[
https://issues.apache.org/jira/browse/FLINK-27681?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17796843#comment-17796843
]
Piotr Nowojski commented on FLINK-27681:
----------------------------------------
I could help reviewing and generally speaking support this effort, including
discussions around the FLIP (this change would have to modify `FileSystem` API
- DFS has to support in someway checksum verification). The general plan should
be:
# Someone would have to investigate what's possible without modification of
RocksDB, and works at least with S3. Some tests against S3 and raw benchmarks
without using Flink would be needed. For example a simple standalone Java app,
uploading the a while verifying the checksum at the same time. Definitely
people will be asking what about other DFSs. It would be nice to do a research
with Azure/GCP also (might be just looking into the docs without testing).
# Create a FLIP. Ideally already with this zero-overhead solution. But if
RocksDB would be problematic, something that's already designed with the
zero-overhead in ming for the long term, and some intermediate temporary
solution would be probably also fine.
> Improve the availability of Flink when the RocksDB file is corrupted.
> ---------------------------------------------------------------------
>
> Key: FLINK-27681
> URL: https://issues.apache.org/jira/browse/FLINK-27681
> Project: Flink
> Issue Type: Improvement
> Components: Runtime / State Backends
> Reporter: Ming Li
> Assignee: Yue Ma
> Priority: Critical
> Labels: pull-request-available
> Attachments: image-2023-08-23-15-06-16-717.png
>
>
> We have encountered several times when the RocksDB checksum does not match or
> the block verification fails when the job is restored. The reason for this
> situation is generally that there are some problems with the machine where
> the task is located, which causes the files uploaded to HDFS to be incorrect,
> but it has been a long time (a dozen minutes to half an hour) when we found
> this problem. I'm not sure if anyone else has had a similar problem.
> Since this file is referenced by incremental checkpoints for a long time,
> when the maximum number of checkpoints reserved is exceeded, we can only use
> this file until it is no longer referenced. When the job failed, it cannot be
> recovered.
> Therefore we consider:
> 1. Can RocksDB periodically check whether all files are correct and find the
> problem in time?
> 2. Can Flink automatically roll back to the previous checkpoint when there is
> a problem with the checkpoint data, because even with manual intervention, it
> just tries to recover from the existing checkpoint or discard the entire
> state.
> 3. Can we increase the maximum number of references to a file based on the
> maximum number of checkpoints reserved? When the number of references exceeds
> the maximum number of checkpoints -1, the Task side is required to upload a
> new file for this reference. Not sure if this way will ensure that the new
> file we upload will be correct.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
