luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/agent/consul/session_ttl.go

145 lines
4.1 KiB
Go
Raw Normal View History

Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
package consul
import (
"fmt"
"time"
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
consul: Collect useful session metrics
2014-12-19 00:57:49 +00:00
"github.com/armon/go-metrics"
agent: move agent/consul/structs to agent/structs
2017-07-06 10:34:00 +00:00
"github.com/hashicorp/consul/agent/structs"
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
)
Retry with backoff on session invalidation failure (#2475)
2016-11-05 04:53:22 +00:00
const (
// maxInvalidateAttempts limits how many invalidate attempts are made
maxInvalidateAttempts = 6
// invalidateRetryBase is a baseline retry time
invalidateRetryBase = 10 * time.Second
)
Fix a bunch of typos.
2015-09-15 12:22:08 +00:00
// initializeSessionTimers is used when a leader is newly elected to create
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
// a new map to track session expiration and to reset all the timers from
// the previously known set of timers.
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
func (s *Server) initializeSessionTimers() error {
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
// Scan all sessions and reset their timer
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
state := s.fsm.State()
Adds fine-grained watches to session endpoints.
2017-01-24 18:08:14 +00:00
_, sessions, err := state.SessionList(nil)
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
if err != nil {
return err
}
for _, session := range sessions {
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
if err := s.resetSessionTimer(session.ID, session); err != nil {
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
return err
}
}
return nil
}
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
// resetSessionTimer is used to renew the TTL of a session.
// This can be used for new sessions and existing ones. A session
// will be faulted in if not given.
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
func (s *Server) resetSessionTimer(id string, session *structs.Session) error {
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
// Fault the session in if not given
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
if session == nil {
state := s.fsm.State()
Adds fine-grained watches to session endpoints.
2017-01-24 18:08:14 +00:00
_, s, err := state.SessionGet(nil, id)
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
if err != nil {
return err
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
}
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
if s == nil {
return fmt.Errorf("Session '%s' not found", id)
}
session = s
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
}
consul: Adding more tests for session TTLs
2014-12-13 05:42:59 +00:00
// Bail if the session has no TTL, fast-path some common inputs
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
switch session.TTL {
consul: Adding more tests for session TTLs
2014-12-13 05:42:59 +00:00
case "", "0", "0s", "0m", "0h":
Clean up code based on feedback from armon
2014-12-11 01:49:06 +00:00
return nil
}
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
// Parse the TTL, and skip if zero time
Clean up code based on feedback from armon
2014-12-11 01:49:06 +00:00
ttl, err := time.ParseDuration(session.TTL)
if err != nil {
return fmt.Errorf("Invalid Session TTL '%s': %v", session.TTL, err)
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
}
Clean up code based on feedback from armon
2014-12-11 01:49:06 +00:00
if ttl == 0 {
return nil
}
rpc: refactor sessionTimers and fix racy tests The sessionTimers map was secured by a lock which wasn't used properly in the tests. This lead to data races and failing tests when accessing the length or the members of the map. This patch adds a separate SessionTimers struct which is safe for concurrent use and which ecapsulates the behavior of the sessionTimers map.
2017-06-27 13:25:25 +00:00
s.createSessionTimer(session.ID, ttl)
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
return nil
}
rpc: refactor sessionTimers and fix racy tests The sessionTimers map was secured by a lock which wasn't used properly in the tests. This lead to data races and failing tests when accessing the length or the members of the map. This patch adds a separate SessionTimers struct which is safe for concurrent use and which ecapsulates the behavior of the sessionTimers map.
2017-06-27 13:25:25 +00:00
func (s *Server) createSessionTimer(id string, ttl time.Duration) {
// Reset the session timer
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
// Adjust the given TTL by the TTL multiplier. This is done
// to give a client a grace period and to compensate for network
// and processing delays. The contract is that a session is not expired
// before the TTL, but there is no explicit promise about the upper
// bound so this is allowable.
ttl = ttl * structs.SessionTTLMultiplier
rpc: refactor sessionTimers and fix racy tests The sessionTimers map was secured by a lock which wasn't used properly in the tests. This lead to data races and failing tests when accessing the length or the members of the map. This patch adds a separate SessionTimers struct which is safe for concurrent use and which ecapsulates the behavior of the sessionTimers map.
2017-06-27 13:25:25 +00:00
s.sessionTimers.ResetOrCreate(id, ttl, func() { s.invalidateSession(id) })
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
}
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
// invalidateSession is invoked when a session TTL is reached and we
// need to invalidate the session.
func (s *Server) invalidateSession(id string) {
consul: Collect useful session metrics
2014-12-19 00:57:49 +00:00
defer metrics.MeasureSince([]string{"consul", "session_ttl", "invalidate"}, time.Now())
Update metric names and add a legacy config flag
2017-10-04 23:43:27 +00:00
defer metrics.MeasureSince([]string{"session_ttl", "invalidate"}, time.Now())
rpc: refactor sessionTimers and fix racy tests The sessionTimers map was secured by a lock which wasn't used properly in the tests. This lead to data races and failing tests when accessing the length or the members of the map. This patch adds a separate SessionTimers struct which is safe for concurrent use and which ecapsulates the behavior of the sessionTimers map.
2017-06-27 13:25:25 +00:00
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
// Clear the session timer
rpc: refactor sessionTimers and fix racy tests The sessionTimers map was secured by a lock which wasn't used properly in the tests. This lead to data races and failing tests when accessing the length or the members of the map. This patch adds a separate SessionTimers struct which is safe for concurrent use and which ecapsulates the behavior of the sessionTimers map.
2017-06-27 13:25:25 +00:00
s.sessionTimers.Del(id)
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
// Create a session destroy request
args := structs.SessionRequest{
Datacenter: s.config.Datacenter,
Op: structs.SessionDestroy,
Session: structs.Session{
ID: id,
},
}
Retry with backoff on session invalidation failure (#2475)
2016-11-05 04:53:22 +00:00
// Retry with exponential backoff to invalidate the session
for attempt := uint(0); attempt < maxInvalidateAttempts; attempt++ {
_, err := s.raftApply(structs.SessionRequestType, args)
if err == nil {
s.logger.Printf("[DEBUG] consul.state: Session %s TTL expired", id)
return
}
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
s.logger.Printf("[ERR] consul.session: Invalidation failed: %v", err)
Retry with backoff on session invalidation failure (#2475)
2016-11-05 04:53:22 +00:00
time.Sleep((1 << attempt) * invalidateRetryBase)
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
}
Retry with backoff on session invalidation failure (#2475)
2016-11-05 04:53:22 +00:00
s.logger.Printf("[ERR] consul.session: maximum revoke attempts reached for session: %s", id)
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
}
// clearSessionTimer is used to clear the session time for
// a single session. This is used when a session is destroyed
// explicitly and no longer needed.
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
func (s *Server) clearSessionTimer(id string) error {
rpc: refactor sessionTimers and fix racy tests The sessionTimers map was secured by a lock which wasn't used properly in the tests. This lead to data races and failing tests when accessing the length or the members of the map. This patch adds a separate SessionTimers struct which is safe for concurrent use and which ecapsulates the behavior of the sessionTimers map.
2017-06-27 13:25:25 +00:00
s.sessionTimers.Stop(id)
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
return nil
}
consul: Minor cleanups
2014-12-12 23:43:34 +00:00
// clearAllSessionTimers is used when a leader is stepping
// down and we no longer need to track any session timers.
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
func (s *Server) clearAllSessionTimers() error {
rpc: refactor sessionTimers and fix racy tests The sessionTimers map was secured by a lock which wasn't used properly in the tests. This lead to data races and failing tests when accessing the length or the members of the map. This patch adds a separate SessionTimers struct which is safe for concurrent use and which ecapsulates the behavior of the sessionTimers map.
2017-06-27 13:25:25 +00:00
s.sessionTimers.StopAll()
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-11-25 16:06:14 +00:00
return nil
}
consul: Collect useful session metrics
2014-12-19 00:57:49 +00:00
// sessionStats is a long running routine used to capture
// the number of active sessions being tracked
func (s *Server) sessionStats() {
for {
select {
case <-time.After(5 * time.Second):
rpc: refactor sessionTimers and fix racy tests The sessionTimers map was secured by a lock which wasn't used properly in the tests. This lead to data races and failing tests when accessing the length or the members of the map. This patch adds a separate SessionTimers struct which is safe for concurrent use and which ecapsulates the behavior of the sessionTimers map.
2017-06-27 13:25:25 +00:00
metrics.SetGauge([]string{"consul", "session_ttl", "active"}, float32(s.sessionTimers.Len()))
Update metric names and add a legacy config flag
2017-10-04 23:43:27 +00:00
metrics.SetGauge([]string{"session_ttl", "active"}, float32(s.sessionTimers.Len()))
consul: Collect useful session metrics
2014-12-19 00:57:49 +00:00
case <-s.shutdownCh:
return
}
}
}