Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 4BEFD200BE4 for ; Wed, 7 Dec 2016 00:29:00 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 4A86C160B2A; Tue, 6 Dec 2016 23:29:00 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 93C01160B1B for ; Wed, 7 Dec 2016 00:28:59 +0100 (CET) Received: (qmail 9660 invoked by uid 500); 6 Dec 2016 23:28:58 -0000 Mailing-List: contact dev-help@zookeeper.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@zookeeper.apache.org Delivered-To: mailing list dev@zookeeper.apache.org Received: (qmail 9638 invoked by uid 99); 6 Dec 2016 23:28:58 -0000 Received: from arcas.apache.org (HELO arcas) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 06 Dec 2016 23:28:58 +0000 Received: from arcas.apache.org (localhost [127.0.0.1]) by arcas (Postfix) with ESMTP id 738C82C03DE for ; Tue, 6 Dec 2016 23:28:58 +0000 (UTC) Date: Tue, 6 Dec 2016 23:28:58 +0000 (UTC) From: "ASF GitHub Bot (JIRA)" To: dev@zookeeper.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (ZOOKEEPER-261) Reinitialized servers should not participate in leader election MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Tue, 06 Dec 2016 23:29:00 -0000 [ https://issues.apache.org/jira/browse/ZOOKEEPER-261?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15727075#comment-15727075 ] ASF GitHub Bot commented on ZOOKEEPER-261: ------------------------------------------ Github user enixon commented on the issue: https://github.com/apache/zookeeper/pull/120 Thanks, @hanm , let's see if editing the correct string into the title suffices or if I need to open up a new PR. > Reinitialized servers should not participate in leader election > --------------------------------------------------------------- > > Key: ZOOKEEPER-261 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-261 > Project: ZooKeeper > Issue Type: Improvement > Components: leaderElection, quorum > Reporter: Benjamin Reed > > A server that has lost its data should not participate in leader election until it has resynced with a leader. Our leader election algorithm and NEW_LEADER commit assumes that the followers voting on a leader have not lost any of their data. We should have a flag in the data directory saying whether or not the data is preserved so that the the flag will be cleared if the data is ever cleared. > Here is the problematic scenario: you have have ensemble of machines A, B, and C. C is down. the last transaction seen by C is z. a transaction, z+1, is committed on A and B. Now there is a power outage. B's data gets reinitialized. when power comes back up, B and C comes up, but A does not. C will be elected leader and transaction z+1 is lost. (note, this can happen even if all three machines are up and C just responds quickly. in that case C would tell A to truncate z+1 from its log.) in theory we haven't violated our 2f+1 guarantee, since A is failed and B still hasn't recovered from failure, but it would be nice if when we don't have quorum that system stops working rather than works incorrectly if we lose quorum. -- This message was sent by Atlassian JIRA (v6.3.4#6332)