailedException, isTargetStatusEqual);

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it's more readable if we identify the cases here like the following and create error messages for each case.

boolean isAllOK = ...
boolean isPauseOkUnpauseNotOk = ...
boolean isPauseNotOkUnpauseOk = ...
boolean isPauseNotOkUnpauseNotOk = ...

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, I see. Indeed, your suggestion is more readable.

However, in the previous meeting, we (@komamitsu and I) discussed using boolean flags, and the result was Don't use flags (boolean variables) as long as possible to reduce status/variables so that we can make code simpler. So, I used the exceptions in the condition of the if statement.

Honestly, it's a bit difficult for me to decide which is better because I think both (more readable and simpler) make sense to me...

@komamitsu
What do you think?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

boolean isPauseOkUnpauseNotOk = ...

This may improve the readability. But it'd also introduce many states. So, I think it's a trade-off (or maybe matter of taste?).

The current code uses unpauseFailedException, pauseFailedException and compareTargetSuccessful as more informative alternative to simple boolean flags. If we introduces new flags flags like isPauseNotOkUnpauseOkCompareTargetNotOk (or state enum like enum PauseResult { SUCCESS, PAUSE_SUCCESS_AND_UNPAUSE_FAILED_AND_COMPARE_TARGET_SUCCESS, ... }?), we need to manage 8 (2 ** 3) states and it would make the method complex. So, I suggested to separately manage the 3 states as a simple way.

@kota2and3kan I think either is fine with us. I'm not insisting on my suggestion. You can go with any option you feel most confident in and comfortable being responsible for.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see. I got it.
I will consider which is better.
Thank you for your comment!

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the discussion in the meeting!
Based on the result of the discussion, I updated as follows:

  • Make the pause logic a bit simpler in 600e7b1 to reduce many conditions and branches.
  • Add code comments about our current decision in 909e596 for future development.

// We use the exceptions as conditions instead of using boolean flags like `isPauseOk`, etc. If
// we use boolean flags, it might cause a bit large number of combinations. For example, if we
// have three flags, they generate 2^3 = 8 combinations. It also might make the nested if
// statement or a lot of branches of the switch statement. That's why we don't use status flags
// for now.

// Return the final result based on each process.
if (unpauseFailedException != null) { // Unpause Failed.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if (unpauseFailedException != null) { // Unpause Failed.
if (unpauseFailedException != null) { // Unpause failed.

// Unpause issue is the most critical because it might cause system down.
throw new UnpauseFailedException(errorMessage, unpauseFailedException);
} else if (pauseFailedException != null) { // Pause Failed.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
} else if (pauseFailedException != null) { // Pause Failed.
} else if (pauseFailedException != null) { // Pause failed.

// Pause Failed is second priority because pause issue might be caused by configuration error.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// Pause Failed is second priority because pause issue might be caused by configuration error.
// Pause failure is the second priority because the pause issue might be caused by a configuration error.

throw new PauseFailedException(errorMessage, pauseFailedException);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The first PauseFailedException instance contains a PauseFailedException instance as a cause. Is it expected? How about making pauseFailedException just Exception not PauseFailedException?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@komamitsu
Ah, yes. You're right. I think we can throw the pauseFailedException as is instead of new PauseFailedException().

I will fix it. I think we can fix this issue on the buildException() side that we are discussing in another comment.

Thank you for pointing it out!

} else if (!isTargetStatusEqual) { // Target status changed.
// Target status changed is third priority because this issue might be caused by temporary
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// Target status changed is third priority because this issue might be caused by temporary
// Target status change is the third priority because this issue might be caused by temporary

// issue, for example, pod restarts.
throw new PauseFailedException(errorMessage);
} else {
// All operations succeeded.
return pausedDuration;
}
}

private void unpauseWithRetry(
RequestCoordinator coordinator, int maxRetryCount, TargetSnapshot target) {
@VisibleForTesting
void unpauseWithRetry(RequestCoordinator coordinator, int maxRetryCount) {
int retryCounter = 0;

while (true) {
try {
coordinator.unpause();
return;
} catch (Exception e) {
if (++retryCounter >= maxRetryCount) {
logger.warn(
"Failed to unpause Scalar product. They are still in paused. You must restart related"
+ " pods by using the `kubectl rollout restart deployment {}`"
+ " command to unpase all pods.",
target.getDeployment().getMetadata().getName());
return;
throw e;
}
}
}
}

@VisibleForTesting
TargetSnapshot getTarget() throws PauserException {
return targetSelector.select();
}
Comment on lines +202 to +205
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As I mentioned in another comment, I separated this targetSelector.select() as one method getTarget() for testing.


@VisibleForTesting
RequestCoordinator getRequestCoordinator(TargetSnapshot target) {
return new RequestCoordinator(
target.getPods().stream()
.map(p -> new InetSocketAddress(p.getStatus().getPodIP(), target.getAdminPort()))
.collect(Collectors.toList()));
}

@VisibleForTesting
PausedDuration pauseInternal(
RequestCoordinator requestCoordinator, int pauseDuration, @Nullable Long maxPauseWaitTime) {
requestCoordinator.pause(true, maxPauseWaitTime);
Instant startTime = Instant.now();
Uninterruptibles.sleepUninterruptibly(pauseDuration, TimeUnit.MILLISECONDS);
Instant endTime = Instant.now();
return new PausedDuration(startTime, endTime);
}

@VisibleForTesting
boolean targetStatusEquals(TargetSnapshot before, TargetSnapshot after) {
return before.getStatus().equals(after.getStatus());
}

private String createErrorMessage(
UnpauseFailedException unpauseFailedException,
PauseFailedException pauseFailedException,
boolean isTargetStatusEqual) {
StringBuilder errorMessageBuilder = new StringBuilder();
if (unpauseFailedException != null) {
errorMessageBuilder.append(UNPAUSE_ERROR_MESSAGE);
}
if (pauseFailedException != null) {
errorMessageBuilder.append(PAUSE_ERROR_MESSAGE);
}
if (!isTargetStatusEqual) {
errorMessageBuilder.append(STATUS_DIFFERENT_ERROR_MESSAGE);
}
return errorMessageBuilder.toString();
}
}
11 changes: 11 additions & 0 deletions lib/src/main/java/com/scalar/admin/kubernetes/StatusCheckFailedException.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
package com.scalar.admin.kubernetes;

public class StatusCheckFailedException extends PauserException {
public StatusCheckFailedException(String message) {
super(message);
}

public StatusCheckFailedException(String message, Throwable cause) {
super(message, cause);
}
}
11 changes: 11 additions & 0 deletions lib/src/main/java/com/scalar/admin/kubernetes/UnpauseFailedException.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
package com.scalar.admin.kubernetes;

public class UnpauseFailedException extends PauserException {
public UnpauseFailedException(String message) {
super(message);
}

public UnpauseFailedException(String message, Throwable cause) {
super(message, cause);
}
}
Loading