Fix to disable worker identity reuse for registration unless in k8s

[lucyge2022]

What changes are proposed in this pull request?

Put back the restriction of reuse worker identity for non-k8s env deployment.

Why are the changes needed?

Worker identity gets reused by wrong deployment behaviors such as copy conf/ over for new worker setup, as opposed to k8s deployment is thru operator / automation, bare metal deployment has no way of prevention, thus putting back the restriction for non-k8s deployment.

Does this PR introduce any user facing changes?

No.

[ssz1997]

Shall we make this property a global one, i.e. K8S_ENV? So that other components, like master, may use it in the future without bringing confusion.

[dbw9580]

include in the exception message the conflicting worker's addresses and the ID

[lucyge2022]

done

[dbw9580]

how is worker ID generated in a Kubernetes deployment? Is there a chance there are actually two live workers with the same ID but different hostnames?

[ssz1997]

There's no special mechanism to generate IDs in k8s, so it's the random string, so theoretically that shouldn't happen.

[dbw9580]

no special mechanism to generate IDs in k8s, so it's the random string

Do you mean that the ID is not explicitly set via any Alluxio configuration properties by the operator or the helm chart, but gets generated at the first time the worker instance is created?

If so, sounds good to me as people rely on the k8s operator or the helm chart to configure new worker instances, rathar than copying Alluxio configs between workers.

[lucyge2022]

If so, sounds good to me as people rely on the k8s operator or the helm chart to configure new worker instances, rathar than copying Alluxio configs between workers.

exactly, after ur worker id changes cluster deployment needs to rely on coordinated workflow. since theres no such thing for bare-metal, we have to safe-guard everything from code point of view.

[dbw9580]

alluxio/dora/core/common/src/main/java/alluxio/membership/EtcdMembershipManager.java

Lines 94 to 95 in 87702fd

	if (existingEntityBytes != null) {
	// It's not me, or not the same me.

alluxio/dora/core/common/src/main/java/alluxio/membership/EtcdMembershipManager.java

Lines 118 to 120 in 87702fd

	} else {
	// If haven't created myself onto the ring before, create now.
	mAlluxioEtcdClient.createForPath(pathOnRing, Optional.of(serializedEntity));

is there a time-of-check to time-of-use race between these lines? Two workers with conflicting IDs may be registering at the same time, and both can happen to see no conflicting records exist on etcd so proceed to register with the ID, accidentally overwriting each other. I assume etcd transaction is not used for registering a worker.

[lucyge2022]

yeah u r right, wasn't using txn coz before ur workerid change, no two workers will have same workernetaddr, which was used as the unique identifier then, to begin with. Will change to txn semantics here, thanks

[lucyge2022]

@dbw9580 can u double check this logics to handle race for me plz?

[lucyge2022]

Shall we make this property a global one, i.e. K8S_ENV? So that other components, like master, may use it in the future without bringing confusion.

done

[alluxio-bot]

Automated checks report:

• PR title follows the conventions: FAIL
  • The title of the PR does not pass all the checks. Please fix the following issues:
    • First word must be capitalized
    • First word of title ("only") is not an imperative verb. Please use one of the valid words
• Commits associated with Github account: PASS

Some checks failed. Please fix the reported issues and reply 'alluxio-bot, check this please' to re-run checks.

[lucyge2022]

alluxio-bot, check this please

[alluxio-bot]

Automated checks report:

• PR title follows the conventions: FAIL
  • The title of the PR does not pass all the checks. Please fix the following issues:
    • Title is too long (73 characters). Must be at most 72 characters.
• Commits associated with Github account: PASS

Some checks failed. Please fix the reported issues and reply 'alluxio-bot, check this please' to re-run checks.

[dbw9580]

LGTM, only have a few small questions. Thanks for the work!

[dbw9580]

would appreciate a comment for etcd outsiders:

Suggested change

	.If(new Cmp(keyToPut, Cmp.Op.EQUAL, CmpTarget.version(0L)))
	// version of a key starts from 1; so version being 0 means
	// the key does not exist (never existed or was deleted).
	.If(new Cmp(keyToPut, Cmp.Op.EQUAL, CmpTarget.version(0L)))

[dbw9580]

what's the difference between version == 0 and createRevision == 0?

[lucyge2022]

'revision' refers to a global number put onto each op for all keys(create/delete), createRevision = revision of the last creation on the key, version = the version of this particular key, if deleted, the version is reset to 0
create /k1 -> /k1 version=1 global revision = 1
create /k2 -> /k2 ... global revision=2
delete /k2 -> /k2 ... global revision=3
modify /k1 -> /k1 version=2 global revision = 4 => /k1 version = 2 createRevision=1
delete /k1 -> /k1 version=0 global revision = 5
create /k1 -> /k1 version=1 global revision = 6 => /k1 version = 1 createRevision=6

[lucyge2022]

done

[jiacheliu3]

i have the feeling that whether we allow worker to reg with the same identity is relevant to whether it's k8s, but k8s is not 100% the decider. In other words, I feel we can have

PropertyKey ON_K8S

and 

PropertyKey WORKER_SAME_IDENTITY_ACTION = ON_K8S ? OVERWRITE : REJECT

[lucyge2022]

actually identity should never be allowed to overwrite, from code side shouldnt even open this can of worm, it should be a deployment effort. k8s property can also be extended for other usage as suggested by @ssz1997

[alluxio-bot]

Automated checks report:

• PR title follows the conventions: PASS
• Commits associated with Github account: PASS

All checks passed!

[lucyge2022]

alluxio-bot, check this please

[alluxio-bot]

Automated checks report:

• PR title follows the conventions: PASS
• Commits associated with Github account: PASS

All checks passed!

[lucyge2022]

alluxio-bot, merge this please.