Add getTxStatus RPC

[eddyashton]

This adds a getTxStatus RPC, replacing the getCommit(N) variant. getCommit now has a single purpose of fetching the current kv version, and the "is this committed" logic is handled in a single place, by the service.

I'm unsure about naming:

• I've used term and commit for consistency with existing RPCs/header names/externally facing things, are we planning to convert all of these to view and index? FWIW, I'm still fond of formalising version = view.index, so I've sprinkled that into the docs.
• What do we call a rolled back transactions? I've gone with LOST, but am open to suggestions.
• Should we add an UNKNOWN (I've never heard of this transaction) state distinct from PENDING (I know it, but I don't know if it is globally committed)? A long time in the UNKNOWN state may indicate that we've had an election but haven't yet reached your index, but this is only a heuristic (not true for partitioned nodes), and introduces possibility of odd response chains (UNKNOWN -> PENDING -> UNKNOWN -> PENDING -> ... -> [COMMITTED|LOST]).

I believe in the current implementation, if you ask a single node, the response will always transition exactly once from PENDING to either COMMITTED or LOST, and will be that way forever. And the transition will be consistent across all nodes - once you've heard COMMITTED, another node may still say PENDING, but can never say LOST (and vice versa). These are things I don't think we've clearly described in the docs, so I've added a note - let me know if it makes sense.

I've also removed the SigHttpRpcTlsClient - its functionality was almost entirely (and now entirely) handled by the base HttpRpcTlsClient.

EDIT - leaving the original description for posterity, but here's a more accurate current state:

• Endpoint is simply /tx (ie /users/tx, /members/tx), as an exemplar of where we want to go with HTTP naming style
• Similarly the transaction ID is given view.seqno. Although we currently use term and commit in response headers/other RPCs, we intend to rename soon.
• There are 4 states: UNKNOWN, PENDING, COMMITTED, and INVALID. Unknown and Pending can be usefully distinguished, and we can report Invalid in some cases I'd missed initially. There's a non-systematic unit test for how we derive this status.

[ccf-bot]

tx_status@7906 aka 20200501.10 vs master ewma over 50 builds from 7390 to 7895

[achamayou]

I suggest we start with #968 with new endpoints, to minimise future disruption to users.

Not sure about LOST, I think ROLLED_BACK is more precise. I believe we'd agreed a commit id was composed of a view and seqno, which is PBFT terminology?

[eddyashton]

I suggest we start with #968 with new endpoints, to minimise future disruption to users.

Not sure about LOST, I think ROLLED_BACK is more precise. I believe we'd agreed a commit id was composed of a view and seqno, which is PBFT terminology?

I was thinking ROLLED_BACK is too Raft-specific, its not really true for PBFT or a general consensus? We don't know if your transaction was partially accepted then rolled back (and the fact we do this in the kv seems like an implementation detail - in standard Raft terminology these 'local commits' are just stored in a pending lost, not applied then rolled back). The general externally visible behaviour is just "this didn't happen".

And we've settled on view/seqno within the code, but all of the external references are still to term/commit. I think we fix that with #968, in a single sweeping change. Unsure if its preferable for this RPC to be consistent with others, or in its final form already? Same point applies to removing the get prefix - we could make this inconsistent early, if we choose txStatus vs tx_status - but I think its easier to describe if it stays consistent?

[achamayou]

@eddyashton there's a tradeoff between consistency and user-pain here. If we start making the new endpoints from this one onwards correct, users who rely on those won't have to update the code that deals with it. If we go for consistency, we're making more work for ourselves and for users, in return for slightly less surprise across RPCs.

I would prefer to go straight for the end state here, and to add an OpenAPI schema for this, but I'd happy to hear everyone's opinion about this too.

Lost to me sounds like Rolled back but worse, it's an acknowledgement it existed, but then it was misplaced. I do agree that rolled back isn't quite right either.

[achamayou]

How about:

[ REPLICATING | UNKNOWN ] -> [ COMMITTED | WONT_COMMIT | UNKNOWN ]

[eddyashton]

How about:

[ REPLICATING | UNKNOWN ] -> [ COMMITTED | WONT_COMMIT | UNKNOWN ]

UNKNOWN is definitely growing on me. Don't think its safe/worth it to distinguish REPLICATING and UNKNOWN. WONT_COMMIT sounds a little too much like a choice. Maybe UNKNOWN -> [ COMMITTED | NOT_COMMITTED ]? (This may look like a bikeshed, but it houses the emergency generator)

[olgavrou]

NOT_COMMITTED may imply that the transaction is not committed yet, but it might get committed in the future. Another option is REJECTED which clearly states the transaction state.

[olgavrou]

I know we are not removing all the mentions to globally committed just yet, but I think that in the description of the statuses it is a bit confusing. I would say globally replicated, replicated to enough nodes to make the transaction durable, or something similar

[olgavrou]

I'd suggest to remove globally committed from this paragraph too and just leave it as committed

[achamayou]

That’s... a submarine TODO? I would suggest updating the headers ticket instead.

[achamayou]

I thought we were changing those to seqno/view? Next time then.