lettuce-core: Add support for disconnect on timeout to recover early from no `RST` packet failures
Bug Report
I’m one of the Jedis Reviewers and our customers are experiencing unrecoverable issues with Lettuce in production.
Lettuce connects to a Redis host and reads and writes normally. However, if the host fails (the hardware problem directly causes the shutdown, and there is no RST reply to the client at this time), the client will continue to time out until the tcp retransmission ends, and it can be recovered. At this time, it takes about 925.6 s in Linux ( Refer to tcp_retries2 ).
set k v
client ------------------> redis
redis server down, no rst
set k v (retran) 1
tcp ------------------> redis (no reply)
set k v (retran) 2
tcp ------------------> redis (no reply)
... after 925.6s
RST
tcp ------------------> redis
reconnect
Why KeepAlive doesn’t fix this
https://github.com/lettuce-io/lettuce-core/issues/1437 (Lettuce supports the option to set KEEPALIVE since version 6.1.0 )
Because the priority of the retransmission packet is higher than that of keepalive, before reaching the keepalive stage, it will continue to retransmit until it is reconnected.
In what scenario is this question sent?
- In most cases, when the operating system is shut down and the process exits, RST can be returned to the client, but RST will not be returned when power is cut off or some machine hardware fails.
- In cloud environments, SLB is usually used. When the backend host fails, if the SLB does not support connection draining, there will be problems.
How to reproduce this issue
- Start a Redis on a certain port, let’s say 6379, and use the following code to connect to Redis.
RedisClient client = RedisClient.create(RedisURI.Builder.redis(host, port).withPassword(args[1])
.withTimeout(Duration.ofSeconds(timeout)).build());
client.setOptions(ClientOptions.builder()
.socketOptions(socketOptions)
.autoReconnect(autoReconnect)
.disconnectedBehavior(disconnectedBehavior)
.build());
RedisCommands<String, String> sync = client.connect().sync();
for (int i = 0; i < times; i++) {
Thread.sleep(1000);
try {
LOGGER.info("{}:{}", i, sync.set("" + i, "" + i));
} catch (Exception e) {
LOGGER.error("Set Exception: {}", e.getMessage());
}
}
- Use iptables to disable port 6379 packets on the Redis machine.
iptables -A INPUT -p tcp --dport 6379 -j DROP
iptables -A OUTPUT -p tcp --sport 6379 -j DROP
-
Observe that the client starts timing out and cannot recover until after 925.6 s (related to tcp_retries2)
-
After the test, clear the iptables rules
iptables -F INPUT
iptables -F OUTPUT
How to fix this
We should provide the activation mechanism of the application layer, that is, on the underlying Netty link, periodically insert the activation data packet, if the activation data packet times out, the client will initiate a reconnection to recover quickly.
How Jedis avoids this problem
Jedis is a connection pool mode. When an API times out, Jedis will destroy the link and obtain it again from the connection pool, which can avoid the above problems.
Environment
- Lettuce version(s): main branch
- Redis version: unstable branch
About this issue
- Original URL
- State: closed
- Created 2 years ago
- Reactions: 3
- Comments: 43 (25 by maintainers)
Commits related to this issue
- Introduce ping connecion handler PingConnectionHandler will periodically send PING commands to Redis Server, and decide whether to reconnect based on whether it fails (the current strategy is to reco... — committed to yangbodong22011/lettuce-core by yangbodong22011 2 years ago
- Introduce ping connecion handler PingConnectionHandler will periodically send PING commands to Redis Server, and decide whether to reconnect based on whether it fails (the current strategy is to reco... — committed to yangbodong22011/lettuce-core by yangbodong22011 2 years ago
- Introduce ping connecion handler PingConnectionHandler will periodically send PING commands to Redis Server, and decide whether to reconnect based on whether it fails (the current strategy is to reco... — committed to yangbodong22011/lettuce-core by yangbodong22011 2 years ago
- Introduce ping connecion handler PingConnectionHandler will periodically send PING commands to Redis Server, and decide whether to reconnect based on whether it fails (the current strategy is to reco... — committed to yangbodong22011/lettuce-core by yangbodong22011 2 years ago
- Support TCP_USER_TIMEOUT option #2082 Original pull request: #2499 — committed to lettuce-io/lettuce-core by yangbodong22011 10 months ago
- Polishing #2082 Add author and since, tags. Add Javadoc. Original pull request: #2499 — committed to lettuce-io/lettuce-core by mp911de 10 months ago
- Support TCP_USER_TIMEOUT option #2082 Original pull request: #2499 — committed to lettuce-io/lettuce-core by yangbodong22011 10 months ago
- Polishing #2082 Add author and since, tags. Add Javadoc. Original pull request: #2499 — committed to lettuce-io/lettuce-core by mp911de 10 months ago
@richieyan Thanks for your comments and code, I did some tests and here are the results:
The following tests have the following prerequisites:
KEEPALIVE_TIME = TCP_KEEPIDLE + TCP_KEEPINTVL * TCP_KEEPCNT
, If TCP_USER_TIMEOUT is less than KEEPALIVE_TIME, the KeepAlive process will be interrupted and the connection will be closed; if TCP_USER_TIMEOUT is greater than or equal to KEEPALIVE_TIME, KeepAlive will reconnect first.To reproduce this test, need to pay attention to:
Epoll
is used normally:summary
1, TCP_USER_TIMEOUT can indeed solve the problem of this issue on the Linux platform.
2,Not yet verified on MacOS and Windows.
Agreed, but I think a better strategy is to reconnect after X (1 by default)
consecutive timeouts
. The reasons are as follows:timout
to be very small, and the timeout is frequent for them, but the continuous timeout of X times may be an abnormal situation.@yangbodong22011 Sorry, that’s a dumb question… Great appreciate for your time and patience.
Waiting for @mp911de to have time to process it, we don’t have a firm strategy yet.
Snapshots are deployed at https://oss.sonatype.org/content/repositories/snapshots/io/lettuce/lettuce-core/6.3.0.BUILD-SNAPSHOT/lettuce-core-6.3.0.BUILD-20230901.094627-49.jar, also available for
6.2.7-BUILD-SNAPSHOT
@huaxne Set TCP_USER_TIMEOUT,see https://github.com/lettuce-io/lettuce-core/issues/2082#issuecomment-1407609439
@mp911de Would you consider adding a TCP_USER_TIMEOUT config to Lettuce to fix this, I can contribute a PR.
Refer #1428 , we resolve this problem by add keep-alive and tcp_user_timeout options in our client configuration.
Keep-alive wouldn’t work in a situation that client send request to server continuously,but server never ack. So we need tcp_user_timeout to check whether the connection is active or not. You can refer https://blog.cloudflare.com/when-tcp-sockets-refuse-to-die/ to know how tcp_user_timeout work.
You need add netty-transport-native-epoll to your dependencies
Gradle deps: check your lettuce version and use proper netty version
Java code example:
@mp911de What do you think of this strategy? If agreed, I will prepare a PR.
@yangbodong22011 Adding
TCP_USER_TIMEOUT
toSocketOptions
(tcpUserTimeout
) would be a great addition, happy to include that one.@chuckz1321 hey, here, It’s
millseconds
not seconds.