HADOOP-16085: use object version or etags to protect against inconsistent read after replace/overwrite

[ben-roling]

This is a new PR to replace #675 . The only difference vs what is on #675 is a merge of the latest code from trunk, resolution of minor merge conflicts when doing so, and squash down to a single commit.

#675 is being closed as-is to preserve the discussion there.

I have performed a full test run on this (against us-west-2 with a bucket with versioning enabled) which passed without any failing tests:

mvn -T 1C verify -Dparallel-tests -DtestsThreadCount=8 -Ds3guard -Ddynamo

Tests run: 860, Failures: 0, Errors: 0, Skipped: 145

[hadoop-yetus]

🎊 +1 overall

Vote	Subsystem	Runtime	Comment
0	reexec	503	Docker mode activated.
		_ Prechecks _
+1	dupname	2	No case conflicting files found.
+1	@author	0	The patch does not contain any @author tags.
+1	test4tests	0	The patch appears to include 25 new or modified test files.
		_ trunk Compile Tests _
0	mvndep	74	Maven dependency ordering for branch
+1	mvninstall	1069	trunk passed
+1	compile	1078	trunk passed
+1	checkstyle	142	trunk passed
+1	mvnsite	130	trunk passed
+1	shadedclient	1003	branch has no errors when building and testing our client artifacts.
+1	javadoc	104	trunk passed
0	spotbugs	62	Used deprecated FindBugs config; considering switching to SpotBugs.
+1	findbugs	183	trunk passed
		_ Patch Compile Tests _
0	mvndep	23	Maven dependency ordering for patch
+1	mvninstall	78	the patch passed
+1	compile	976	the patch passed
+1	javac	976	the patch passed
-0	checkstyle	145	root: The patch generated 27 new + 70 unchanged - 4 fixed = 97 total (was 74)
+1	mvnsite	130	the patch passed
+1	whitespace	0	The patch has no whitespace issues.
+1	xml	2	The patch has no ill-formed XML file.
+1	shadedclient	680	patch has no errors when building and testing our client artifacts.
+1	javadoc	109	the patch passed
+1	findbugs	204	the patch passed
		_ Other Tests _
+1	unit	513	hadoop-common in the patch passed.
+1	unit	288	hadoop-aws in the patch passed.
+1	asflicense	49	The patch does not generate ASF License warnings.
		7542

Subsystem	Report/Notes
Docker	Client=17.05.0-ce Server=17.05.0-ce base: https://builds.apache.org/job/hadoop-multibranch/job/PR-794/1/artifact/out/Dockerfile
GITHUB PR	#794
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient xml findbugs checkstyle
uname	Linux 234881f6471f 4.4.0-139-generic #165-Ubuntu SMP Wed Oct 24 10:58:50 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	personality/hadoop.sh
git revision	trunk / 865c328
Default Java	1.8.0_191
checkstyle	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/1/artifact/out/diff-checkstyle-root.txt
Test Results	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/1/testReport/
Max. process+thread count	1447 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common hadoop-tools/hadoop-aws U: .
Console output	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/1/console
versions	git=2.7.4 maven=3.3.9 findbugs=3.1.0-RC1
Powered by	Apache Yetus 0.10.0 http://yetus.apache.org

This message was automatically generated.

[ben-roling]

I've pushed a commit that adds retries as discussed in #675 (comment)

The retries happen in S3AInputStream if the version doesn't match on initial open. There are no retries if the version doesn't match on re-open (during seek() backwards).

Retries also happen for rename() and select().

Testing was added in ITestS3ARemoteFileChanged. I used Mockito.spy() on the s3 client to stub in inconsistent responses until a threshold of retries is met.

I've run the full test suite (against a bucket with versioning enabled in us-west-2):

mvn -T 1C verify -Dparallel-tests -DtestsThreadCount=8 -Ds3guard -Ddynamo

[ERROR] Tests run: 896, Failures: 0, Errors: 2, Skipped: 145

The two errors were in ITestDirectoryCommitMRJob and ITestS3GuardConcurrentOps, which succeeded when run individually:

mvn -T 1C verify -Dtest=skip -Dit.test=ITestDirectoryCommitMRJob -Ds3guard -Ddynamo
mvn -T 1C verify -Dtest=skip -Dit.test=ITestS3GuardConcurrentOps -Ds3guard -Ddynamo

#675 (comment) suggests possibly different retry settings for these scenarios. I haven't done that, at least yet. Perhaps that can be carved off as another issue. Similarly, I haven't implemented the HADOOP-13293 proposal. I'm open to those things but would like to get the rest of this settled (merged) first if possible.

[steveloughran]

thanks, I'm checking this out and going to test/review it locally. with the goal of getting it in this week. I might do some changes to the PR locally and push them up as a branch for you to cherry-pick in, as that is potentially easier than me just adding a large set of bits of homework for you to do. Would that be OK? it should save time all round

[ben-roling]

Great, thanks Steve!

I might do some changes to the PR locally and push them up as a branch for you to cherry-pick in, as that is potentially easier than me just adding a large set of bits of homework for you to do. Would that be OK? it should save time all round

Sure, that sounds good to me.

[steveloughran]

Right, I've done my edits and will put it up as a PR alongside that: if you cherry pick my patch in here, then I'll close/delete that one and this will have everything in.

That patch is me just going through my review comments and doing them.

I am seeing failures with testRenameEventuallyConsistentFile on some options, despite my efforts to understand it. Either the mock #of times to fake a failure is wrong, my changed retry policy isn't (now) being overridden or something else is up. Can you test and make sure it is still good for you?

[steveloughran]

See #803

[ben-roling]

Thanks Steve! I'll have a look over it and see what's up with testRenameEventuallyConsistentFile.

[ben-roling]

I looked over your changes and they all made sense to me. Thanks for cleaning up my mistakes :) . I've fast-forwarded this PR branch to include your commit.

The change to add the annotation that labeled the parameters on the parameterized tests is especially nice. Embarrassingly I hadn't learned about that one yet.

After pulling your changes in I re-ran testRenameEventuallyConsistentFile again and all permutations succeeded against a bucket with object versioning enabled. I did see a reproducible failure on (etag, client) against a bucket with versioning disabled. I'll dig into that further. Which permutations are failing for you?

[ben-roling]

The latest commit fixes the test failures I was seeing against a bucket with versioning disabled. In the (etag,client) case for testRenameEventuallyConsistentFile, stubbing of inconsistent responses from AmazonS3.copyObject() was incorrect. For that case we should never see a "precondition failed" response since we don't pass any eTag or versionId qualification on the request.

There were a few other failures in test methods that require versioning since I hadn't copied the code that executes the assumption to make sure versioning is there.

I ran the full ITestS3ARemoteFileChanged once each against a bucket with versioning enabled and a bucket with versioning disabled and all tests either succeeded or were skipped as expected.

I will run the full test suite again against a bucket with versioning disabled just in case there are somehow other failures to uncover there since previously I only ran the suite against a bucket with versioning enabled.

[hadoop-yetus]

🎊 +1 overall

Vote	Subsystem	Runtime	Comment
0	reexec	57	Docker mode activated.
		_ Prechecks _
+1	dupname	1	No case conflicting files found.
+1	@author	0	The patch does not contain any @author tags.
+1	test4tests	0	The patch appears to include 25 new or modified test files.
		_ trunk Compile Tests _
0	mvndep	78	Maven dependency ordering for branch
+1	mvninstall	1254	trunk passed
+1	compile	1276	trunk passed
+1	checkstyle	162	trunk passed
+1	mvnsite	135	trunk passed
+1	shadedclient	1043	branch has no errors when building and testing our client artifacts.
+1	javadoc	109	trunk passed
0	spotbugs	67	Used deprecated FindBugs config; considering switching to SpotBugs.
+1	findbugs	193	trunk passed
		_ Patch Compile Tests _
0	mvndep	24	Maven dependency ordering for patch
+1	mvninstall	79	the patch passed
+1	compile	1104	the patch passed
+1	javac	1104	the patch passed
-0	checkstyle	146	root: The patch generated 29 new + 70 unchanged - 4 fixed = 99 total (was 74)
+1	mvnsite	123	the patch passed
+1	whitespace	0	The patch has no whitespace issues.
+1	xml	3	The patch has no ill-formed XML file.
+1	shadedclient	671	patch has no errors when building and testing our client artifacts.
+1	javadoc	89	the patch passed
+1	findbugs	207	the patch passed
		_ Other Tests _
+1	unit	562	hadoop-common in the patch passed.
+1	unit	270	hadoop-aws in the patch passed.
+1	asflicense	44	The patch does not generate ASF License warnings.
		7587

Subsystem	Report/Notes
Docker	Client=17.05.0-ce Server=17.05.0-ce base: https://builds.apache.org/job/hadoop-multibranch/job/PR-794/3/artifact/out/Dockerfile
GITHUB PR	#794
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient xml findbugs checkstyle
uname	Linux cad520a187b1 4.4.0-138-generic #164-Ubuntu SMP Tue Oct 2 17:16:02 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	personality/hadoop.sh
git revision	trunk / 3418bbb
Default Java	1.8.0_191
checkstyle	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/3/artifact/out/diff-checkstyle-root.txt
Test Results	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/3/testReport/
Max. process+thread count	1387 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common hadoop-tools/hadoop-aws U: .
Console output	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/3/console
versions	git=2.7.4 maven=3.3.9 findbugs=3.1.0-RC1
Powered by	Apache Yetus 0.10.0 http://yetus.apache.org

This message was automatically generated.

[hadoop-yetus]

🎊 +1 overall

Vote	Subsystem	Runtime	Comment
0	reexec	30	Docker mode activated.
		_ Prechecks _
+1	dupname	2	No case conflicting files found.
+1	@author	0	The patch does not contain any @author tags.
+1	test4tests	0	The patch appears to include 25 new or modified test files.
		_ trunk Compile Tests _
0	mvndep	66	Maven dependency ordering for branch
+1	mvninstall	1039	trunk passed
+1	compile	1020	trunk passed
+1	checkstyle	141	trunk passed
+1	mvnsite	132	trunk passed
+1	shadedclient	1004	branch has no errors when building and testing our client artifacts.
+1	javadoc	106	trunk passed
0	spotbugs	67	Used deprecated FindBugs config; considering switching to SpotBugs.
+1	findbugs	185	trunk passed
		_ Patch Compile Tests _
0	mvndep	23	Maven dependency ordering for patch
+1	mvninstall	76	the patch passed
+1	compile	958	the patch passed
+1	javac	958	the patch passed
-0	checkstyle	144	root: The patch generated 29 new + 70 unchanged - 4 fixed = 99 total (was 74)
+1	mvnsite	125	the patch passed
+1	whitespace	0	The patch has no whitespace issues.
+1	xml	3	The patch has no ill-formed XML file.
+1	shadedclient	685	patch has no errors when building and testing our client artifacts.
+1	javadoc	105	the patch passed
+1	findbugs	203	the patch passed
		_ Other Tests _
+1	unit	528	hadoop-common in the patch passed.
+1	unit	285	hadoop-aws in the patch passed.
+1	asflicense	53	The patch does not generate ASF License warnings.
		6939

Subsystem	Report/Notes
Docker	Client=17.05.0-ce Server=17.05.0-ce base: https://builds.apache.org/job/hadoop-multibranch/job/PR-794/4/artifact/out/Dockerfile
GITHUB PR	#794
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient xml findbugs checkstyle
uname	Linux de5a731ca399 4.4.0-138-generic #164-Ubuntu SMP Tue Oct 2 17:16:02 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	personality/hadoop.sh
git revision	trunk / 0c5fa2e
Default Java	1.8.0_191
checkstyle	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/4/artifact/out/diff-checkstyle-root.txt
Test Results	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/4/testReport/
Max. process+thread count	1448 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common hadoop-tools/hadoop-aws U: .
Console output	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/4/console
versions	git=2.7.4 maven=3.3.9 findbugs=3.1.0-RC1
Powered by	Apache Yetus 0.10.0 http://yetus.apache.org

This message was automatically generated.

[ben-roling]

I will run the full test suite again against a bucket with versioning disabled just in case there are somehow other failures to uncover there since previously I only ran the suite against a bucket with versioning enabled.

I completed the test run (us-west-2, bucket with versioning disabled):

mvn -T 1C verify -Dparallel-tests -DtestsThreadCount=8 -Ds3guard -Ddynamo

[ERROR] Tests run: 896, Failures: 1, Errors: 3, Skipped: 189

The 3 errors and 1 failure were spread across ITestS3AContractGetFileStatusV1List, ITestDirectoryCommitMRJob, and ITestS3GuardToolDynamoDB, which succeeded when ran individually.

mvn -T 1C verify -Dtest=skip -Dit.test=ITestS3AContractGetFileStatusV1List -Ds3guard -Ddynamo
mvn -T 1C verify -Dtest=skip -Dit.test=ITestDirectoryCommitMRJob -Ds3guard -Ddynamo
mvn -T 1C verify -Dtest=skip -Dit.test=ITestS3GuardToolDynamoDB -Ds3guard -Ddynamo

[steveloughran]

The change to add the annotation that labeled the parameters on the parameterized tests is especially nice. Embarrassingly I hadn't learned about that one yet.

I only learned about it last week. Note, for any code which creates FS paths via calls to getMethodName, you need to have strings which can form valid paths (no spaces etc)

[steveloughran]

One thing which needs changing: the error message. Currently it says "on position -X" but now it should describe what operation failed

org.apache.hadoop.fs.s3a.RemoteFileChangedException: copy `s3a://hwdev-steve-ireland-new/test/testRenameEventuallyConsistentDirectory[bogus-bogus]/sourcedir/inconsistent': ETag change detected while reading at position 0. Expected 9d4c55e9fcea10126a50efe60111e522 got b81ae3a09fdd252ca7b30bddfa3cf2bd

[ben-roling]

One thing which needs changing: the error message. Currently it says "on position -X" but now it should describe what operation failed

Ah, yes, the "reading" and position mention is kind of misleading. It does mention the operation, but that is easy to overlook:

org.apache.hadoop.fs.s3a.RemoteFileChangedException: copy ...

[steveloughran]

new exception will include the operation and only include a position if >= 0:

org.apache.hadoop.fs.s3a.RemoteFileChangedException: copy `s3a://hwdev-steve-ireland-new/test/testRenameEventuallyConsistentDirectory[bogus-bogus]/sourcedir/inconsistent': ETag change detected on copy. Expected 9d4c55e9fcea10126a50efe60111e522 got b81ae3a09fdd252ca7b30bddfa3cf2bd

[ben-roling]

new exception will include the operation and only include a position if >= 0:

Sounds good to me. Are you crafting a commit for that? If not I can do it here in a bit.

[steveloughran]

here: #807

-move CopyOutcome into fs.s3a.impl package
-add new (failing) test for directory renaming where one of the files underneath is eventually consistent.
-pull out commonanity from test methods (spyOnFilesystem(), expectReadFailure())
-intercept() calls provide details on failure, primarily just by returning the result of the operation expected to fail.
-ChangeDetectionPolicy-raised exceptions on copy failures don't include position any more
-cache/restore metastore so even on test failures mockito is involved on teardown

Tests: yes, some fail, testRenameEventuallyConsistent* depending on the options. I think its really down to "how many failures are being generated"...but I don't want to blindly change them until they work, not without knowing why

[ben-roling]

Perfect. I had a quick review of your changes and as before they look good. The additional logging in the tests should be especially helpful.

I'll give the tests a run to presumably reproduce the failures and then help explain and fix them. I have to step away from it for a little bit here but I should be able to come back to it a little later today.

[steveloughran]

That'd be great. If you turn @debug logging on for the tests you can get a better view of what's happening in terms of when an operation is being called.

Now some other issues

1. if the versionId is known, should it be included in the getObjectMetadata() Call? Right now it's being checked on the client, but GetObjectMetadataRequest does take a version ID which could be passed in

2. the copy operation has moved from once() to retry(), something I've updated in the @Retry tag.

But:

• getObjectMetdata() Already does retry: it shouldn't be wrapped in case of extended connection failures amplifying delays
• I Believe the transfer manager is meant to do its own recovery. (but I've also known it to fail once with a 200 + Error) state

I'm worried that the addition of retry resilience may be putting a double wrapper around existing failure conditions and their retries.

• Given that getObjectMetadata() only needs the new retry to handle its eventualness, if we passed the ChangeTracker into that method, the existing retry-invoked operation could both set the version ID and check on the client side for problems. It would then be pulled out into its own once() call just to translate exceptions.

• And for the transfer, we could have it retrying with a (new) retry policy which only retries on 412 responses, so any other failure doesn't trigger a retry.

BTW, note that the CopyOutcome class only stores SdkBaseExceptions raised in the copy, as does the method to await the copy to complete. I've not put that through all the way through the other bits of the patch, but think it makes sense as other failures shouldn't need to be considered by the change tracker.

[ben-roling]

Good catches. This retry stuff is a bit tricky. I obviously overlooked the fact that getObjectMetadata() was retrying. That also needs to be considered in S3AFileSystem.select() where I added a layer of retries to wait for consistency, but it is wrapping getObjectMetadata() as well.

A getObjectMetadata() that takes the ChangeTracker as you suggest seems like it could apply in both copyFile() and select(). It seems like a good approach to try. I assume maybe you are already taking a shot at that? If not, I can give it a whirl.

[ben-roling]

BTW, note that the CopyOutcome class only stores SdkBaseExceptions raised in the copy, as does the method to await the copy to complete. I've not put that through all the way through the other bits of the patch, but think it makes sense as other failures shouldn't need to be considered by the change tracker.

Yep, agree.

[ben-roling]

Hey @steveloughran - I think I've covered everything previously discussed now if you can have a look again?

One thing I did notice with my last update is that the exception message from copyFile() does not qualify the paths. That's previous behavior, but I'm guess was a mistake? Should I make an update here to qualify those? You can see an example in what I added to s3guard.md.

I'll be running the full test suite again and posting the results.

[ben-roling]

BTW, note that the CopyOutcome class only stores SdkBaseExceptions raised in the copy, as does the method to await the copy to complete. I've not put that through all the way through the other bits of the patch

Realized I forgot that. 57ad29b covers it.

[hadoop-yetus]

🎊 +1 overall

Vote	Subsystem	Runtime	Comment
0	reexec	37	Docker mode activated.
		_ Prechecks _
+1	dupname	2	No case conflicting files found.
+1	@author	0	The patch does not contain any @author tags.
+1	test4tests	0	The patch appears to include 25 new or modified test files.
		_ trunk Compile Tests _
0	mvndep	61	Maven dependency ordering for branch
+1	mvninstall	1051	trunk passed
+1	compile	1131	trunk passed
+1	checkstyle	132	trunk passed
+1	mvnsite	116	trunk passed
+1	shadedclient	955	branch has no errors when building and testing our client artifacts.
+1	javadoc	87	trunk passed
0	spotbugs	61	Used deprecated FindBugs config; considering switching to SpotBugs.
+1	findbugs	177	trunk passed
		_ Patch Compile Tests _
0	mvndep	21	Maven dependency ordering for patch
+1	mvninstall	71	the patch passed
+1	compile	964	the patch passed
+1	javac	964	the patch passed
-0	checkstyle	142	root: The patch generated 39 new + 70 unchanged - 4 fixed = 109 total (was 74)
+1	mvnsite	127	the patch passed
+1	whitespace	1	The patch has no whitespace issues.
+1	xml	3	The patch has no ill-formed XML file.
+1	shadedclient	695	patch has no errors when building and testing our client artifacts.
+1	javadoc	104	the patch passed
+1	findbugs	198	the patch passed
		_ Other Tests _
+1	unit	513	hadoop-common in the patch passed.
+1	unit	284	hadoop-aws in the patch passed.
+1	asflicense	52	The patch does not generate ASF License warnings.
		7860

Subsystem	Report/Notes
Docker	Client=17.05.0-ce Server=17.05.0-ce base: https://builds.apache.org/job/hadoop-multibranch/job/PR-794/8/artifact/out/Dockerfile
GITHUB PR	#794
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient xml findbugs checkstyle
uname	Linux 6eb65570ba50 4.4.0-139-generic #165-Ubuntu SMP Wed Oct 24 10:58:50 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	personality/hadoop.sh
git revision	trunk / 5847e00
Default Java	1.8.0_191
checkstyle	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/8/artifact/out/diff-checkstyle-root.txt
Test Results	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/8/testReport/
Max. process+thread count	1389 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common hadoop-tools/hadoop-aws U: .
Console output	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/8/console
versions	git=2.7.4 maven=3.3.9 findbugs=3.1.0-RC1
Powered by	Apache Yetus 0.10.0 http://yetus.apache.org

This message was automatically generated.

[ben-roling]

Test run complete against a bucket in us-west-2 with object versioning enabled:

mvn -T 1C verify -Dparallel-tests -DtestsThreadCount=8 -Ds3guard -Ddynamo

[ERROR] Errors:
[ERROR]   ITestDirectoryCommitMRJob>AbstractITCommitMRJob.testMRJob:133->AbstractFSContractTestBase.assertIsDirectory:327 » FileNotFound
[INFO]
[ERROR] Tests run: 933, Failures: 0, Errors: 1, Skipped: 145

ITestDirectoryCommitMRJob completed successfully when run again individually:

mvn -T 1C verify -Dtest=skip -Dit.test=ITestDirectoryCommitMRJob -Ds3guard -Ddynamo

I'll do another run with a bucket with object versioning disabled.

[hadoop-yetus]

🎊 +1 overall

Vote	Subsystem	Runtime	Comment
0	reexec	1554	Docker mode activated.
		_ Prechecks _
+1	dupname	1	No case conflicting files found.
+1	@author	0	The patch does not contain any @author tags.
+1	test4tests	0	The patch appears to include 25 new or modified test files.
		_ trunk Compile Tests _
0	mvndep	98	Maven dependency ordering for branch
+1	mvninstall	1218	trunk passed
+1	compile	1270	trunk passed
+1	checkstyle	152	trunk passed
+1	mvnsite	130	trunk passed
+1	shadedclient	1045	branch has no errors when building and testing our client artifacts.
+1	javadoc	95	trunk passed
0	spotbugs	68	Used deprecated FindBugs config; considering switching to SpotBugs.
+1	findbugs	196	trunk passed
		_ Patch Compile Tests _
0	mvndep	22	Maven dependency ordering for patch
+1	mvninstall	81	the patch passed
+1	compile	1297	the patch passed
+1	javac	1297	the patch passed
-0	checkstyle	151	root: The patch generated 39 new + 70 unchanged - 4 fixed = 109 total (was 74)
+1	mvnsite	129	the patch passed
+1	whitespace	0	The patch has no whitespace issues.
+1	xml	3	The patch has no ill-formed XML file.
+1	shadedclient	702	patch has no errors when building and testing our client artifacts.
+1	javadoc	106	the patch passed
+1	findbugs	204	the patch passed
		_ Other Tests _
+1	unit	581	hadoop-common in the patch passed.
+1	unit	296	hadoop-aws in the patch passed.
+1	asflicense	51	The patch does not generate ASF License warnings.
		9383

Subsystem	Report/Notes
Docker	Client=17.05.0-ce Server=17.05.0-ce base: https://builds.apache.org/job/hadoop-multibranch/job/PR-794/9/artifact/out/Dockerfile
GITHUB PR	#794
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient xml findbugs checkstyle
uname	Linux c75e51fa5147 4.4.0-138-generic #164-Ubuntu SMP Tue Oct 2 17:16:02 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	personality/hadoop.sh
git revision	trunk / 5847e00
Default Java	1.8.0_191
checkstyle	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/9/artifact/out/diff-checkstyle-root.txt
Test Results	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/9/testReport/
Max. process+thread count	1387 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common hadoop-tools/hadoop-aws U: .
Console output	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/9/console
versions	git=2.7.4 maven=3.3.9 findbugs=3.1.0-RC1
Powered by	Apache Yetus 0.10.0 http://yetus.apache.org

This message was automatically generated.

[ben-roling]

I'll do another run with a bucket with object versioning disabled.

That's done now. Like when I ran with versioning enabled, the only test with an error was ITestDirectoryCommitMRJob>AbstractITCommitMRJob.testMRJob, which succeeded on an individual run:

[ERROR] Errors:
[ERROR]   ITestDirectoryCommitMRJob>AbstractITCommitMRJob.testMRJob:133->AbstractFSContractTestBase.assertIsDirectory:327 » FileNotFound
[INFO]
[ERROR] Tests run: 933, Failures: 0, Errors: 1, Skipped: 205

[steveloughran]

I'm travelling right now & can't review this until wed/thur -it's got priority as I want this in.

The failure of the MR commit is interesting as I'm seeing it too -I need to understand why that test is being flaky. Big Q: is it only with this patch which makes it surface? If you could do a test run with your settings against trunk, that'd help isolate us.

BTW PR #818 does the SDK update. Again, having a play with that would be good in general.

w.r.t qualifying paths in errors, there's no consistency. I like to get the full FS URI as it helps debug things.

[ben-roling]

Thanks Steve, hope you have a great trip.

I've seen the ITestDirectoryCommitMRJob failure before. I noted it on my PR for HADOOP-16221.

It looks to me like you logged the issue as HADOOP-16207 back on March 26. The only change I worked on that got in before that was for HADOOP-15625. I suppose it is possible that it is somehow related to that. I can try a run from the commit just prior to that. I'll also have a closer look at that test to see if I can deduce what might be going wrong.

[steveloughran]

Ben: my etag-server version of the NPE test is failing on the client. Probably there's some config quirk surfacing where the options aren't being cleared. Changing the text of the exception to be clear it's on the client

org.apache.hadoop.fs.s3a.RemoteFileChangedException: copy `s3a://hwdev-steve-ireland-new/test/rename-eventuallyNPE.dat': ETag change detected on client during copy. Expected b81ae3a09fdd252ca7b30bddfa3cf2bd got 9d4c55e9fcea10126a50efe60111e522

	at org.apache.hadoop.fs.s3a.impl.ChangeDetectionPolicy.onChangeDetected(ChangeDetectionPolicy.java:306)
	at org.apache.hadoop.fs.s3a.impl.ChangeTracker.processNewRevision(ChangeTracker.java:287)
	at org.apache.hadoop.fs.s3a.impl.ChangeTracker.processMetadata(ChangeTracker.java:259)
	at org.apache.hadoop.fs.s3a.S3AFileSystem.lambda$getObjectMetadata$5(S3AFileSystem.java:1587)
	at org.apache.hadoop.fs.s3a.Invoker.retryUntranslated(Invoker.java:406)
	at org.apache.hadoop.fs.s3a.Invoker.retryUntranslated(Invoker.java:369)
	at org.apache.hadoop.fs.s3a.S3AFileSystem.getObjectMetadata(S3AFileSystem.java:1579)
	at org.apache.hadoop.fs.s3a.S3AFileSystem.lambda$copyFile$13(S3AFileSystem.java:3030)
	at org.apache.hadoop.fs.s3a.Invoker.once(Invoker.java:109)
	at org.apache.hadoop.fs.s3a.S3AFileSystem.copyFile(S3AFileSystem.java:3028)
	at org.apache.hadoop.fs.s3a.S3AFileSystem.innerRename(S3AFileSystem.java:1258)
	at org.apache.hadoop.fs.s3a.S3AFileSystem.rename(S3AFileSystem.java:1119)
	at org.apache.hadoop.fs.s3a.ITestS3ARemoteFileChanged.lambda$testRenameEventuallyConsistentFileNPE$6(ITestS3ARemoteFileChanged.java:573)
	at org.apache.hadoop.test.LambdaTestUtils.intercept(LambdaTestUtils.java:498)
	at org.apache.hadoop.fs.s3a.ITestS3ARemoteFileChanged.testRenameEventuallyConsistentFileNPE(ITestS3ARemoteFileChanged.java:570)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:55)
	at org.junit.internal.runners.statements.FailOnTimeout$CallableStatement.call(FailOnTimeout.java:298)
	at org.junit.internal.runners.statements.FailOnTimeout$CallableStatement.call(FailOnTimeout.java:292)

[steveloughran]

Created #824 with my changes.

@bgaborg and I worked out that the reason your tests were working but our test runs failing were because you'd explicitly set authoritative = false in your config files, whereas we were going with the default, and for hadoop-aws test runs, auth is automatically set to true (we should look at that elsewhere).

Also made some other changes about error reporting and how assertions on exceptions in test failures are examined. FWIW, here's my (best practises on test design)[https://github.com/steveloughran/formality/blob/master/styleguide/styleguide.md], a two keys ones being:

• never hard code the string to check for in an exception if you have a choice, just add some constant in src/main and refer to it in both places
• stack traces are too precious to lose.

With these test we have consistent test runs. Let's see what Yetus says.

We've been discussing how we ought to actually switch between auth and nonauth mode in some of the parameterized tests so we can actually explore both options; the value of getObjectMetadata() calls expected in the tests would be: isAuth? 0 : 1. Do you want to try that?

once we've got that test coverage down and we are all happy with our test suites working locally, we should be done

[ben-roling]

@bgaborg and I worked out that the reason your tests were working but our test runs failing were because you'd explicitly set authoritative = false in your config files, whereas we were going with the default, and for hadoop-aws test runs, auth is automatically set to true (we should look at that elsewhere).

Hmmm, strange. I haven't actually set anything about auth mode in my config. I'll have to look at this again. Unfortunately I have some other things going on here that are probably going to require most of my attention today. I will get back to this as quickly as I can.

[steveloughran]

OK, I'll do the following

• tweak the tests as proposed to switch auth options
• my proposed change to Listing.java
• test against unversioned bucket

as soon as you can after that, if you can do a test run and are happy then we will declare victory here, get it in, and I can then worry about merge conflicts with HADOOP-15183 in that PR alone.

[steveloughran]

Also:

• Adding something to the test docs about versioned stores.
• s3guard bucket info now prints the change policy

bin/hadoop s3guard bucket-info s3a://hwdev-steve-ireland-new/
Filesystem s3a://hwdev-steve-ireland-new
Location: eu-west-1
Filesystem s3a://hwdev-steve-ireland-new is using S3Guard with store DynamoDBMetadataStore{region=eu-west-1, tableName=hwdev-steve-ireland-new, tableArn=arn:aws:dynamodb:eu-west-1:980678866538:table/hwdev-steve-ireland-new}
Authoritative S3Guard: fs.s3a.metadatastore.authoritative=false
Metadata Store Diagnostics:
	ARN=arn:aws:dynamodb:eu-west-1:980678866538:table/hwdev-steve-ireland-new
	billing-mode=per-request
	description=S3Guard metadata store in DynamoDB
	name=hwdev-steve-ireland-new
	persist.authoritative.bit=true
	read-capacity=0
	region=eu-west-1
	retryPolicy=ExponentialBackoffRetry(maxRetries=9, sleepTime=250 MILLISECONDS)
	size=108591
	status=ACTIVE
	table={AttributeDefinitions: [{AttributeName: child,AttributeType: S}, {AttributeName: parent,AttributeType: S}],TableName: hwdev-steve-ireland-new,KeySchema: [{AttributeName: parent,KeyType: HASH}, {AttributeName: child,KeyType: RANGE}],TableStatus: ACTIVE,CreationDateTime: Thu Oct 11 18:51:14 BST 2018,ProvisionedThroughput: {LastIncreaseDateTime: Tue Oct 30 16:48:45 GMT 2018,LastDecreaseDateTime: Tue Oct 30 18:00:03 GMT 2018,NumberOfDecreasesToday: 0,ReadCapacityUnits: 0,WriteCapacityUnits: 0},TableSizeBytes: 108591,ItemCount: 682,TableArn: arn:aws:dynamodb:eu-west-1:980678866538:table/hwdev-steve-ireland-new,TableId: a7b0728a-f008-4260-b2a0-ff3dd03367d1,}
	write-capacity=0
The "magic" committer is supported

S3A Client
	Signing Algorithm: fs.s3a.signing-algorithm=
	Endpoint: fs.s3a.endpoint=s3-eu-west-1.amazonaws.com
	Encryption: fs.s3a.server-side-encryption-algorithm=none
	Input seek policy: fs.s3a.experimental.input.fadvise=normal
	Change Detection Source: fs.s3a.change.detection.source=etag
	Change Detection Mode: fs.s3a.change.detection.mode=server
Delegation token support is disabled

[ben-roling]

I've looked at all your changes and they look good to me. I'll pull them into this PR shortly and repeat my test runs. You've definitely made some good improvements. The doc added to ITestRemoteFileChanged is especially nice.

for hadoop-aws test runs, auth is automatically set to true

Where is that happening? In my quick search I am not seeing it. It looks to me as though you would need to pass -Dauth to switch it on (something I have not done in any of my runs). If you've been running the tests with auth mode on then that does explain why tests were passing for me but not for you though and your fix looks like a good one.

moved from two spaces after a "." to one. Sorry.

No need to apologize - I'm not offended :) I'm struggling slightly to unlearn the two spaces thing. I'm not sure why, but I've only become aware of it recently and the behavior is so ingrained in me. I'm young enough not to have ever typed anything real on a typewriter yet for whatever reason in school I learned the two spaces.

[ben-roling]

I pushed a fast-forward to the latest commit from #824 into this PR.

Also, I completed my first full test suite run against a bucket with versioning disabled:

mvn -T 1C verify -Dparallel-tests -DtestsThreadCount=8 -Ds3guard -Ddynamo

[INFO] Results:
[INFO]
[ERROR] Failures:
[ERROR]   ITestS3AMiscOperations.testEmptyFileChecksums:147->Assert.assertEquals:118->Assert.failNotEquals:834->Assert.fail:88 checksums expected:<etag: "e1cdb893a982e62a4de587b1e3cbf7fb"> but was:<etag: "bc7a796a8fb5cd2d8bcf7f3c6479c188">
[ERROR]   ITestS3AMiscOperations.testNonEmptyFileChecksumsUnencrypted:199->Assert.assertEquals:118->Assert.failNotEquals:834->Assert.fail:88 checksums expected:<etag: "d96315e900853a75d6e4998a48a23c66"> but was:<etag: "52ce70aa15620acd1703adcc8dff8a91">
[ERROR] Errors:
[ERROR]   ITestDirectoryCommitMRJob>AbstractITCommitMRJob.testMRJob:133->AbstractFSContractTestBase.assertIsDirectory:327 » FileNotFound
[INFO]
[ERROR] Tests run: 933, Failures: 2, Errors: 1, Skipped: 205

The failures in ITestS3AMiscOperations seem to be related to the fact that I recently turned on default encryption on the bucket (to quiet some warnings I was getting from some best practice auditing my org does against buckets). I turned that back off and re-ran that test individually and it succeeded. I'll log a new JIRA to track that.

mvn -T 1C verify -Dtest=skip -Dit.test=ITestS3AMiscOperations -Ds3guard -Ddynamo

The failure from ITestDirectoryCommitMRJob is one that has been discussed before. Re-running that test individually yielded success.

mvn -T 1C verify -Dtest=skip -Dit.test=ITestDirectoryCommitMRJob -Ds3guard -Ddynamo

Now I'll run the suite one more time against a bucket with versioning enabled.

[ben-roling]

The failures in ITestS3AMiscOperations seem to be related to the fact that I recently turned on default encryption on the bucket (to quiet some warnings I was getting from some best practice auditing my org does against buckets). I turned that back off and re-ran that test individually and it succeeded. I'll log a new JIRA to track that.

Logged HADOOP-16319.

[ben-roling]

Now I'll run the suite one more time against a bucket with versioning enabled.

Done with that now too:

mvn -T 1C verify -Dtest=skip -Dit.test=ITestS3AMiscOperations -Ds3guard -Ddynamo

[INFO] Results:
[INFO]
[ERROR] Errors:
[ERROR]   ITestDirectoryCommitMRJob>AbstractITCommitMRJob.testMRJob:133->AbstractFSContractTestBase.assertIsDirectory:327 » FileNotFound
[INFO]
[ERROR] Tests run: 933, Failures: 0, Errors: 1, Skipped: 145

As before, ITestDirectoryCommitMRJob succeeds individually.

mvn -T 1C verify -Dtest=skip -Dit.test=ITestDirectoryCommitMRJob -Ds3guard -Ddynamo

I'm happy with everything here now. Thanks so much for all of your help! Let me know if there's anything more you'd like to see.

[hadoop-yetus]

🎊 +1 overall

Vote	Subsystem	Runtime	Comment
0	reexec	34	Docker mode activated.
		_ Prechecks _
+1	dupname	2	No case conflicting files found.
+1	@author	0	The patch does not contain any @author tags.
+1	test4tests	0	The patch appears to include 25 new or modified test files.
		_ trunk Compile Tests _
0	mvndep	56	Maven dependency ordering for branch
+1	mvninstall	1048	trunk passed
+1	compile	1030	trunk passed
+1	checkstyle	143	trunk passed
+1	mvnsite	132	trunk passed
+1	shadedclient	1019	branch has no errors when building and testing our client artifacts.
+1	javadoc	109	trunk passed
0	spotbugs	69	Used deprecated FindBugs config; considering switching to SpotBugs.
+1	findbugs	185	trunk passed
		_ Patch Compile Tests _
0	mvndep	24	Maven dependency ordering for patch
+1	mvninstall	79	the patch passed
+1	compile	985	the patch passed
+1	javac	985	the patch passed
-0	checkstyle	148	root: The patch generated 21 new + 70 unchanged - 4 fixed = 91 total (was 74)
+1	mvnsite	126	the patch passed
+1	whitespace	0	The patch has no whitespace issues.
+1	xml	3	The patch has no ill-formed XML file.
+1	shadedclient	687	patch has no errors when building and testing our client artifacts.
+1	javadoc	85	the patch passed
+1	findbugs	200	the patch passed
		_ Other Tests _
+1	unit	513	hadoop-common in the patch passed.
+1	unit	281	hadoop-aws in the patch passed.
+1	asflicense	43	The patch does not generate ASF License warnings.
		6925

Subsystem	Report/Notes
Docker	Client=17.05.0-ce Server=17.05.0-ce base: https://builds.apache.org/job/hadoop-multibranch/job/PR-794/10/artifact/out/Dockerfile
GITHUB PR	#794
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient xml findbugs checkstyle
uname	Linux 6871fdcb5766 4.4.0-139-generic #165-Ubuntu SMP Wed Oct 24 10:58:50 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	personality/hadoop.sh
git revision	trunk / 4cb3da6
Default Java	1.8.0_212
checkstyle	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/10/artifact/out/diff-checkstyle-root.txt
Test Results	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/10/testReport/
Max. process+thread count	1410 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common hadoop-tools/hadoop-aws U: .
Console output	https://builds.apache.org/job/hadoop-multibranch/job/PR-794/10/console
versions	git=2.7.4 maven=3.3.9 findbugs=3.1.0-RC1
Powered by	Apache Yetus 0.10.0 http://yetus.apache.org

This message was automatically generated.

[steveloughran]

OK, I'm happy with this, and am doing my preflight tests

• get the latest PR and retest
• tag, rebase onto trunk & retest (may need changes, though I hope not)
• if changes => new PR and yetus
• if not: merge

[steveloughran]

happy; rebase and retest. Tests in the final run failing were related to SSL (HADOOP-16050) and again, an intermittent v1 listing one.

We've seen that v1 list failure before so it's not related, at the same time I'm somewhat worried about hints of inconsistencies as well as the "why is this only the v1 test". Not letting it stop me here though

+1

[ben-roling]

The changes from this were merged into trunk as a36274d. As such, I think it makes sense to close this out.