The design doc and CEP currently pass on blocklisting / denylisting writes at this time. In the proposed new patch it states: "Note: We do not want to blacklist writes since it is the reads that primarily impact the performance when reading a bad partition, and we may want writes to be allowed to “fix” a bad partition. We could revisit this in the future"
In situations where you have an air gap between database ops and application access (ops <> application teams, or more autonomous application access patterns, self-service, etc), you can easily get into a situation where you have either a pathological client hammering writes to a specific partition causing impact to other clients or in the worst case, the replica set, or unbounded partition growth that again leads to performance degradation or replica set unavailability. The tradeoff there becomes "do we interrupt the application's ability to write to this partition now, or do we instead defer and risk losing access to *all* partitions on this replica set and still interrupt their access eventually anyway?" Given this, I strongly advocate for support of denylisting both reads *and* writes on these grounds; operators need another tool in their toolbox to deal with situations where specific partition writing has wider negative impacts on the replicas. Acknowledging of course that there was extensive discussion on this back in 2018, and that would have been a *great* time to engage in the discussion. =/ Good thing we have this new CEP process! :) Curious what you think about this perspective Sumanth. ~Josh On Tue, Aug 17, 2021 at 2:04 PM Joshua McKenzie <jmcken...@apache.org> wrote: > Certainly. I'll take on distilling a high level view of the feature from > what Jon and I are working on to bring to this discussion. > > > On Tue, Aug 17, 2021 at 1:40 PM Sumanth Pasupuleti < > sumanth.pasupuleti...@gmail.com> wrote: > >> +1 to collaborating on the patch, Josh. My 2 cents would be to continue to >> pursue this CEP in the community through Discuss and Vote phases and then >> invest further on the patch (based on the Vote phase outcome), so we can >> reflect any additional feedback we may gather from the community through >> this CEP. >> >> Thanks, >> Sumanth >> >> On Tue, Aug 17, 2021 at 10:13 AM Joshua McKenzie <jmcken...@apache.org> >> wrote: >> >> > Sumanth, >> > >> > Jon Meredith and I are recently working on an OSS patch of one of those >> "ad >> > hoc" implementations of this feature that's been running at scale for >> > awhile like Jirsa mentioned; sorry for not catching the discussion on >> > https://issues.apache.org/jira/browse/CASSANDRA-12106 and engaging >> > earlier! >> > >> > I believe I can have a tidied up patch on 4.0 of this by early next >> week - >> > then we can look at the two implementations and take best of both. What >> do >> > you think? >> > >> > ~Josh >> > >> > On Mon, Aug 16, 2021 at 2:14 PM Sumanth Pasupuleti < >> > sumanth.pasupuleti...@gmail.com> wrote: >> > >> > > Starting a discussion thread for CEP-13 >> > > >> > > >> > >> https://cwiki.apache.org/confluence/display/CASSANDRA/CEP-13%3A+Denylisting+partitions >> > > >> > > This CEP proposes adding a new feature to Cassandra to be able to >> > denylist >> > > partitions. >> > > >> > > Looking forward to any feedback/ thoughts. >> > > >> > > Thanks, >> > > Sumanth >> > > >> > >> >
