Make LoggingThread recover on all errors [RHELDST-332] #248
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Previously, LoggingThread would recover from any XML-RPC fault, but would stop when any other type of exception was encountered. That is a problem, as it means the worker will permanently give up sending messages to the hub when all kinds of temporary issues occur (e.g. a temporary network disruption between worker and hub). The task underneath may continue running for hours, with all log messages being discarded. Given the nature of this thread, it makes more sense to attempt recovering from all kinds of errors, as we should try hard not to lose log messages from a task. Fixes release-engineering#60 (This commit is a reimplementation of release-engineering#106)
rohanpm
approved these changes
Feb 7, 2024
|
Unfortunately, I've found out that this change increases the probability of the logging thread to never terminate. If the |
|
@rohanpm @crungehottman Do you have any ideas how to resolve #248 (comment) without effectively reverting changes introduced in this PR? |
crungehottman
added a commit
to crungehottman/kobo
that referenced
this pull request
Mar 14, 2024
In release-engineering#169, fatal LoggingThread errors were logged to the worker's local log file before exiting. In release-engineering#248, a more drastic measure was taken: all exceptions were indefinitely retried and the ability to write exceptions to the worker's local log file was removed. This approach could prevent the LoggingThread from terminating when encountering a fatal error. This commit combines the two approaches, backing out and exiting only after determining we've identified a persistent fatal error. The means by which we identify a fatal (vs a temporary/non-fatal) LoggingThread error is by simply retrying the `upload_task_log` method during a defined interval (defined by the LoggingThread's `_timeout` attribute). If the method continues to fail for the duration of the interval (i.e., does not succeed by the time the timeout is reached), we can consider the error to be fatal. At this point, we attempt to instead write the error to the worker's local log file, and raise the exception. Note that the timeout can be toggled using the `KOBO_LOGGING_THREAD_TIMEOUT` environment variable.
@lzaoral Because |
crungehottman
added a commit
to crungehottman/kobo
that referenced
this pull request
Mar 15, 2024
In release-engineering#169, fatal LoggingThread errors were logged to the worker's local log file before exiting. In release-engineering#248, a more drastic measure was taken: all exceptions were indefinitely retried and the ability to write exceptions to the worker's local log file was removed. This approach could prevent the LoggingThread from terminating when encountering a fatal error. This commit combines the two approaches, backing out and exiting only after determining we've identified a persistent fatal error. The means by which we identify a fatal (vs a temporary/non-fatal) LoggingThread error is by simply retrying the `upload_task_log` method during a defined interval (defined by the LoggingThread's `_timeout` attribute). If the method continues to fail for the duration of the interval (i.e., does not succeed by the time the timeout is reached), we can consider the error to be fatal. At this point, we attempt to instead write the error to the worker's local log file, and raise the exception. Note that the timeout can be toggled using the `KOBO_LOGGING_THREAD_TIMEOUT` environment variable.
crungehottman
added a commit
to crungehottman/kobo
that referenced
this pull request
Mar 15, 2024
In release-engineering#169, fatal LoggingThread errors were logged to the worker's local log file before exiting. In release-engineering#248, a more drastic measure was taken: all exceptions were indefinitely retried and the ability to write exceptions to the worker's local log file was removed. This approach could prevent the LoggingThread from terminating when encountering a fatal error. This commit combines the two approaches, backing out and exiting only after determining we've identified a persistent fatal error. The means by which we identify a fatal (vs a temporary/non-fatal) LoggingThread error is by simply retrying the `upload_task_log` method during a defined interval (defined by the LoggingThread's `_timeout` attribute). If the method continues to fail for the duration of the interval (i.e., does not succeed by the time the timeout is reached), we can consider the error to be fatal. At this point, we attempt to instead write the error to the worker's local log file, and raise the exception. Note that the timeout can be toggled using the `KOBO_LOGGING_THREAD_TIMEOUT` environment variable.
crungehottman
added a commit
to crungehottman/kobo
that referenced
this pull request
Mar 18, 2024
In release-engineering#169, fatal LoggingThread errors were logged to the worker's local log file before exiting. In release-engineering#248, a more drastic measure was taken: all exceptions were indefinitely retried and the ability to write exceptions to the worker's local log file was removed. This approach could prevent the LoggingThread from terminating when encountering a fatal error. This commit combines the two approaches, backing out and exiting only after determining we've identified a persistent fatal error. The means by which we identify a fatal (vs a temporary/non-fatal) LoggingThread error is by simply retrying the `upload_task_log` method during a defined interval (defined by the LoggingThread's `_timeout` attribute). If the method continues to fail for the duration of the interval (i.e., does not succeed by the time the timeout is reached), we can consider the error to be fatal. At this point, we attempt to instead write the error to the worker's local log file, and raise the exception. Note that the timeout can be toggled using the `KOBO_LOGGING_THREAD_TIMEOUT` environment variable.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Previously, LoggingThread would recover from any XML-RPC fault, but would stop when any other type of exception was encountered. That is a problem, as it means the worker will permanently give up sending messages to the hub when all kinds of temporary issues occur (e.g. a temporary network disruption between worker and hub). The task underneath may continue running for hours, with all log messages being discarded.
Given the nature of this thread, it makes more sense to attempt recovering from all kinds of errors, as we should try hard not to lose log messages from a task.
Fixes #60
(This commit is a reimplementation of
#106)